The Healthcare Blocks platform performs a daily malware scan of every virtual machine using the following tools:
- ClamAV
- Rootkit Hunter
Malware signatures are updated before scans are executed.
The process is centrally managed in order to provide the Healthcare Blocks SecOps team with enhanced auditing and troubleshooting capabilities. Any detected malware or scan errors are escalated to an internal Slack channel monitored by Healthcare Blocks for further investigation. If necessary, the Healthcare Blocks SecOps team will contact the customer during its analysis.
As of September 1, 2019, customers can retrieve scan logs from their S3 audit logs bucket in a subfolder named malware_scans. Please create a help desk ticket for assistance.