Hi everyone,
We are currently testing the fortiguard antivirus to secure access to our REST API.
Our API uses JSON as content-type in http request and response.
In http requests, for some services we must send encoded file in base64 inside the JSON object, as shown below :
"plateforme": {
"typeIdPlateforme": "1",
"idPlateforme" : "12345678901234"
},
"idDemandeur" : "aaa", \
"rsDemandeur": "AAAA", \
"dumeA": {
"xmlDume" : "UEsDBAoAAAAAAOCYuCg8z1FoRAAAAEQAAAAJAAAAZWljYXIuY29tWDVPIVAlQEFQWzRcUFpYNTQoUF4pN0NDKTd9JEVJQ0FSLVNUQU5EQVJELUFOVElWSVJVUy1URVNULUZJTEUhJEgrSCpQSwECFAAKAAAAAADgmLgoPM9RaEQAAABEAAAACQAAAAAAAAABACAA/4EAAAAAZWljYXIuY29tUEsFBgAAAAABAAEANwAAAGsAAAAAAA=="
}
}
In this sample, the attribut "xmlDume" is an encoded file (base64). When i took an infected file, encoded it and sent it in the json, the antivirus was unable to detect that the value of the "xmlDume" attribut is an infected encoded file. Is the fortiguard antivirus is capable to scan the JSON object or some attributs like "xmlDume" ? Thanks in advance.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.