We’re excited to announce quarantine for Malwarebytes Cloud Storage Scanning (CSS), a new feature which allows you to automatically quarantine threats found in your cloud storage repositories.
Malwarebytes Cloud Storage Scanning is an add-on service in Nebula that scans for malware on cloud storage repositories across supported cloud storage providers, using multiple anti-malware engines to monitor and protect the health of all your enterprise data.
By toggling on Enable Quarantine toggle in the Cloud Storage Scan configuration, malicious files are automatically quarantined to the configured folder. You can manage these detections from the Storage Quarantine page. For more information, see Manage Cloud Storage Scanning quarantine in Nebula.
Let’s dive to learn more about how quarantine for Cloud Storage Scanning works.
Configuring quarantine in a new Cloud Storage Scan
In Nebula, go to “Settings” and click “Cloud Storage Scans”. Here you can see existing scans and the providers being checked. Click “Add a Scan” to create a new scan. For our full article on how to configure Cloud Storage Scans in Nebula, check our previous blog post.
In the Quarantine tab, toggle Enable Quarantine on to automatically move detected malware to a selected user’s storage.
Select a user to transfer all quarantined files to. A quarantine folder will be created in their cloud storage location.
Quarantined files will no longer be accessible to original owners, collaborators, or others with access.
Select the default tombstone message or customize it. A tombstone file is created and replaces the original file when it is quarantined. The tombstone file is designed to provide information or instructions for users.
Manage Cloud Storage Scanning quarantine in Nebula
The Cloud Storage Quarantine page displays quarantined files from your cloud storage providers and allows you to manage them. Review the files detected by Cloud Storage Scans and moved to quarantine here.
If the file is a false positive, select it and go to Actions > Restore. This will place the file back in its original location.
To delete the file from quarantine, go to Actions > Delete. The file is sent to the administrator's trash in the cloud storage provider.
Reduce risk from cloud-based malware, without slowing down your business.
Malwarebytes Cloud Storage Scanning (CSS) service enables Malwarebytes IR/EP/EDR customers to use our cloud-native Nebula console to detect (and now quarantine) threats across multi-vendor cloud storage repositories, such as Box and OneDrive.
With Malwarebytes CSS, customers gain centralized visibility across cloud storage repositories and the ability to generate reports to confirm the security of their cloud-stored data.
Learn more about CSS: https://www.malwarebytes.com/business/cloud-storage-scanning