Malware scanning for S3 bucket

[k-e-r-n-e-l-p-a-n-i-c]

Hello Team,

We were trying to implement security best practices in our platform that is integrated with OVH managed S3 object store. As a part of this , it would be really helpful to have a feature that scans incoming objects for malware and performs a quarantine action. Since our platform mainly deals with machine learning datasets that are publicly available, we would like to have a control measure in place to detect and remove any malware affected files.

Can you please consider this as a feature request for future releases? Thanks.

[lason-ovh]

Hi, thanks for sharing your concerns with us as we will take them into account in our exploration.

However, we must remind our customers that security is a shared responsibility: we, at OVH, are responsible of the security OF the cloud (the infra, the network, the provided services, ...etc) and customers are responsible of the security IN the cloud (client data, instance patching, ...etc) therefore, ensuring data does not contain malwares should be the customer's responsibility and ensuring the data is properly stored and secured is the responsibility of OVH.

[lason-ovh]

OVH S3 Object storage does not have NATIVE antivirus/malware scanning capabilities nor do we plan to implement them. As stated above, customers are responsible of the data that they upload.

However, if the data you store are docker images, our managed container registry (based on Harbor) can do automatic vulnerabilities scanning and detection (https://goharbor.io/docs/2.5.0/administration/vulnerability-scanning/schedule-scans/)

Finally, you could take a look at our OVH marketplace where you can find malware/ransomware detection tools you can use and integrate in your workflow: https://marketplace.ovhcloud.com/p/nucleon-malprob-detection-malware-ransomware