Virus scanning on the binary API endpoint

soeren.krueger · March 6, 2023, 11:28am

What product/components do you use and which version/fix level are you on?

Cumulocity API 10.15

Is your question related to the free trial, or to a production (customer) instance?

Production instance

What are you trying to achieve? Please describe it in detail.

The binary endpoint (/inventory/binaries) currently allows uploading and downloading the EICAR test file.

Do you have some kind of virus scanning available to either prevent clients from downloading infected files or prevent them from being saved to the database in the first place?

Another solution would be that we restrict the upload endpoint altogether and handle uploads via a microservice, but I wanted to confirm the capabilities of the Cumulocity API first.

Thanks in advance!

Robert_Neale · March 22, 2023, 11:00am

The upload and download of binaries to and from cumulocity does not include scanning the file in any way.
Research was done some time ago into this on behalf of a particular customer, and found to be possible, but the customer decided not to go ahead with the implementation.

system · September 18, 2023, 11:01am

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.