URL Scanning
How real-time URL scanning works in bowbridge Anti-Virus for Salesforce
Overview
URL Scanning checks URLs in text fields across your Salesforce org for malware, phishing, and policy violations. When a record is created or updated, the scanner automatically extracts URLs from configured fields, evaluates them against allow/block lists, and sends them to the external scan service for analysis.
URL Scanning works on any standard or custom object with text fields. Each object requires its own Apex trigger. See Click Protection for setup instructions.
How It Works
- A record is created or updated in Salesforce
- bowbridge extracts URLs from all configured text fields and identifies the user's Protection Profile
- URLs are checked against the configured allow and block lists
- Remaining URLs are sent to the external scan service for analysis
- Based on security scores, productivity scores, and category rules, each URL is allowed, blocked, removed or replaced
- Every scan result is logged in the Reporting tab
Scan Results
| Result | Action |
|---|---|
| Clean | URL passes through normally |
| Malicious | URL blocked or replaced based on configured action |
| Policy violation | URL blocked based on category or block list rules |
| Scan error | Error logged, admin notified |
Actions
| Action | Behavior |
|---|---|
| Block access | The URL is replaced or removed from the field |
| Allow & Notify | The URL passes through, administrators and/or users are notified |
| Remove | The URL is removed from the field content entirely |
Default Objects and Fields
The following objects and fields are available by default for URL scanning. You can add additional objects and fields in the URL Scan Settings.
| Object | Fields |
|---|---|
| EmailMessage | HtmlBody, TextBody, Subject |
| FeedItem | Title, Body, LinkUrl |
| FeedComment | CommentBody |
| CaseComment | CommentBody |
| Lead | Website, Description |
| Account | Website, Description |
| Contact | Description |
| Opportunity | Description |
| Case | Description |
| Task | Description, Subject |
| Event | Description, Location |
Adding a new object to URL scanning requires deploying an Apex trigger first. See Click Protection: Adding Triggers for detailed instructions.
Configuration
| Area | What to configure | Reference |
|---|---|---|
| Enable URL scanning, action on threat, thresholds | Master switch, actions, score thresholds | URL Scan Settings |
| Objects and fields to scan | Which objects and fields are scanned | URL Scan Settings |
| Category blocking | Block URLs by category (gambling, malware, phishing, etc.) | URL Scan Settings |
| Allow and block lists | Allow or block specific URL patterns | URL Scan Settings |
| Click Protection | Replace URLs with safe redirect links, real time scanning on click | Click Protection |
| Protection Profiles | Different configuration per user group | Protection Profiles |
| Notifications | Alert admins and users on threats | Notification Configuration |