bowbridge Anti-Virus for Salesforce Documentationbowbridge Anti-Virus for Salesforce
Features

File Scanning

How real-time file scanning works in bowbridge Anti-Virus for Salesforce

Overview

Every file uploaded to or downloaded from your org is automatically scanned for viruses, malware, and policy violations.

Legacy Salesforce Attachments are fully supported.

How It Works

  1. A file is uploaded or downloaded
  2. bowbridge intercepts the file and identifies the user's Protection Profile
  3. The file is sent to the external scan cluster for analysis
  4. Based on the result, the file is allowed through or blocked and quarantined
  5. The scan is logged in the Reporting tab

Scan Results

ResultAction
CleanFile passes through normally
MaliciousFile blocked and quarantined
Policy violationFile blocked based on configured rules
Scan errorError logged, admin notified

Quarantine

When a file is blocked, it is moved to quarantine and inaccessible to users. Administrators can review and release quarantined files in two ways: from the Reporting tab, or from the Dashboard by clicking the blocked files detail view, which automatically filters the log to quarantined files only. If the Replace File setting is enabled, the blocked file content is replaced with a harmless placeholder so users understand why the file is unavailable.

Bulk Scanning (Scan All Files)

The Scan All Files feature allows you to perform an initial or periodic scan of existing files across your entire organization.

You must have the Query All Files standard permission assigned to your user to discover and scan files beyond those you explicitly own or have access to.

Filtering and Execution

Navigate to Settings and select File Scan to locate the Scan All Files tool. You can filter the files included in the scan to ensure optimal performance.

  • Date Range: Select Uploaded From and Uploaded Until dates.
  • Limits: Use Max Files to Scan to cap the total files processed. Older files within the date range are scanned first when the limit is reached.
  • Inclusions: By default the engine skips files that were already scanned. You can optionally disable this or toggle scanning of old legacy attachments.

You can launch the scan immediately or schedule it for a future date and time. Progress is shown in real time, detailing batches processed and any encountered errors.

Configuration

AreaWhat to configureReference
Scan triggers, threat action, file replacementWhen to scan, what to do on detectionFile Scan Settings
Scan engine behavior, archive handling, timeoutsFine-grained engine controls per profileScan Configuration
Active content detectionBlock macros, JavaScript, embedded objectsActive Content Configuration
File type and MIME type rulesAllow/block lists for extensions and MIME typesScan Configuration
MIME type to extension mappingsVerify files match their declared typeMIME Type Mappings
NotificationsAlert admins and users on threatsNotification Configuration

On this page