The Data at Rest Scanning Malware Detection policy allows you to create rules to discover and prevent threats to data at rest in sanctioned SaaS applications.

As shown in the following table, each SaaS application allows you to configure the policy to report, quarantine, or delete suspicious files. You can also configure exceptions to the policy.

After creating a policy rule, you must schedule a scan for it to inspect content based on the rule's specifications (e.g., tenant, DLP engines, action, etc.). To learn more, see About SaaS Security Scan Configuration.

About the SaaS Security Data at Rest Scanning Malware Detection Page

On the Malware Detection page (Policies > Cybersecurity > SaaS Security API > Malware Scanning), you can do the following:

1. From the drop-down menu, choose an application type to configure the Malware Detection policy for related SaaS applications.

   To enable Amazon S3, Google Cloud Platform, and Microsoft Azure for your organization, contact your Zscaler Account team.

2. Configure a Data at Rest Scanning Malware Detection policy rule.
3. Search for a Malware Detection policy rule.
4. View a list of all configured Malware Detection policy rules. For policy rules, you can see and sort the following:
   • Rule Name: The name of the policy rule.
   • Application: The application chosen for the policy rule.
   • Action: Displays the configured action for the policy rule.
   • Status: Displays whether the policy rule is enabled or disabled.
   • Quarantine Location: The location where malicious files are moved for quarantine, if applicable.
5. Edit or delete a Malware policy rule.
6. Modify the table and its columns.
7. Go to the Exceptions page, where you can configure Malware Detection policy exceptions.