Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.

Antivirus Scanning

Log in to subscribe to topics and get notified when content changes.

Antivirus Scanning

Use Antivirus Scanning to help protect your instance against virus infections that can be introduced by file attachments to your system records, such as incidents, problems, and stories.

Security scan

Antivirus Scanning scans file attachments stored in your Attachment [sys_attachment] table to help protect users from uploading and downloading infected files. It supports following content types within the platform.
  • application/vnd.ms-powerpoint
  • application/vnd.openxmlformats-officedocument.presentationml.presentation
  • application/vnd.ms-excel
  • application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
  • application/msword
  • application/vnd.openxmlformats-officedocument.wordprocessingml.document
  • text/plain
  • application/pdf, image/png, image/bmp, image/jpeg, image/gif
  • application/zip
  • application/vnd.microsoft.portable-executable
  • application/x-msdownload
  • application/x-ms-installer
  • application/x-elf
  • application/gzip
  • application/x-gzip
  • application/x-gunzip
  • application/gzipped
  • application/gzip-compressed
  • application/x-compress
  • application/x-rar-compressed
  • gzip/document
  • application/x-7z-compressed
  • application/x-shockwave-flash
  • application/x-director
  • application/vnd.apple.installer+xml
  • application/x-csh
  • application/vnd.ms-fontobject
  • application/epub+zip
  • application/java-archive
  • application/x-pdf
  • application/mspowerpoint
  • font/ttf
  • application/octet-stream
  • text/x-script.perl
  • application/x-php
  • application/x-bsh
  • application/x-sh
  • application/x-shar
  • text/x-script.sh
  • text/x-script.phyton
  • text/asp, text/xml
  • text/html
  • text/x-jsp
  • application/x-dosexec
  • application/xml
  • text/x-perl
  • text/x-php
  • text/aspdotnet
  • text/x-python
  • application/x-font-ttf
The Antivirus Protection plugin (com.glide.snap) is activated and enabled by default on your instance. As an administrator, you can deactivate and reactivate the Antivirus Scanning feature across your instance at the switch of a toggle, set configuration options, and review antivirus activity on the instance.
Note:
  • Edge-encrypted files are excluded from this scan.
  • Antivirus Scanning is not supported on on-premise instances, nor on FedRAMP instances.
  • Any file above 100 mb file size is not scanned.

Scanning scenarios

Review these upload and download scenarios to understand how the system identifies potential security threats from files attached to your records.

Scenario 1 - Upload a file
  1. A user unknowingly uploads an infected file to a record.
  2. The system scans the file and moves it to quarantine.
  3. The file appears in the Attachments window, where it is marked as unavailable.
  4. The user selects the file and this error message appears: The file Infected_testing.txt did not pass the security scan. Please remove the file from record INC0000059 and try again.
  5. The system sends an email notification to the user and the antivirus administrator.
  6. The user closes the Attachments window and is returned to the record, where the infected file displays as unavailable.
The infected file attachment that did not pass the security scan appears on the record as unavailable.
Scenario 2 - Download a file
  1. A user opens a record to download a file that is attached to it.
  2. Unaware that the file is infected, the user selects it for download.
  3. The system scans the file, moves it to quarantine, and displays this message.
    The system displays a message that the file did not pass the security scan and cannot be downloaded.
  4. The user closes the message and the screen refreshes showing that the file is unavailable.
  5. The system sends an email notification to the user and the anitivirus administrator.
Scenario 3 - Download a ZIP file
  1. A user opens a record and downloads a ZIP file that is attached to it.
  2. The system scans the ZIP files individually.
  3. One file does not pass the security scan and is marked as unavailable. The remaining files are zipped and downloaded successfully.
  4. The user opens the ZIP file and sees an “error.txt” file in addition to the successfully downloaded file. This file contains an error message specifying which file did not pass scanning and was therefore not included in the ZIP.
  5. The user opens the record again, and sees that the unavailable file has been moved into the Potential security risks section of the Attachments window and cannot be downloaded.
    The unavailable file is moved to the Potential security risks section of the Attachments window and cannot be downloaded.
Feedback