Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Sathis Anarudhan (SathisA3)
Evonsys
Associate Architect - IT Infrastructure Services
Evonsys
LK
SathisA3 Member since 2020 2 posts
Evonsys
Posted: Oct 18, 2022
Last activity: Oct 18, 2022
Posted: 18 Oct 2022 12:01 EDT
Last activity: 18 Oct 2022 12:19 EDT
Closed

Prevent Malicious FIle upload

Hi All !

We have a requirement to block malicious file attachments uploaded via Add Attachments / Uploading Files.

Can anyone suggest any approach or provide some pointers to achieve this?

 

Thanks in advance!


***Edited by Moderator Marije to add Capability tags***
To see attachments, please log in.
Pega Platform 8.7
Security
Case Management
Financial Services
Cross-Industry
System/Cloud Ops Administrator

Posted: 2 years ago
Posted: 18 Oct 2022 12:06 EDT
Srinivas Bharat Komarina (KOMARINA)
Accenture
Senior System Architect
Accenture
GB

@SathisA3 Hi, Greetings. There is no easy way for this other than using a virus scanner. If application is hosted in Pega Cloud, Pega already has Virus scanner installed so that won't be a problem, if it is client-cloud or on-premise we need to install this. Other than this one can have validation on extensions plus file content. We can determine what the file is based on the magic numbers. The first few bytes of a file contain a “magic number” which is a key to the file type, however this alone will not work, you need to have the virus scanner.

Regards,

Bharat

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice