Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Implement "Anti Virus" (Anti Maleware) scans in AEM Cloud Service (AEMaaCS) - "Anti-Malware as a Cloud Service"

Avatar

Avatar
Boost 5
Employee
Robert_Wunsch
Employee

Likes

5 likes

Total Posts

5 posts

Correct Reply

0 solutions
Top badges earned
Boost 5
Contributor
Shape 1
Give Back 3
Give Back
View profile

Avatar
Boost 5
Employee
Robert_Wunsch
Employee

Likes

5 likes

Total Posts

5 posts

Correct Reply

0 solutions
Top badges earned
Boost 5
Contributor
Shape 1
Give Back 3
Give Back
View profile
Robert_Wunsch
Employee

27-04-2021

Request for Feature Enhancement (RFE) Summary:

Enterprise level applications with the option to be able to upload binaries require anti-malware protection. Also, most enterprise policies require "Anti-malware" to be implemented to be compliant.


AEM does not provide any means of Anti-Virus OOTB, but there are solutions which can be used in "on-premise" and AMS (managed Service) scenarios.

However, in AEMaaCS (Cloud Service) there is no option, and no way to create a "customization" to be able to implement anti-virus/malware-protection.

 

In the AdaptTo()-2020 several ways to implement "Anti-Malware in AEM" were proposed [0][2].

 

The solution by Oliver Lietz (Sling Contributor) has the charm, that the malware scanning would be implemented on SLING level using SlingJobs (which would work across the Author Cluster in AEMaaCS), with a "CloudService" which is used to scan the binaries outside of the AEM instances - which seems to be compatible with AEMaaCS and it's Cloud-Services (Cloud-Blob-Store, Asset Microservices etc, ... ) .

This solution, if implemented, could likely use a very scaleable "Anti-Malware scanning Backend" within "Containerization", which would be massively scalable, and though HTTP-requests very loosely oupled to AEM.


[0] https://adapt.to/2020/en/schedule/scanning-for-malware-in-apache-sling-and-aem.html 

[1] https://github.com/apache/sling-org-apache-sling-clam 

[2] https://adapt.to/2020/en/schedule/aem-virus-scan.html 

Use-case: Cloud-based "OOTB Anti-Maleware Scanning as a Service" in AEM Cloud Service (similar to "Asset Microservice").
Each larger customer is required to have "Anti-Malware-protection/scanning" for compliance as well as to be save to deliver "assets" to customers and users.
Current/Experienced Behavior: NO solution to scan for Malware is available on AEM Cloud Service (AEMaaCS) - neither OOTB nor custom!
Improved/Expected Behavior: AEM Cloud Service should can each binary (and possibly strings) for malware - best as "Service within AEM Cloud Service".
Environment Details (AEM version/service pack, any other specifics if applicable): AEM Could Service
Customer-name/Organization name: Many Cloud Service customers (really, many!) 
Screenshot (if applicable):  
Code package (if applicable):  
AEM aemaacs anti-virus antivirus cloud
1 Comment

Avatar

Avatar
Contributor
Employee
hamidk92094312
Employee

Likes

102 likes

Total Posts

240 posts

Correct Reply

38 solutions
Top badges earned
Contributor
Shape 1
Ignite 1
Give Back 50
Give Back 5
View profile

Avatar
Contributor
Employee
hamidk92094312
Employee

Likes

102 likes

Total Posts

240 posts

Correct Reply

38 solutions
Top badges earned
Contributor
Shape 1
Ignite 1
Give Back 50
Give Back 5
View profile
hamidk92094312
Employee

07-05-2021

Hi @Robert_Wunsch 

This request has been raised to the product team via the Jira GRANITE-34516. The product team will triage this request to verify feasibility based on prioritization model. This post will be updated according to the Jira request status.

Status changed to: Investigating