Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 12197 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Scanning malware embedded in XML content

vpyyluom

Any way to accomplish this? As we know, containers like ZIP are easy peasy. Content will get scanned without issues (provided no encryption is used). But what about more complicated container files, such as and specifically XML? Does Sophos have any kind of a position on this issue?

:54719


This thread was automatically locked due to age.
Parents
  • 0

    The use case at hand is a file transfer service that passes XML data between various parties. Sure it could be argued that there is no immediate risk of infection as long as malware remains embedded inside an XML, however that same argument could be made for email just the same. Yet we take it for granted nowadays that email is scanned for malware in email servers, as well. Defense in depth, and all of that. Having the XML content scanned before delivery to recipient would be an added value service that some might find trivial but that would provide definite value to the recipient no matter what.

    :54749
Reply
  • 0

    The use case at hand is a file transfer service that passes XML data between various parties. Sure it could be argued that there is no immediate risk of infection as long as malware remains embedded inside an XML, however that same argument could be made for email just the same. Yet we take it for granted nowadays that email is scanned for malware in email servers, as well. Defense in depth, and all of that. Having the XML content scanned before delivery to recipient would be an added value service that some might find trivial but that would provide definite value to the recipient no matter what.

    :54749
Children
No Data