Antivirus for S3 buckets

Available in the AWS Marketplace

Scan all your S3 buckets for trojans, viruses, and malware.

Deep AWS Integrations

Deep AWS integrations

Fast

Fast

Full Visibility

Full visibility

Auto Scaling

Scalable

Delete infected files

Delete infected files

Tag files with scan result

Tag files with scan result

Works with many buckets

Works with multiple S3 buckets

Always up-to-date

Always up-to-date

Powered by ClamAV

Powered by ClamAV®

CloudWatch Integration

Amazon CloudWatch is the central place to collect metrics and logs. Our dashboard provides you full visibility into your S3 VirusScan installation.

You can also subscribe to the raw scan results in real-time via Amazon SNS.

CloudWatch Integration
Absolute security

Security Hub Integration

AWS Security Hub collects information about security and compliance. Infected files show up as security findings in your security hub.

By default, infected files are not only reported but also deleted for strong security. You can change these defaults.

SSM OpsCenter Integration

AWS Systems Manager OpsCenter provides a central location where operations engineers and IT professionals can view and investigate infected files.

Choose between a CloudWatch dashboard, Security Hub, and OpsCenter.

SSM OpsCenter Integration

Available in the AWS Marketplace

Need help? Send us an email

Setup Guide

1. Subscribe to the product in AWS Marketplace

Go to the AWS Marketplace. Click on Continue to Subscribe.

Step 1

Click on Accept Terms.

Step 2

The subscription is now Pending.

Step 3

Wait until the subscription is active and click on Continue to Configuration.

Step 4

The Region you select must match with the region of your S3 buckets. If you use S3 buckets in multiple regions, repeat the setup for each region. Click on Continue to Launch.

Step 5

Click on Launch.

Step 6

You are redirected to CloudFormation. Click on Next.

Step 7

Set a Stack name (e.g., s3-virusscan).

Step 8

Under EC2 Parameters, set the KeyName to an EC2 Key Pair.

Step 9

Scroll to the bottom of the page and click on Next.

Step 10

Scroll to the bottom of the page and click on Next.

Step 11

Scroll to the bottom of the page, enable I acknowledge that AWS CloudFormation might create IAM resources and click on Create.

Step 12

The stack status is CREATE_IN_PROGRES. Reload the table from time to time and ...

Step 13

... wait until the CloudFormation stack status switches to CREATE_COMPLETE.

Step 14

You can continue to configure your S3 buckets.

2. Configure your S3 buckets

In the AWS S3 Management Console, click on the bucket you want to connect to S3 VirusScan. Make sure the bucket's region matches the S3 VirusScan region.

Step 1

Click on the Properties tab.

Step 2

Scroll down to the Advanced Settings and click on Events.

Step 3

Click on Add notification.

Step 4

Set a Name (e.g., s3-virusscan), select the All objects create events, and set Send to SQS Queue. Select the SQS queue that has ScanQueue in the name (NOT DealLetterQueue). Click on Save.

Step 5

Done! Do you need a harmless test virus? Create a text file with the following content (aka the EICAR test file:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Upload the test file to your S3 bucket. Within a few seconds, the file is deleted.

Now, upload a normal file and select it. Click on Properties.

Step 6

Click on Tags.

Step 7

Within a few seconds, the s3-virusscan tag is added with the scan result (reload the page if needed).

Step 8

That's it. From now on, each file that gets uploaded to your S3 bucket is scanned for trojans, viruses, and malware automatically. Check out the CloudWatch Dashboard for full visibility into S3 VirusScan.

Need help? Send us an email

End User License Agreement

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Open Source Software used in the product

widdix/aws-s3-virusscan Apache Software License 2.0
aws/aws-sdk-ruby Apache Software License 2.0
thuehlinger/daemons MIT
rubysl/rubysl-securerandom Custom
ClamAV GPLv2