Managing malicious attachments

Return to top

14 Comments

  • Pat

    Love it! 

    Can we pls participate in the limited release program with smcglobal.zendesk.com?

    0
  • Chika Chima
    Zendesk Product Manager

    Hi Pat !

    I just replied to your ticket.

    0
  • Gaurav Arora

    hey Chika Chima when will malware scanning be available to all users? is there a way we can enable this for our account?

    0
  • Chika Chima
    Zendesk Product Manager

    Gaurav Garg Thanks for the comment!

    We are slated to release Malware scanning to all in June 2022. There will be an announcement as we get closer to the release date.

    0
  • Rafael Santos

    Hi Chika Chima, will we have an API endpoint to restrict agent access to attachments?

    Something similar to the Redaction endpoint

    /api/v2/tickets/{ticket_id}/comments/{comment_id}/attachments/{attachment_id}/restrict

    Additionally, how are these automatic attachment restrictions described in the ticket events? Will we be able to audit when/how those were interacted with?

    0
  • Megumi Nakamura

    Hi Chika Chima, do we need any settings to use this feature?

    I tried to check the detection working by using EICAR Anti-Virus Test File, but nothing happened.

    0
  • Chika Chima
    Zendesk Product Manager

    Hello All!

    Update on the Malware Scanning feature. We are making headway to have a general availability to all customers at towards the end of June 2022. This feature will automatically be turned on for our customers. A help center announcement will be made once we have this feature turned on. 

    This release of Malware scanning will not have an API endpoint. Please continue to use the redaction app. Also in the audit logs, there will be events created when an Admin overrides.

    1
  • CJ Johnson

    Chika Chima Now that this is rolled out to all users, I have the same question as Megumi, I seem to be able to attach the eicar test file in Zendesk just fine, but gmail immediately detects and says it's a virus. Is there a setting we need to turn on? I can't seem to get Zendesk to detect anything as a virus that I try. Does malware scanning not check the agent side of attachments? Do I need to send the eicar file as an end-user? 

    Edit: I also confirmed that I was able to send virus laden files via chat. 

    0
  • Chika Chima
    Zendesk Product Manager

    CJ Johnson

    Thanks for reaching out!

    As referenced on the announcement  rollout to all 100% customers will end by July 14th. So therefore, you may not have this feature just yet.

     

    -1
  • David Oegren

    Sadly we already have this feature activated, and it is already impacting our daily business. We as an email security provider get emails/tickets with possible malicious content attached on a daily basis. We can not have admins work through those tickets every hour. Also, it is out of the question to promote every agent to admin just to be able to handle those kinds of tickets. We need a workaround please.

    Is it possible to address this issue via API? We could build ourselves a script automatically releasing affected emails. Or can we build some special role which we can give to our agents without granting them full admin? Please advise.

    1
  • Rakhesh Mohan

    Hi Team

    Can you please provide a malicious test file for our QA related to Zenbox API's. Would like to check the E2E flow via the API's as well as from client side

    2
  • CJ Johnson

    Chika Chima Could you explain how we can check to see if this active? I can count four other people asking for this in this thread, and I'm still unable to see it and able to upload malicious files. How can we test this to see if it's actually turned on? How can we report to you when it seems to allow malicious attachments? 

    0
  • Chika Chima
    Zendesk Product Manager

    Hi Everyone,

    The Malware scanning feature has officially completed the automatic rollout July 14, 2022 to all Zendesk customers. Meaning, there is no additional settings or controls that needs to happen on your accounts!

    As mentioned in the article, warning designations will show on the ticket UI if the scanners deemed the file attachment malicious. As well which channels the scanning is taking place for this first release. 

    In regards to testing the feature with purposely sending malicious files, we recommend to reach out to your respective security organizations for such requests. 

    We will appreciate feedback in this forum and we will announce how to signup for feedback calls about this new feature

    -1
  • Chika Chima
    Zendesk Product Manager

    Hello! As promised this is a calendly link to sign up to hear more about your feedback on this feature!

    0

Please sign in to leave a comment.

Powered by Zendesk