Share via

Does Microsoft Defender for Storage scan files in a file share?

JWE Admin 0 Reputation points
2025-03-10T11:04:24.37+00:00

I have files in a file share in Azure Files in a Storage Account. On the account I have enabled Microsoft Defender for Storage.

I understand that this does not support On-upload malware scanning or On-demand malware scanning but does it still scan the files periodically?

This article says that Hash Reputation Analysis detects potential malware in Azure files but doesn't support SMB files shares. In Azure Files all i can do is create file shares which support SMB, so is it or isn't it supported?
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,382 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Amira Bedhiafi 29,711 Reputation points
    2025-03-12T15:08:27.2633333+00:00

    Microsoft Defender for Storage does not support malware scanning for files stored in Azure Files shares. Both on-upload and on-demand malware scanning capabilities are currently limited to Azure Blob Storage and do not extend to Azure Files.

    Regarding hash reputation analysis, this feature is also not applicable to Azure Files shares accessed via the SMB protocol. Therefore, Defender for Storage does not perform periodic or real-time malware scans on files within Azure Files shares.

    To protect data stored in Azure Files shares, consider implementing alternative security measures, such as using antivirus solutions on the client machines accessing the shares or integrating third-party security tools that support scanning of SMB file shares.https://www.reddit.com/r/AZURE/comments/1ge0af6/defender_for_storage_malware_scanning_on_file/

    https://learn.microsoft.com/en-us/azure/defender-for-cloud/introduction-malware-scanning

    https://www.youtube.com/watch?v=DyZBqphTNrk

    0 comments
  2. Keshavulu Dasari 4,110 Reputation points Microsoft External Staff
    2025-03-12T18:28:29.8833333+00:00

    Hi JWE Admin,

    Adding more information to the above response! Thanks for raising this good question.

    Microsoft Defender for Storage does not support periodic scanning of files in Azure Files shares. The primary scanning methods available are on-upload and on-demand malware scanning, which are not applicable to SMB file shares

    Regarding Hash Reputation Analysis, it indeed detects potential malware in Azure Files but does not support SMB file shares

    This means that while you can create file shares in Azure Files that support SMB, the hash reputation analysis feature will not be applicable to those shares.

    https://techcommunity.microsoft.com/discussions/microsoftdefendercloud/limitations-of-hash-reputation-analysis/3475943

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.
    User's image

    If you have any other questions or are still running into more issues, let me know in the "comments" and I would be glad to assist you

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.