Views:

Applies to Product - Power Pages


What’s happening?
Customers are seeking options for scanning documents for malware before they are uploaded to Power Pages, specifically looking for alternatives to Azure Blob storage.


Reason:
The underlying cause is the need for a solution to protect against malicious documents being uploaded to Dataverse or SharePoint through Power Pages.


Resolution:
For malware scanning of documents uploaded to Power Pages, utilize Microsoft Defender for Storage, which offers:

  1. On-upload malware scanning: This scans documents automatically when they are uploaded or modified, providing near real-time detection.
  2. On-demand malware scanning: This allows for scanning existing documents whenever necessary, suitable for incident response and compliance.
If scanning documents before upload is required, consider implementing a custom solution using Power Automate:
  1. Trigger a flow when a user attempts to upload a file.
  2. Send the file to Microsoft Defender API for scanning.
  3. If flagged as malicious, prevent the upload and notify the user.
  4. If deemed safe, allow the upload to proceed.
  5. For further details, refer to the Microsoft documentation on Defender for Storage and its scanning capabilities.