Virus Scanning Uploaded files from Azure Web/Worker Role

Question

We are designing an Azure Website which will allow users to Upload content(MP4,Docx...MSOffice Files) which can then be accessed.

Some video content we will encode to provide several differing quality formats, before it will be streamed (using Azure Media Services).

We need to add an intermediate step so we can scan uploaded files for potential virus risk. Is there functionality built into azure (or third party) which will allow us to call an API to scan content before processing it? We are ideally looking for an API rather than just a background service on a VM, so we can get feedback potentially for use in a web or worker role.

Had a quick look at Symantec Endpoint and Windows Defender but not sure these offer an API

Answer 1

We have the same issue and the same use case. End customers uploading multiple files to our website, regular extensions - images, doc/docx, xls/xlsx, pdf - and they need to be scanned on the fly, and then the user pays and we send out the whole package of information on. We need to scan and flatten them to remove things like macros.

We are actively looking for a solution.

How did you solve your use case?

Also, another pointer, other than the scan we need to flatten the file, CDR - Deep Content Disarm, and Reconstruction as they call it in OPSWAT.

Meaning that macro inside the excel that uploaded to the cloud can run a cmd line destroying the server, so it needs to be removed prior to the file being inserted into the storage blob.

We found Metadefender but it doesn't fit. Adding for others to know. - Seems that the Cloud API scan is quick but the CDR takes about a minute and it is limited per day upload of files so it is not fit.

As per Metadefender Core seems it is very costly for it's about 3000$ annually for 8 engines with 83% rate of virus discovery and it needs Azure VM that costs additional 160$ at least(checked for 4 CPU cores and not 8)

I just wish there was a plugin for storage blob to do that easily and return why the file is deleted if any threat is detected back to our app service.