Skip to main content
Skyhigh Security

Create a Malware Scan

You can run Malware Scans manually or on a schedule. You may pause an in-progress scan at any time.

NOTE: On-Demand Scans are only available with API-based deployments. Proxy-based deployments are not compatible with On-Demand Scans.

To create a Malware Scan:

  1. Go to Policy > On-Demand Scan.
  2. Click Actions > Create a Scan.
  3. The Scan Creation Wizard is displayed. On the General Info page, enter the following:
    • Scan Type. Select DLP & Malware.
    • Name. Enter a unique identifier so that you can rerun the scan later.
    • Description. Enter an optional description for the scan. 
    • Service Instance. Select the cloud service instance you want to scan.
      clipboard_eebc6d8561b5c0ac3c9f9a864432124f6.png
  4. Click Next.
  5. On the Select Policies page, select the available policies to use for your scan type. 
  6. Click Next
    clipboard_e608f9e4460fca454e5b59b084c521f77.png
  7. On the Configure Scan page, configure the scope and users for your scan. 
    • Data Scope. 
      • Full. Scans all content every time the scan is run. The first time you run a scan, you must use Full mode. 
      • Incremental. Scan only content that has changed since the last successful scan. For details on Incremental mode, see About On-Demand Scans
      • Scan Dates. Select All, to scan all data. Or select Last X Days or Custom dates to limit the scan to the specified time period.
      • Only scan folders shared externally.  To limit the scan to public folders shared externally, select this checkbox. This option may not be available for all services.
      • Email Folders. Select the required folders to scan for violating content in the email. This option may not be available for all services.
    • Users. 
      • All Users. Scan all users. 

IMPORTANT: If you're configuring a scan for Skyhigh CASB for Sharepoint, the Scan for All Users menu is replaced with options for All Site CollectionsOnly the Site Collections (and Subsites) on an inclusion list, or None of the Site Collections (or Subsites) on an exclusion list. Enter a comma-separated list of relative paths of the sites you'd like to scan. For example, if a site URL is https://abccorp.sharepoint.com/teams/site1, please enter "/teams/site1" instead.

  • Include Specific Users. To include only specific users, select User Groups, a Predefined Dictionary, or enter users manually in a comma-separated list. 
  • Exclude Specific Users. To exclude only specific users, select User Groups, a Predefined Dictionary, or enter users manually in a comma-separated list. 
  1. Click Next
  2. On the Schedule Scan page, select the schedule for your scan to run:
    • None (On-Demand Only). Run the scan once now.
    • Daily. Run the scan once a day. Configure the time and time zone. 
    • Weekly. Run the scan once a week. Configure the day, time, and time zone. 
  3. Click Next
    clipboard_efecbd42da05e9eaa2823dce6f90c867f.png
  4. On the Review & Activate page, review your settings for the On-Demand Scan, and click Save.  Or click Back to make changes. 

Once a scan is completed, you can view the results, or rerun the scan anytime on the Policy > On-Demand Scan page. 

View policy incident violations on the Policy Incidents page. 

  • Was this article helpful?