Bucketscan

Building software yourself can be a great way to save money and develop a custom solution bespoke to your needs. Here is how you can build Bucketscan yourself.

Prerequisites

You need to pick a language and a platform. Bucketscan is written in TypeScript and runs on Node.js. You will also need a way to host the application like AWS.

Engine

The virus engine is the core of Bucketscan. It's the component that does the actual scanning of the files. There are numerous ways to do this. If you're insane (or insanely rich) you could write your own from scratch in just a few short years and a degree in computer science. For mere mortals, there are a number of existing solutions such as Sophos or ClamAV. Using these involves installing them on your server, configuring library updates and writing some glue code to interface with them.

Storage

In order to keep malicious files away from your users, you need to store them in a different bucket. You will need to setup a new bucket as a quarantine, and one for the scanned files.

Reporting

A crucial part of Bucketscan is the reporting dashboard. This is where you can view the results of the scans and get a detailed breakdown of the threats found. You could send the data to InfluxDB and use Grafana to build custom dashboards. Alternatively, you can build your own using charting libraries.

Notifications

Next, when a file is found to be malicious, you need the real time notifications to alert you. You can use notification platform like Knock, or write your own using SNS and some lambdas.

Conclusion