The scanning system at Bunny is designed to be seamless, private, and thorough for highly secure for your business or daily needs. Upload scanning is fully encrypted and in-house: All scanning happens within the Bunny ecosystem, ensuring data is processed securely and remains encrypted. Below is a brief description of what upload scanning does in each section.
Antivirus (AV) Scanning
All AV scanning is done entirely in-house; this ensures that no sensitive files leave our system.
CSAM (Child Sexual Abuse Material)
Files are first converted into a PDQ hash (a type of perceptual fingerprint). The hash is sent over TLS to a trusted third-party database for verification.
Bunny is currently working to bring CSAM checks entirely in-house.
Logging and Reporting
If a scan detects a positive trigger (e.g., a virus), the event is logged, but the sensitive content that triggered it is fully redacted.
Positive CSAM results are automatically reported to authorities through the third-party partner.
What We Scan
Multipart form files
Base64-encoded strings
Raw data streams not submitted via forms
Example: Large contact form submissions are inspected to ensure safety.
This approach ensures that Bunny can maintain high security and privacy standards while effectively detecting and responding to harmful content.