Content Scanning & Quarantine
Real-time malware and content scanning with automated quarantine workflows.
Scanning Engine
Every file scanned in real-time before it reaches storage — ClamAV, YARA rules, and multi-format extraction.
- ClamAV/ICAP real-time malware scanning on every file upload
- YARA rules support for custom threat signatures tailored to your organization
- Multi-format extraction — scans inside Office documents, PDFs, and archives (ZIP, TAR, GZIP, BZIP2, XZ)
- Configurable scan sources: upload, manual, scheduled, SMTP, and system triggers
Quarantine Workflow
Automated quarantine with admin review, exemption management, and full audit trail.
- Auto-quarantine when threats detected — file isolated immediately
- Admin review workflow: approve, delete, or create exemption for false positives
- Quarantine dashboard with threat type, uploader, and detection date
- File download blocked until quarantine status resolved by an administrator
- Exemption management for known false positives to reduce alert fatigue
Beyond traditional MFT
Most managed file transfer platforms were designed before modern threats existed. Here is how MnemoShare compares.
| Capability | Traditional MFT | MnemoShare |
|---|---|---|
| Scanning | Relies on endpoint antivirus or no scanning | Inline ClamAV/ICAP scanning on every file upload |
| Custom rules | No custom signature support | YARA rules for organization-specific threat signatures |
| Archive scanning | Cannot scan inside archives | Multi-format extraction: Office, PDF, ZIP, TAR, GZIP, BZIP2, XZ |
| Quarantine | Infected files may still be accessible | Automatic quarantine blocks access until admin reviews |
| Integration | Separate scanning tools required | Built-in scanning integrated with audit trail and workflows |
Real-world use cases
Zero-day protection
Custom YARA rules detect a new ransomware variant targeting healthcare. File is quarantined before reaching storage, admin notified immediately. Exemption created for false-positive test files.
Archive inspection
Partner sends ZIP file containing hundreds of documents. MnemoShare extracts and scans each file individually. One malicious PDF detected and quarantined; clean files proceed normally.
Compliance scanning
Regulated industry requires all incoming files scanned before processing. ClamAV catches known malware, YARA rules flag organization-specific patterns like leaked document watermarks or competitor trade secrets.
Frequently asked questions
- How does file scanning work in MnemoShare?
- Every file uploaded to MnemoShare is scanned in real-time via ClamAV/ICAP integration before it reaches storage. Scanning supports custom YARA rules for organization-specific signatures and extracts content from multi-format archives.
- What happens when malware is detected?
- The file is automatically quarantined — blocked from download or further processing. Administrators receive a notification and can review the quarantined file, delete it, or create an exemption for known false positives.
- Can I add custom scanning rules?
- Yes. MnemoShare supports YARA rules for custom threat signatures. Write rules targeting specific file patterns, document watermarks, or organization-specific indicators and deploy them alongside ClamAV signatures.
Ready to see MnemoShare in action?
Start a free trial, schedule a walkthrough, or dive into the docs.