Malware scanning is a critical component for strengthening cybersecurity defences and creating a resilient digital environment. Malware scanners operate by checking files against a database of known threats, flagging any suspicious or harmful files for review or removal. They also employ heuristic analysis to identify, isolate and analyze files that don’t match known virus definitions but exhibit characteristics of malware, resulting in faster detection and more efficient security protection.

The malicious file scanner identifies and quarantines any suspicious files, such as Trojans. The files are then analyzed to determine their status. If the threat is determined to be not harmful, the user is notified and can choose to trust or remove the file. If the file is found to be harmful, it’s placed in a Sandbox where it can be closely analyzed without harming other files or the system.

Malicious File Scanner: Identify and Eliminate Threats

Files are scanned when they’re uploaded to spaces owned by your organization, including group and one-on-one spaces with external users. The scanning engine uses a combination of Deep Scan, Reputation Scan and heuristic analysis to detect malware. It also updates its malware signatures regularly to improve detection accuracy over time.

You can use the alert details page to view and manage scan results. For example, you can view the alert summary and the full risk score for a detected file and its related activities. You can also create a custom view to monitor specific alerts and activities. For example, you can configure an Alert Rule to notify you when certain files meet the criteria you specify. You can also export security alerts to an SIEM system using the Microsoft Sentinel connector or another SIEM of your choice.