The Healthcare Blocks platform performs a weekly malware scan of every virtual machine using the following tools:

  • ClamAV
  • Linux Malware Detect
  • Rootkit Hunter

Malware signatures are updated before scans are executed.

The process is centrally managed in order to provide the Healthcare Blocks SecOps team with enhanced auditing and troubleshooting capabilities. Any detected malware or scan errors are escalated to an internal Slack channel monitored by Healthcare Blocks for further investigation. If necessary, the Healthcare Blocks SecOps team will contact the customer during its analysis.

Malware scans are resource intensive and can degrade system performance, notably on smaller virtual machines, hence the reason these scans are scheduled for weekends. If you'd like to switch to a daily scan, please create a support ticket.  

As of September 1, 2019, customers can retrieve scan logs from their S3 audit logs bucket in a subfolder named malware_scans. Please create a help desk ticket for assistance.