Is it possible to use Windows Defender's Win32 APIs to programmatically scan data in memory without first writing it to disk? The only options appear to be directories or individual file paths, but it's possible I'm missing something obvious.
A use case would be a file upload API where we do not want the file to hit the disk at all without a scan, or we only save it in encrypted form, or we are saving it only to a database blob, etc.
Ideally there would be an API that accepted a COM IStream as an input, so it would support arbitrary streamable data sources.
If there is no way to do this, can anyone point me to where in the Microsoft online community I could make this feature suggestion?
According to Luke's suggestion:
You could try to use IAntimalwareProvider::Scan method to scan a stream of content.