Hello Community!
Your input is needed. Almost two years ago, I created a PowerShell script that checks if one of the scanned files matches a SHA256 value by comparing the values to a list of known hash values. It only searched in specific directories.
What would be better than using file-level restore? Right, Data Integration API!
Since version 12.3.1, Veeam offers the possibility of working with the Data Integration API via the REST API. To improve the whole thing, I have created a Python script that scans the mounted backup file system for suspicious files by comparing their hash values against known threats stored in a local database. The database uses data from Malware Bazaar and the LOLBAS project (“Living Off The Land Binaries and Scripts”), a catalog with legitimate Windows system binaries that attackers often abuse. The script can detect such files when they appear in unusual locations. The analysis is performance-optimized through parallel processing and will export the result in a CSV file.

What do you think about this idea? Should I develop this into a public version?
Cheers,
Steve Heart