File Scanning
How real-time file scanning works in bowbridge Anti-Virus for Salesforce
Overview
Every file uploaded to or downloaded from your org is automatically scanned for viruses, malware, and policy violations.
Legacy Salesforce Attachments are fully supported.
How It Works
- A file is uploaded or downloaded
- bowbridge intercepts the file and identifies the user's Protection Profile
- The file is sent to the external scan cluster for analysis
- Based on the result, the file is allowed through or blocked and quarantined
- The scan is logged in the Reporting tab
Scan Results
| Result | Action |
|---|---|
| Clean | File passes through normally |
| Malicious | File blocked and quarantined |
| Policy violation | File blocked based on configured rules |
| Scan error | Error logged, admin notified |
Quarantine
When a file is blocked, it is moved to quarantine and inaccessible to users. Administrators can review and release quarantined files in two ways: from the Reporting tab, or from the Dashboard by clicking the blocked files detail view, which automatically filters the log to quarantined files only. If the Replace File setting is enabled, the blocked file content is replaced with a harmless placeholder so users understand why the file is unavailable.
Bulk Scanning (Scan All Files)
The Scan All Files feature allows you to perform an initial or periodic scan of existing files across your entire organization.
You must have the Query All Files standard permission assigned to your user to discover and scan files beyond those you explicitly own or have access to.
Filtering and Execution
Navigate to Settings and select File Scan to locate the Scan All Files tool. You can filter the files included in the scan to ensure optimal performance.
- Date Range: Select Uploaded From and Uploaded Until dates.
- Limits: Use Max Files to Scan to cap the total files processed. Older files within the date range are scanned first when the limit is reached.
- Inclusions: By default the engine skips files that were already scanned. You can optionally disable this or toggle scanning of old legacy attachments.
You can launch the scan immediately or schedule it for a future date and time. Progress is shown in real time, detailing batches processed and any encountered errors.
Configuration
| Area | What to configure | Reference |
|---|---|---|
| Scan triggers, threat action, file replacement | When to scan, what to do on detection | File Scan Settings |
| Scan engine behavior, archive handling, timeouts | Fine-grained engine controls per profile | Scan Configuration |
| Active content detection | Block macros, JavaScript, embedded objects | Active Content Configuration |
| File type and MIME type rules | Allow/block lists for extensions and MIME types | Scan Configuration |
| MIME type to extension mappings | Verify files match their declared type | MIME Type Mappings |
| Notifications | Alert admins and users on threats | Notification Configuration |