Introducing Malwarebytes Cloud Storage Scanning: How to scan for malware in cloud file storage repositories
We’re excited to announce Malwarebytes Cloud Storage Scanning, a new service that extends Nebula malware scanning options to include files stored on cloud storage repositories that are part of your organization’s digital ecosystem.
Today, the service supports scanning of files under 100Mb in size that reside on Box.com or on Microsoft’s OneDrive, and will extend to other popular file storage solutions in the coming quarters.
Malwarebytes Cloud Storage Scanning uses multiple anti-malware engines, using a combination of signatures, heuristics and machine learning to increase detection rates, decrease detection times and provide a comprehensive view to monitor and protect the health of all your enterprise data.
Let’s dive in on how to make a scan!
Scanning for cloud malware
In Nebula, go to “Settings” and click “Cloud Storage Scans”. Here you can see existing scans and the providers being checked. Click “Add a Scan” to create a new scan.
Under “Settings”, name the scan and then select your cloud data storage provider.
Enter the configuration details from the storage provider to select and validate your account. To initially check all existing files for malware, do not check this box and configure a scheduled or on-demand scan. In order to connect to your provider, you will need to provide a Tenant ID, Client ID and Client Secret.
If you select “Continuous scan”, Malwarebytes will only check for new and updated files from this point forward.
Click “Connect to provider” to provide access to your cloud storage location.
Once you see a success message, go to “Items to scan” to select the users or folders to scan. You can scan folders and the sub-folders.
If you have not selected continuous scan, go to “Scan frequency” to determine the cadence. Note that with scheduled scans, you will be scanning the contents of the selected folder(s) each time versus a continuous scan that only scans the changes.
Scans can be scheduled daily, weekly or monthly. Select “Scan now” for a one-time scan to occur immediately. Save for the scan to take effect and begin running on the cadence you chose.
In this example, we have a one time scan for existing malware in the folder and a continuous scan for future changes.
Review the results of scans with “Storage detections” on the left-side navigation bar.
Here you can see a list of all detections from any cloud storage location. You can sort by “Threat name”:
Filter by cloud provider:
And “Add/Remove Columns”:
A report is also available to send a list of detections via email. Navigate to the “Reports” section on the nav bar:
Click “Cloud Storage Detections Summary”. You’ll be prompted with a window to configure the report.
As you can see, the report was delivered to our email below!
An additional layer of security
While integrated cloud malware detection solutions (e.g. BoxShield for Box.com; MS Defender for OneDrive) can be useful, many businesses use multiple different cloud storage repositories, and due to lack of integration options, are unable to get a centralized view of all of their scan results, across multiple repositories, in a single security-focused pane of glass.
Malwarebytes Cloud Storage Scanning is easy and quick to deploy, centrally managed, and is seamlessly integrated with other Malwarebytes products and services that provide cloud security best practices.
Interested in reading about real-life examples of cloud malware mitigation? Read the case study of how a business used Malwarebytes to help eliminate cloud-based threats.