Security of zip and PDF upload

Userlevel 1
Badge +7

Hello everyone,


I want to have some end users send PDF or ZIP to Automation Anywhere (and possibly Document Automation).

I then want to avoid corrupted PDFs, Zip bombs, or any virus/trojan horse/etc.

I have searched and not found in the documentation : is there an antivirus scan or a firewall included in Automation Anywhere to protect against this kind of threat ? I did find information on the architecture & security of Automation Anywhere (Defenses against common vulnerabilities, Network security overview, RBAC...) but this is not exactly what I am looking for.


Best answer by Raul Jaimes 24 May 2023, 19:23

View original

4 replies

Userlevel 7
Badge +13

Hi @Augustin ,


There is no standalone mechanism available as such for this purpose. However, you can add file extensions to the configuration file that restricts the user from uploading files that have extensions other than the ones which are on the trusted list.


Refer here for further info.

Userlevel 5
Badge +9


In A360 using an admin user , you can change the default setting  in Settings→ Security Settings and File upload settings. 



However, i don't notice where you can set specific extensions or additional rules.




Userlevel 7
Badge +13

Hi @Augustin ,


Since you have posted the question under Community Edition, I assumed that you are using the same product through which the step which @Raul Jaimes had mention won’t be possible to do. 


If you are using the Enterprise client, you can use File upload settings under Settings through Admin user.

Userlevel 1
Badge +7

Hi @Raul Jaimes Thanks a lot for your answer !

@PadmakumarThanks for the precision !


Under Community Edition I assume a workaround could be to download the file and then to use the Package : Open program/file action to run the anti-virus software (edit : third-party provided, for example microsoft security essentials) on this file ?