Does Microsoft Defender for Storage periodically scan files in Azure Files file shares?

Question

Files are stored in a file share in Azure Files within a Storage Account where Microsoft Defender for Storage has been enabled. It is understood that On-upload and On-demand malware scanning are not supported, but is there a periodic scanning of files?

The documentation mentions that Hash Reputation Analysis can detect potential malware in Azure files but states it does not support SMB file shares. Since Azure Files only supports creating file shares that utilize SMB, is this feature supported or not? https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction

The file share is mounted on an App Service, and files are uploaded/downloaded through this.

Answer 1

Hi Joshua Watson-Evans ,

Microsoft Defender for Storage does not support periodic scanning of files in Azure Files file shares. The available scanning options are on-upload and on-demand malware scanning, which are not applicable to Azure Files file shares

Regarding Hash Reputation Analysis, it is indeed used to detect potential malware in Azure Files by comparing hash values with known malware from Microsoft Threat Intelligence, this feature does not support SMB file shares

Since Azure Files only supports SMB file shares, Hash Reputation Analysis is not applicable in this scenario

For more information :
https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-configure-malware-scan

https://techcommunity.microsoft.com/discussions/microsoftdefendercloud/limitations-of-hash-reputation-analysis/3475943

Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members. 

If you have any other questions or are still running into more issues, let me know in the "comments" and I would be happy to help you.