Malware scan on uploaded files

Hello,

I am uploading some files to Camunda as process variables and I would like to check them for malware before storing them in my database.

Is there a way of doing this with Camunda or is there a best practice that I can follow?

Hi @jdmbg and welcome to the Camunda Cloud forums!

Note that there is a difference between Camunda Platform and Camunda Cloud. If your question is related to Camunda Platform, please have a look at their forums here: https://forum.camunda.org/

If your question is related to Camunda Cloud, then I’d recommend storing the files somewhere else and use a reference to the file as process variable. Zeebe (Camunda Cloud’s engine) has variable size limitations and larger variables will generally reduce performance. For the best results, we therefore recommend not using Camunda Cloud as data storage, but for process orchestration.

In your use case, this would mean storing the file in some ‘safe’ location/database and passing a reference to the file along as process variable. A job worker that should check the file for malware, can then retrieve the file using the reference, check the file for malware and complete the job with a result variable (e.g. clean file or malware detected) which you can use in the rest of your process to model what should happen afterwards.

Hope this helps.

Hello @korthout,

my question was indeed about the Camunda Platform.
Thanks for pointing that out and giving me the link to the correct forum.

Sorry for the inconvenience.

1 Like