diff --git a/CHANGELOG.md b/CHANGELOG.md
index db63a19..3cc69fb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # CHANGELOG
 
+## 1.5.0 - 2025-06-18
+
+* Supports HTTP and SOCKS5 proxy
+* Add example code `s3stream` for scanning an S3 object as an implementation of `AMaasReader`
+
 ## 1.4.5 - 2025-03-03
 
 * Support new region me-central-1
diff --git a/README.md b/README.md
index 42f2b1d..85093e2 100644
--- a/README.md
+++ b/README.md
@@ -59,13 +59,17 @@ public static void main(String[] args) {
     try {
         // 1. Create an AMaaS Client object and configure it to carry out the scans in Vision One "us-east-1" region.
         AMaasClient client = new AMaasClient("us-east-1", "your-api-key");
-
-        // 2. Call ScanFile() to scan the content of a file.
-        String scanResult = client.scanFile("path-of-file-to-scan");
-
-        if (scanResult != null) {
-            // 3. Print out the JSON response from ScanFile()
-            System.out.println("scan result " + scanResult);
+        try {
+            // 2. Call ScanFile() to scan the content of a file.
+            String scanResult = client.scanFile("path-of-file-to-scan");
+
+            if (scanResult != null) {
+                // 3. Print out the JSON response from ScanFile()
+                System.out.println("scan result " + scanResult);
+            }
+        } finally {
+            // 4. Always close the client to release resources
+            client.close();
         }
     } catch (AMaasException err) {
         info("Exception {0}", err.getMessage());
@@ -218,6 +222,26 @@ Scan a file for malware, add a list of tags to the scan result and retrieves res
 **_Return_**
 String the scanned result in JSON format.
 
+#### ```public String scanRun(final AMaasReader reader, final String[] tagList, final boolean pml, final boolean feedback, final boolean verbose, final boolean digest) throws AMaasException```
+
+Scan an AMaasReader for malware and retrieves response data from the API. This is the core scanning method that provides the most flexibility by accepting an AMaasReader interface, allowing for different types of data sources.
+
+**_Parameters_**
+
+| Parameter     | Description                                                                              |
+| ------------- | ---------------------------------------------------------------------------------------- |
+| reader        | `AMaasReader` to be scanned. This can be an `AMaasFileReader` or any custom implementation you develop to support your specific data sources. |
+| tagList       | A list of strings to be used to tag the scan result. At most 8 tags with the maximum length of 63 characters. |
+| pml           | A flag to indicate whether to use predictive machine learning detection.                 |
+| feedback      | A flag to indicate whether to use Trend Micro Smart Protection Network's Smart Feedback. |
+| verbose       | A flag to enable log verbose mode.                                                       |
+| digest        | A flag to enable calculation of digests for cache search and result lookup.              |
+
+**_Return_**
+String the scanned result in JSON format.
+
+**_Note_**: For an example of implementing a custom AMaasReader, please refer to the `examples/s3stream/S3Stream.java` code which demonstrates a streaming implementation of the AMaasReader interface.
+
 #### ```public String scanBuffer(final byte[] buffer, final String identifier) throws AMaasException```
 
 Scan a buffer for malware and retrieves response data from the API.
@@ -360,3 +384,72 @@ The File Security SDK consistently adopts TLS as the default communication chann
 For customers who need to enable TLS channel encryption without verifying the provided CA certificate, the `TM_AM_DISABLE_CERT_VERIFY` environment variable can be set. However, this option is only recommended for use in testing environments.
 
 When `TM_AM_DISABLE_CERT_VERIFY` is set to `1`, certificate verification is disabled. By default, the certificate will be verified.
+
+## Proxy Configuration
+
+The File Security Java SDK supports HTTP and SOCKS5 proxy configurations through environment variables. This allows the SDK to work in enterprise environments that require proxy servers for internet access.
+
+### Supported Environment Variables
+
+| Environment Variable | Required/Optional | Description                                                                                                                                                     |
+| -------------------- | ----------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `HTTP_PROXY`         | Optional          | HTTP proxy URL for HTTP connections (e.g., `http://proxy.example.com:8080`)                                                                                    |
+| `HTTPS_PROXY`        | Optional          | Proxy URL for HTTPS connections (e.g., `https://proxy.example.com:8443` or `socks5://socks.example.com:1080`)                                                 |
+| `NO_PROXY`           | Optional          | Comma-separated list of host names to bypass proxy (e.g., `localhost,127.0.0.1,*.local`). Use `*` to bypass proxy for all hosts                              |
+| `PROXY_USER`         | Optional          | Username for proxy authentication (used with `Proxy-Authorization` header)                                                                                     |
+| `PROXY_PASS`         | Optional          | Password for proxy authentication (used only when `PROXY_USER` is configured)                                                                                  |
+
+### Proxy Configuration Examples
+
+#### Basic HTTP Proxy
+```bash
+export HTTP_PROXY=http://proxy.company.com:8080
+export HTTPS_PROXY=http://proxy.company.com:8080
+```
+
+#### SOCKS5 Proxy
+```bash
+export HTTPS_PROXY=socks5://socks-proxy.company.com:1080
+```
+
+**Important:** When using SOCKS5 proxy, ensure you call `client.close()` to properly release network resources. The SDK creates background threads for SOCKS5 connections that must be explicitly closed.
+
+```java
+AMaasClient client = new AMaasClient("us-east-1", "your-api-key");
+try {
+    // Perform scanning operations
+    String result = client.scanFile("file.txt");
+} finally {
+    // Always close the client when using SOCKS5 proxy
+    client.close();
+}
+```
+
+#### Proxy with Authentication
+```bash
+export HTTP_PROXY=http://proxy.company.com:8080
+export HTTPS_PROXY=https://secure-proxy.company.com:8443
+export PROXY_USER=username
+export PROXY_PASS=password
+```
+
+#### Bypassing Proxy for Specific Hosts
+```bash
+export HTTP_PROXY=http://proxy.company.com:8080
+export NO_PROXY=localhost,127.0.0.1,*.internal.company.com
+```
+
+#### Disabling Proxy for All Connections
+```bash
+export NO_PROXY=*
+```
+
+### Notes
+
+- The SDK automatically detects and uses proxy settings from environment variables
+- For HTTPS connections, `HTTPS_PROXY` takes precedence over `HTTP_PROXY`
+- SOCKS5 proxies are supported by specifying `socks5://` in the proxy URL
+- Proxy authentication requires both `PROXY_USER` and `PROXY_PASS` to be set
+- The `NO_PROXY` variable supports wildcards (e.g., `*.local`) and exact matches
+- No code changes are required - simply set the appropriate environment variables before running your application
+- **Resource Management:** Always call `client.close()` when finished, especially when using SOCKS5 proxies, to ensure proper cleanup of network resources and prevent applications from hanging
diff --git a/VERSION b/VERSION
index e516bb9..bc80560 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.4.5
+1.5.0
diff --git a/examples/README.md b/examples/README.md
index fbaf607..01ab655 100644
--- a/examples/README.md
+++ b/examples/README.md
@@ -34,6 +34,23 @@ There are 4 examples under the following sub-folders:
 
 3. After a build, the targeted jar(s) will be created under a newly created `target` folder under the respective example folder. For instance, `examples/filescan/target`.
 
+## Important: Resource Management
+
+All examples have been updated to properly manage AMaasClient resources. When using the SDK in your own applications, especially with SOCKS5 proxies, always ensure you call `client.close()` to release network resources:
+
+```java
+AMaasClient client = new AMaasClient("us-east-1", "your-api-key");
+try {
+    // Perform scanning operations
+    String result = client.scanFile("file.txt");
+} finally {
+    // Always close the client to release resources
+    client.close();
+}
+```
+
+**Note:** Failure to properly close the client, particularly when using SOCKS5 proxies, may cause your application to hang as background network threads remain active.
+
 ### Use CLI examples
 
 - `filescan`: This example is to scan a file or a folder sequentially. It takes 4 input options:
diff --git a/examples/filescan/App.java b/examples/filescan/App.java
index 7d443da..05dd955 100644
--- a/examples/filescan/App.java
+++ b/examples/filescan/App.java
@@ -52,7 +52,7 @@ static void scanFilesInSequential(final AMaasClient client, final String[] fList
     private static Options getCmdOptions() {
         Options optionList = new Options();
         optionList.addRequiredOption("f", "filename", true, "File path or folder to be scanned");
-        optionList.addRequiredOption("k", "apikey", true, "Cloud One API key");
+        optionList.addRequiredOption("k", "apikey", true, "Vision One API key");
         optionList.addRequiredOption("r", "region", true, "AMaaS service region to used. Ignore if self hosted.");
         optionList.addOption("a", "addr", true, "host ip address of self hosted AMaaS scanner. Ignore if to use Trend AMaaS service");
         optionList.addOption("t", "timeout", true, "Per scan timeout in seconds");
@@ -146,13 +146,18 @@ public static void main(final String[] args) {
             }
 
             AMaasClient client = new AMaasClient(region, addr, apikey, timeout, true, caCertPath);
-            String[] listOfFiles = listFiles(pathname);
-            long totalStartTs = System.currentTimeMillis();
+            try {
+                String[] listOfFiles = listFiles(pathname);
+                long totalStartTs = System.currentTimeMillis();
 
-            scanFilesInSequential(client, listOfFiles, tagList, pmlFlag, feedbackFlag, verbose, digest);
+                scanFilesInSequential(client, listOfFiles, tagList, pmlFlag, feedbackFlag, verbose, digest);
 
-            long totalEndTs = System.currentTimeMillis();
-            info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+                long totalEndTs = System.currentTimeMillis();
+                info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            } finally {
+                // Ensure client resources are properly closed
+                client.close();
+            }
         } catch (ParseException err) {
             helper.printHelp("Usage:", optionList);
         } catch (NumberFormatException err) {
diff --git a/examples/parallelscan/ConcurrentApp.java b/examples/parallelscan/ConcurrentApp.java
index 811cfaa..59b3087 100644
--- a/examples/parallelscan/ConcurrentApp.java
+++ b/examples/parallelscan/ConcurrentApp.java
@@ -129,7 +129,7 @@ static void scanFilesInParallel(final AMaasClient client, final String[] fList,
     private static Options getCmdOptions() {
         Options optionList = new Options();
         optionList.addRequiredOption("f", "filename", true, "File path or folder to be scanned");
-        optionList.addRequiredOption("k", "apikey", true, "Cloud One API key");
+        optionList.addRequiredOption("k", "apikey", true, "Vision One API key");
         optionList.addRequiredOption("r", "region", true, "AMaaS service region");
         optionList.addOption("t", "timeout", true, "Per scan timeout in seconds");
         return optionList;
@@ -167,11 +167,16 @@ public static void main(final String[] args) {
                 timeout = Long.parseLong(cmd.getOptionValue("t"));
             }
             AMaasClient client = new AMaasClient(region, apikey, timeout);
-            String[] listOfFiles = listFiles(pathName);
-            long totalStartTs = System.currentTimeMillis();
-            scanFilesInParallel(client, listOfFiles, timeout);
-            long totalEndTs = System.currentTimeMillis();
-            info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            try {
+                String[] listOfFiles = listFiles(pathName);
+                long totalStartTs = System.currentTimeMillis();
+                scanFilesInParallel(client, listOfFiles, timeout);
+                long totalEndTs = System.currentTimeMillis();
+                info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            } finally {
+                // Ensure client resources are properly closed
+                client.close();
+            }
         } catch (ParseException err) {
             helper.printHelp("Usage:", optionList);
         } catch (NumberFormatException err) {
diff --git a/examples/pom.xml b/examples/pom.xml
index 946e365..ac379b4 100644
--- a/examples/pom.xml
+++ b/examples/pom.xml
@@ -1,22 +1,17 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<?xml version="1.0" encoding="UTF-8"?><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
-
   <groupId>com.trend</groupId>
   <artifactId>file-security-sdk-examples</artifactId>
   <version>1.0.0</version>
   <packaging>pom</packaging>
-
   <name>file-security-sdk-examples</name>
   <modules>
     <module>filescan</module>
     <module>parallelscan</module>
     <module>s3app</module>
     <module>s3lambda</module>
+    <module>s3stream</module>
   </modules>
-
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <maven.compiler.source>1.8</maven.compiler.source>
@@ -52,29 +47,28 @@
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-stub</artifactId>
-      <version>1.68.0</version>
+      <version>1.73.0</version>
     </dependency>
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-protobuf</artifactId>
-      <version>1.68.0</version>
+      <version>1.73.0</version>
     </dependency>
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-netty</artifactId>
-      <version>1.68.0</version>
+      <version>1.73.0</version>
     </dependency>
     <dependency>
       <groupId>com.trend</groupId>
       <artifactId>file-security-java-sdk</artifactId>
       <version>[1.0,)</version>
     </dependency>
-    
   </dependencies>
-
   <build>
     <sourceDirectory>.</sourceDirectory>
-    <pluginManagement><!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) -->
+    <pluginManagement>
+      <!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) -->
       <plugins>
         <plugin>
           <artifactId>maven-clean-plugin</artifactId>
diff --git a/examples/s3app/S3App.java b/examples/s3app/S3App.java
index 9941aac..a488eae 100644
--- a/examples/s3app/S3App.java
+++ b/examples/s3app/S3App.java
@@ -66,7 +66,7 @@ private static Options getCmdOptions() {
         optionList.addRequiredOption("a", "awsregion", true, "AWS region");
         optionList.addRequiredOption("b", "bucket", true, "S3 bucket name");
         optionList.addRequiredOption("f", "S3key", true, "S3 key to be scanned");
-        optionList.addRequiredOption("k", "apikey", true, "Cloud One API key");
+        optionList.addRequiredOption("k", "apikey", true, "Vision One API key");
         optionList.addRequiredOption("r", "region", true, "AMaaS service region");
         optionList.addOption("t", "timeout", true, "Per scan timeout in seconds");
         return optionList;
@@ -79,7 +79,7 @@ private static Options getCmdOptions() {
       *                  -b S3 bucket name
       *                  -f S3 key to be scanned
       *                  -k the API key or bearer authentication token
-      *                  -r region where the C1 key/token was applied. eg, us-east-1
+      *                  -r region where the V1 key/token was applied. eg, us-east-1
       *                  -t optional client maximum waiting time in seconds for a scan. 0 or missing means default.
     */
     public static void main(final String[] args) {
@@ -105,10 +105,10 @@ public static void main(final String[] args) {
                 keyName = cmd.getOptionValue("f");
             }
             if (cmd.hasOption("r")) {
-                apikey = cmd.getOptionValue("r");
+                amaasRegion = cmd.getOptionValue("r");
             }
             if (cmd.hasOption("k")) {
-                amaasRegion = cmd.getOptionValue("k");
+                apikey = cmd.getOptionValue("k");
             }
             if (cmd.hasOption("t")) {
                 timeout = Long.parseLong(cmd.getOptionValue("t"));
@@ -117,10 +117,15 @@ public static void main(final String[] args) {
             byte[] bytes = downloadS3Object(awsRegion, bucketName, keyName);
             info("Completed downloading S3 Object....");
             AMaasClient client = new AMaasClient(amaasRegion, apikey, timeout);
-            long totalStartTs = System.currentTimeMillis();
-            client.scanBuffer(bytes, keyName);
-            long totalEndTs = System.currentTimeMillis();
-            info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            try {
+                long totalStartTs = System.currentTimeMillis();
+                client.scanBuffer(bytes, keyName);
+                long totalEndTs = System.currentTimeMillis();
+                info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            } finally {
+                // Ensure client resources are properly closed
+                client.close();
+            }
         } catch (ParseException err) {
             helper.printHelp("Usage:", optionList);
         } catch (NumberFormatException err) {
diff --git a/examples/s3lambda/S3Lambda.java b/examples/s3lambda/S3Lambda.java
index d2afe97..625f28d 100644
--- a/examples/s3lambda/S3Lambda.java
+++ b/examples/s3lambda/S3Lambda.java
@@ -108,7 +108,7 @@ private static void sequentialScan(final AMaasClient client, final S3Client s3cl
       * It can scan either a specific S3 key or a folder under a S3 bucket.
       *
       * TM_AM_AUTH_KEY the API key or bearer authentication token
-      * TM_AM_REGION region where the C1 key/token was applied. eg, us-east-1
+      * TM_AM_REGION region where the V1 key/token was applied. eg, us-east-1
       * TM_AM_SCAN_TIMEOUT_SECS client maximum waiting time in seconds for a scan. 0 or missing means default.
       *
       * S3_BUCKET_NAME S3 bucket name
@@ -159,11 +159,16 @@ public String handleRequest(final Object input, final Context context) {
             }
 
             AMaasClient client = new AMaasClient(region, apikey, timeout);
-            long totalStartTs = System.currentTimeMillis();
-
-            sequentialScan(client, s3client, bucketName, keyList, tagList);
-            long totalEndTs = System.currentTimeMillis();
-            info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            try {
+                long totalStartTs = System.currentTimeMillis();
+
+                sequentialScan(client, s3client, bucketName, keyList, tagList);
+                long totalEndTs = System.currentTimeMillis();
+                info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            } finally {
+                // Ensure client resources are properly closed
+                client.close();
+            }
         } catch (Exception err) {
             info("Exception encountered {0}", err);
         }
diff --git a/examples/s3stream/S3Stream.java b/examples/s3stream/S3Stream.java
new file mode 100644
index 0000000..508240a
--- /dev/null
+++ b/examples/s3stream/S3Stream.java
@@ -0,0 +1,263 @@
+package com.trend.cloudone.amaas;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.DefaultParser;
+import org.apache.commons.cli.HelpFormatter;
+import org.apache.commons.cli.Options;
+import org.apache.commons.cli.ParseException;
+
+import software.amazon.awssdk.core.ResponseInputStream;
+import software.amazon.awssdk.core.exception.SdkException;
+import software.amazon.awssdk.regions.Region;
+import software.amazon.awssdk.services.s3.S3Client;
+import software.amazon.awssdk.services.s3.model.GetObjectRequest;
+import software.amazon.awssdk.services.s3.model.GetObjectResponse;
+import software.amazon.awssdk.services.s3.model.HeadObjectRequest;
+import software.amazon.awssdk.services.s3.model.HeadObjectResponse;
+
+import com.trend.cloudone.amaas.AMaasReader.HashType;
+
+/**
+ * S3Stream class implements the AMaasReader interface for S3 objects.
+ * It supports only S3 URI format (s3://bucket/key) and gets hash results directly from AWS SDK.
+ */
+public class S3Stream implements AMaasReader {
+    private static final Logger logger = Logger.getLogger(S3Stream.class.getName());
+    private static final int CHUNK_SIZE_KB = 8;
+    private static final int BYTES_PER_KB = 1024;
+
+    private String region;
+    private String bucket;
+    private String key;
+    private long fileSize;
+    private final S3Client s3Client;
+    private String sha1Hash;
+    private String sha256Hash;
+
+    /**
+     * Create an S3 stream reader. Automatically creates S3Client with default configuration.
+     *
+     * @param region The AWS region where the S3 bucket is located.
+     * @param bucket The S3 bucket name.
+     * @param key The S3 object key.
+     * @throws AMaasException If the S3 client cannot be created or if the S3 object cannot be accessed.
+     */
+    public S3Stream(final String region, final String bucket, final String key) throws AMaasException {
+        if (region == null || region.isEmpty() || bucket == null || bucket.isEmpty() || key == null || key.isEmpty()) {
+            throw new AMaasException(AMaasErrorCode.MSG_ID_ERR_FILE_NOT_FOUND, "s3://" + bucket + "/" + key);
+        }
+
+        this.region = region;
+        this.bucket = bucket;
+        this.key = key;
+
+        try {
+            // Create S3Client with default configuration and specified region
+            this.s3Client = S3Client.builder()
+                    .region(Region.of(region))
+                    .build();
+        } catch (Exception ex) {
+            throw new AMaasException(AMaasErrorCode.MSG_ID_ERR_UNEXPECTED, ex);
+        }
+
+        try {
+            determineObjectMetadata();
+        } catch (SecurityException err) {
+            throw new AMaasException(AMaasErrorCode.MSG_ID_ERR_FILE_NO_PERMISSION, "s3://" + this.bucket + "/" + this.key);
+        }
+    }
+
+    /**
+     * Get the S3 object identifier (URI).
+     * @return the S3 URI as string
+     */
+    @Override
+    public String getIdentifier() {
+        return "s3://" + this.bucket + "/" + this.key;
+    }
+
+    /**
+     * Get the size of the S3 object.
+     * @return the size in bytes
+     */
+    @Override
+    public long getLength() {
+        return this.fileSize;
+    }
+
+    /**
+     * Read bytes from the S3 object starting from the given offset.
+     * @param offset starting offset to read from
+     * @param buff byte array to fill with content
+     * @return number of bytes read
+     * @throws IOException if read fails
+     */
+    @Override
+    public int readBytes(final int offset, final byte[] buff) throws IOException {
+        final ByteBuffer byteBuffer = ByteBuffer.wrap(buff);
+        return readByteRange(offset, byteBuffer);
+    }
+
+    /**
+     * Get hash from S3 object metadata.
+     * @param htype the type of hash (HASH_SHA1 or HASH_SHA256)
+     * @return the hash value as hex string with prefix (e.g., "sha1:abc123...")
+     */
+    @Override
+    public String getHash(final HashType htype) {
+        switch (htype) {
+            case HASH_SHA1:
+                return (this.sha1Hash == null) ? "" : "sha1:" + this.sha1Hash;
+            case HASH_SHA256:
+                return (this.sha256Hash == null) ? "" : "sha256:" + this.sha256Hash;
+            default:
+                return "";
+        }
+    }
+
+    /**
+     * Gets the sha1, sha256 digest and size of the given S3 object in bytes.
+     */
+    private void determineObjectMetadata() throws AMaasException {
+        try {
+            final HeadObjectRequest request = HeadObjectRequest.builder()
+                    .bucket(this.bucket)
+                    .key(this.key)
+                    .build();
+
+            final HeadObjectResponse response = s3Client.headObject(request);
+            this.fileSize = response.contentLength();
+
+            // Get hash results directly from AWS SDK
+            if (response.checksumSHA1() != null) {
+                this.sha1Hash = response.checksumSHA1();
+            }
+            if (response.checksumSHA256() != null) {
+                this.sha256Hash = response.checksumSHA256();
+            }
+        } catch (SdkException ex) {
+            throw new AMaasException(AMaasErrorCode.MSG_ID_ERR_UNEXPECTED);
+        }
+    }
+
+    /**
+     * Reads a byte range from a file served via S3 URI.
+     *
+     * @param startByte The starting byte (inclusive)
+     * @param byteBuffer The ByteBuffer to fill with the read data
+     * @return The number of bytes read
+     * @throws IOException if the connection fails or read fails
+     */
+    private int readByteRange(final long startByte, final ByteBuffer byteBuffer) throws IOException {
+        if (startByte < 0 || fileSize < startByte) {
+            throw new IllegalArgumentException("Invalid byte range");
+        }
+
+        final long endByte = Math.min(startByte + byteBuffer.remaining() - 1, fileSize - 1);
+
+        final GetObjectRequest getObjectRequest = GetObjectRequest.builder()
+                .bucket(this.bucket)
+                .key(this.key)
+                .range(String.format("bytes=%d-%d", startByte, endByte))
+                .build();
+
+        int totalBytesRead = 0;
+        try (ResponseInputStream<GetObjectResponse> s3Stream = this.s3Client.getObject(getObjectRequest)) {
+            byte[] chunk = new byte[CHUNK_SIZE_KB * BYTES_PER_KB];
+            int bytesRead;
+            while ((bytesRead = s3Stream.read(chunk)) != -1) {
+                byteBuffer.put(chunk, 0, bytesRead);
+                totalBytesRead += bytesRead;
+            }
+        } catch (SdkException | IOException ex) {
+            throw new RuntimeException("Failed to download S3 object range", ex);
+        }
+        return totalBytesRead;
+    }
+
+    private static void info(final String msg, final Object... params) {
+        logger.log(Level.INFO, msg, params);
+    }
+
+    private static Options getCmdOptions() {
+        Options optionList = new Options();
+        optionList.addRequiredOption("a", "awsregion", true, "AWS region");
+        optionList.addRequiredOption("b", "bucket", true, "S3 bucket name");
+        optionList.addRequiredOption("f", "S3key", true, "S3 key to be scanned");
+        optionList.addRequiredOption("k", "apikey", true, "Vision One API key");
+        optionList.addRequiredOption("r", "region", true, "AMaaS service region");
+        optionList.addOption("t", "timeout", true, "Per scan timeout in seconds");
+        return optionList;
+    }
+
+    /**
+      * The program takes 6 options and respecive values to configure the AMaaS SDK client.
+      * @param args Input options:
+      *                  -a AWS region
+      *                  -b S3 bucket name
+      *                  -f S3 key to be scanned
+      *                  -k the API key or bearer authentication token
+      *                  -r region where the V1 key/token was applied. eg, us-east-1
+      *                  -t optional client maximum waiting time in seconds for a scan. 0 or missing means default.
+    */
+    public static void main(final String[] args) {
+        String awsRegion = "";
+        String bucketName = "";
+        String keyName = "";
+        String apikey = null;
+        String amaasRegion = "";
+        long timeout = 0;
+
+        DefaultParser parser = new DefaultParser();
+        HelpFormatter helper = new HelpFormatter();
+        Options optionList = getCmdOptions();
+        try {
+            CommandLine cmd = parser.parse(optionList, args);
+            if (cmd.hasOption("a")) {
+                awsRegion = cmd.getOptionValue("a");
+            }
+            if (cmd.hasOption("b")) {
+                bucketName = cmd.getOptionValue("b");
+            }
+            if (cmd.hasOption("f")) {
+                keyName = cmd.getOptionValue("f");
+            }
+            if (cmd.hasOption("r")) {
+                amaasRegion = cmd.getOptionValue("r");
+            }
+            if (cmd.hasOption("k")) {
+                apikey = cmd.getOptionValue("k");
+            }
+            if (cmd.hasOption("t")) {
+                timeout = Long.parseLong(cmd.getOptionValue("t"));
+            }
+            info("Creating S3Stream for S3 Object....");
+            S3Stream s3Stream = new S3Stream(awsRegion, bucketName, keyName);
+            info("Completed creating S3Stream for S3 Object....");
+            AMaasClient client = new AMaasClient(amaasRegion, apikey, timeout);
+            try {
+                long totalStartTs = System.currentTimeMillis();
+
+                // Use scanRun with the S3Stream AMaasReader
+                String scanResult = client.scanRun(s3Stream, null, false, false, false, true);
+                long totalEndTs = System.currentTimeMillis();
+                info("Scan Result: {0}", scanResult);
+                info("*************** Total scan time {0}", totalEndTs - totalStartTs);
+            } finally {
+                client.close();
+            }
+        } catch (ParseException err) {
+            helper.printHelp("Usage:", optionList);
+        } catch (NumberFormatException err) {
+            info("Exception parsing -t value must be a number");
+        } catch (AMaasException err) {
+            info("AMaaS SDK Exception encountered: {0}", err.getMessage());
+        } catch (Exception err) {
+            info("Unexpected exception encountered: {0}", err.getMessage());
+        }
+    }
+}
diff --git a/examples/s3stream/pom.xml b/examples/s3stream/pom.xml
new file mode 100644
index 0000000..0c6fd92
--- /dev/null
+++ b/examples/s3stream/pom.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0"?>
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>com.trend</groupId>
+  <artifactId>file-security-sdk-example-s3stream</artifactId>
+  <version>1.0.0</version>
+
+  <name>file-security-sdk-example-s3stream</name>
+
+  <parent>
+    <groupId>com.trend</groupId>
+    <artifactId>file-security-sdk-examples</artifactId>
+    <version>1.0.0</version>
+  </parent>
+
+  <dependencyManagement>
+    <dependencies>
+      <dependency>
+        <groupId>software.amazon.awssdk</groupId>
+        <artifactId>bom</artifactId>
+        <version>2.20.66</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
+    </dependencies>
+  </dependencyManagement>
+  <dependencies>
+    <dependency>
+      <groupId>software.amazon.awssdk</groupId>
+      <artifactId>s3</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>commons-cli</groupId>
+      <artifactId>commons-cli</artifactId>
+      <version>1.5.0</version>
+    </dependency>
+  </dependencies>
+</project>
diff --git a/pom.xml b/pom.xml
index 28f2bf5..9023f2e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
 
   <groupId>com.trend</groupId>
   <artifactId>file-security-java-sdk</artifactId>
-  <version>1.4.5</version>
+  <version>1.5.0</version>
 
   <name>file-security-java-sdk</name>
   <url>https://github.com/trendmicro/tm-v1-fs-java-sdk</url>
@@ -74,22 +74,30 @@
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-stub</artifactId>
-      <version>1.68.0</version>
+      <version>1.73.0</version>
     </dependency>
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-protobuf</artifactId>
-      <version>1.68.0</version>
+      <version>1.73.0</version>
     </dependency>
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-netty</artifactId>
-      <version>1.68.0</version>
+      <version>1.73.0</version>
+      <exclusions>
+        <exclusion><groupId>io.netty</groupId><artifactId>*</artifactId></exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>io.netty</groupId>
+      <artifactId>netty-all</artifactId>
+      <version>4.1.121.Final</version>
     </dependency>
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-testing</artifactId>
-      <version>1.68.0</version>
+      <version>1.73.0</version>
       <scope>test</scope>
     </dependency>
     <!-- necessary for Java 9+
@@ -132,7 +140,7 @@
                   </outputTarget>
                   <outputTarget>
                     <type>grpc-java</type>
-                    <pluginArtifact>io.grpc:protoc-gen-grpc-java:1.68.0</pluginArtifact>
+                    <pluginArtifact>io.grpc:protoc-gen-grpc-java:1.73.0</pluginArtifact>
                   </outputTarget>
                 </outputTargets>
               </configuration>
diff --git a/src/main/java/com/trend/cloudone/amaas/AMaasClient.java b/src/main/java/com/trend/cloudone/amaas/AMaasClient.java
index 7756aba..6e7e651 100644
--- a/src/main/java/com/trend/cloudone/amaas/AMaasClient.java
+++ b/src/main/java/com/trend/cloudone/amaas/AMaasClient.java
@@ -2,6 +2,7 @@
 
 import java.io.File;
 import java.io.IOException;
+import java.net.InetSocketAddress;
 import java.nio.file.Paths;
 import java.util.Arrays;
 import java.util.concurrent.CountDownLatch;
@@ -18,6 +19,14 @@
 import io.grpc.StatusRuntimeException;
 import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 import io.netty.handler.ssl.SslContext;
+import io.netty.channel.ChannelOption;
+import io.netty.channel.EventLoopGroup;
+import io.netty.channel.nio.NioEventLoopGroup;
+import io.netty.channel.socket.nio.NioSocketChannel;
+import io.netty.channel.ChannelFactory;
+
+import io.netty.handler.proxy.Socks5ProxyHandler;
+
 import com.google.protobuf.ByteString;
 import com.trend.cloudone.amaas.scan.ScanGrpc;
 import com.trend.cloudone.amaas.scan.ScanOuterClass;
@@ -38,6 +47,7 @@ public final class AMaasClient {
     private AMaasCallCredentials cred;
     private long timeoutSecs = DEFAULT_SCAN_TIMEOUT; // 3 minutes
     private boolean bulk = true;
+    private EventLoopGroup eventLoopGroup;
 
 
      /**
@@ -84,6 +94,10 @@ public AMaasClient(final String region, final String host, final String apiKey,
         if (target == null || target == "") {
             throw new AMaasException(AMaasErrorCode.MSG_ID_ERR_INVALID_REGION, region, AMaasRegion.getAllRegionsAsString());
         }
+
+        // Initialize proxy configuration
+        ProxyConfig proxyConfig = new ProxyConfig();
+
         if (enabledTLS) {
             log(Level.FINE, "Using prod grpc service {0}", target);
             String verifyCertEnv = System.getenv("TM_AM_DISABLE_CERT_VERIFY");
@@ -111,14 +125,10 @@ public AMaasClient(final String region, final String host, final String apiKey,
                 throw new AMaasException(AMaasErrorCode.MSG_ID_ERR_LOAD_SSL_CERT);
             }
 
-            this.channel = NettyChannelBuilder.forTarget(target)
-                            .sslContext(context)
-                            .build();
+            this.channel = buildChannelWithProxy(target, proxyConfig, true, context);
         } else {
             log(Level.FINE, "Using grpc service with TLS disenabled {0}", target);
-            this.channel = NettyChannelBuilder.forTarget(target)
-                    .usePlaintext()
-                    .build();
+            this.channel = buildChannelWithProxy(target, proxyConfig, false, null);
         }
         if (apiKey != null) {
             this.cred = new AMaasCallCredentials(apiKey, AMaasConstants.V1FS_APP);
@@ -131,15 +141,29 @@ public AMaasClient(final String region, final String host, final String apiKey,
         this.asyncStub = ScanGrpc.newStub(this.channel).withCallCredentials(this.cred);
     }
 
-    @Override
-    protected void finalize() {
+    /**
+     * Close the client and release all resources.
+     * This method should be called when the client is no longer needed.
+     */
+    public void close() {
         try {
-            this.channel.shutdownNow().awaitTermination(1, TimeUnit.SECONDS);
+            if (this.channel != null) {
+                this.channel.shutdownNow().awaitTermination(1, TimeUnit.SECONDS);
+            }
+            if (this.eventLoopGroup != null) {
+                this.eventLoopGroup.shutdownGracefully().awaitUninterruptibly(1, TimeUnit.SECONDS);
+            }
         } catch (InterruptedException e) {
-            log(Level.WARNING, "Finalizing AMaaSClient throws exception: {0}", e.getMessage());
+            log(Level.WARNING, "Closing AMaaSClient throws exception: {0}", e.getMessage());
+            Thread.currentThread().interrupt();
         }
     }
 
+    @Override
+    protected void finalize() {
+        close();
+    }
+
     private String identifyHostAddr(final String region, final String host) {
         if (host != null && !host.isEmpty()) {
             return host;
@@ -147,6 +171,120 @@ private String identifyHostAddr(final String region, final String host) {
         return AMaasRegion.getServiceFqdn(region);
     }
 
+    /**
+     * Builds a ManagedChannel with proxy support if configured.
+     * @param target the target server address
+     * @param proxyConfig the proxy configuration
+     * @param enableTLS whether to enable TLS
+     * @param sslContext the SSL context for TLS connections
+     * @return configured ManagedChannel
+     */
+    private ManagedChannel buildChannelWithProxy(final String target, final ProxyConfig proxyConfig, final boolean enableTLS, final SslContext sslContext) {
+        NettyChannelBuilder builder = NettyChannelBuilder.forTarget(target);
+
+        // Configure TLS
+        if (enableTLS && sslContext != null) {
+            builder.sslContext(sslContext);
+        } else if (!enableTLS) {
+            builder.usePlaintext();
+        }
+
+        // Configure proxy if needed
+        String proxyUrl = proxyConfig.getProxyUrl(target);
+        if (proxyUrl != null) {
+            log(Level.FINE, "Using proxy: {0} for target: {1}", proxyUrl, target);
+            configureProxy(builder, proxyConfig, proxyUrl);
+        } else {
+            log(Level.FINE, "No proxy configured for target: {0}", target);
+        }
+
+        return builder.build();
+    }
+
+    /**
+     * Configures proxy settings using Netty proxy handlers for SOCKS5 and Java system properties for HTTP.
+     * @param builder the NettyChannelBuilder to configure
+     * @param proxyConfig the proxy configuration
+     * @param proxyUrl the proxy URL to use
+     */
+    private void configureProxy(final NettyChannelBuilder builder, final ProxyConfig proxyConfig, final String proxyUrl) {
+        InetSocketAddress proxyAddress = proxyConfig.getProxyAddress(proxyUrl);
+        if (proxyAddress == null) {
+            log(Level.WARNING, "Failed to parse proxy address: {0}", proxyUrl);
+            return;
+        }
+
+        if (proxyConfig.isSocks5Proxy(proxyUrl)) {
+            // Configure SOCKS5 proxy using Netty handlers
+            log(Level.FINE, "Configuring SOCKS5 proxy: {0}:{1}", proxyAddress.getHostName(), proxyAddress.getPort());
+
+            // Create EventLoopGroup for the channel
+            this.eventLoopGroup = new NioEventLoopGroup(1);
+
+            // Create custom channel factory with SOCKS5 proxy handler
+            ChannelFactory<NioSocketChannel> channelFactory = new ChannelFactory<NioSocketChannel>() {
+                @Override
+                public NioSocketChannel newChannel() {
+                    NioSocketChannel channel = new NioSocketChannel();
+                    // Add SOCKS5 proxy handler at the beginning of the pipeline after channel is active
+                    channel.pipeline().addFirst("socks5-proxy", proxyConfig.hasProxyAuth()
+                        ? new Socks5ProxyHandler(proxyAddress, proxyConfig.getProxyUser(), proxyConfig.getProxyPass())
+                        : new Socks5ProxyHandler(proxyAddress));
+                    return channel;
+                }
+            };
+
+            // Configure the builder with custom settings for SOCKS5
+            builder.channelType(NioSocketChannel.class)
+                   .eventLoopGroup(this.eventLoopGroup)
+                   .channelFactory(channelFactory);
+
+        } else {
+            // Configure HTTP proxy using Java system properties (existing method)
+            log(Level.FINE, "Configuring HTTP proxy: {0}:{1}", proxyAddress.getHostName(), proxyAddress.getPort());
+
+            System.setProperty("http.proxyHost", proxyAddress.getHostName());
+            System.setProperty("http.proxyPort", String.valueOf(proxyAddress.getPort()));
+            System.setProperty("https.proxyHost", proxyAddress.getHostName());
+            System.setProperty("https.proxyPort", String.valueOf(proxyAddress.getPort()));
+
+            // For HTTP proxy with authentication, set authenticator
+            if (proxyConfig.hasProxyAuth()) {
+                log(Level.FINE, "Setting HTTP proxy authentication");
+                setProxyAuthenticator(proxyConfig);
+            }
+        }
+
+        // Set connection timeout for proxy connections
+        final int keepAliveTimeSecs = 30;
+        final int keepAliveTimeoutSecs = 10;
+        final int connectTimeoutMs = 30000; // 30 seconds
+
+        builder.keepAliveTime(keepAliveTimeSecs, TimeUnit.SECONDS);
+        builder.keepAliveTimeout(keepAliveTimeoutSecs, TimeUnit.SECONDS);
+        builder.keepAliveWithoutCalls(true);
+        builder.withOption(ChannelOption.CONNECT_TIMEOUT_MILLIS, connectTimeoutMs);
+    }
+
+    /**
+     * Sets the proxy authenticator for both HTTP and SOCKS5 proxies.
+     * @param proxyConfig the proxy configuration with authentication details
+     */
+    private void setProxyAuthenticator(final ProxyConfig proxyConfig) {
+        java.net.Authenticator.setDefault(new java.net.Authenticator() {
+            @Override
+            protected java.net.PasswordAuthentication getPasswordAuthentication() {
+                if (getRequestorType() == RequestorType.PROXY) {
+                    return new java.net.PasswordAuthentication(
+                        proxyConfig.getProxyUser(),
+                        proxyConfig.getProxyPass().toCharArray()
+                    );
+                }
+                return null;
+            }
+        });
+    }
+
     private static void log(final Level level, final String msg, final Object... params) {
         logger.log(level, msg, params);
     }
@@ -307,8 +445,8 @@ static AMaasException getTagListErrors(final String[] tagList) {
         return except;
     }
 
-    /*
-    * Private method to scan a AMaasReader and return the scanned result
+    /**
+    * Scan a AMaasReader and return the scanned result.
     *
     * @param reader AMaasReader to be scanned.
     * @param tagList List of tags.
@@ -319,7 +457,7 @@ static AMaasException getTagListErrors(final String[] tagList) {
     * @return String the scanned result in JSON format.
     * @throws AMaasException if an exception is detected, it will convert to AMassException.
     */
-    private String scanRun(final AMaasReader reader, final String[] tagList, final boolean pml, final boolean feedback, final boolean verbose, final boolean digest) throws AMaasException {
+    public String scanRun(final AMaasReader reader, final String[] tagList, final boolean pml, final boolean feedback, final boolean verbose, final boolean digest) throws AMaasException {
 
         long fileSize = reader.getLength();
 
diff --git a/src/main/java/com/trend/cloudone/amaas/ProxyConfig.java b/src/main/java/com/trend/cloudone/amaas/ProxyConfig.java
new file mode 100644
index 0000000..622ee87
--- /dev/null
+++ b/src/main/java/com/trend/cloudone/amaas/ProxyConfig.java
@@ -0,0 +1,287 @@
+package com.trend.cloudone.amaas;
+
+import java.net.InetSocketAddress;
+import java.net.URI;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+/**
+ * Configuration class for handling HTTP and SOCKS5 proxy settings.
+ * Reads proxy configuration from environment variables.
+ */
+public class ProxyConfig {
+
+    private static final Logger logger = Logger.getLogger(
+        ProxyConfig.class.getName()
+    );
+    // Default port constants
+    private static final int DEFAULT_HTTP_PORT = 80;
+    private static final int DEFAULT_HTTPS_PORT = 443;
+    private static final int DEFAULT_SOCKS_PORT = 1080;
+
+    private final String httpProxy;
+    private final String httpsProxy;
+    private final String noProxy;
+    private final String proxyUser;
+    private final String proxyPass;
+    private final Set<String> noProxyHosts;
+
+    /**
+     * Creates a new ProxyConfig instance by reading environment variables.
+     */
+    public ProxyConfig() {
+        this.httpProxy = System.getenv("HTTP_PROXY");
+        this.httpsProxy = System.getenv("HTTPS_PROXY");
+        this.noProxy = System.getenv("NO_PROXY");
+        this.proxyUser = System.getenv("PROXY_USER");
+        this.proxyPass = System.getenv("PROXY_PASS");
+        this.noProxyHosts = parseNoProxyHosts(this.noProxy);
+    }
+
+    /**
+     * Creates a ProxyConfig with explicit values for testing purposes.
+     * @param httpProxy HTTP proxy URL
+     * @param httpsProxy HTTPS proxy URL
+     * @param noProxy comma-separated list of hosts to bypass proxy
+     * @param proxyUser proxy authentication username
+     * @param proxyPass proxy authentication password
+     */
+    public ProxyConfig(
+        final String httpProxy,
+        final String httpsProxy,
+        final String noProxy,
+        final String proxyUser,
+        final String proxyPass
+    ) {
+        this.httpProxy = httpProxy;
+        this.httpsProxy = httpsProxy;
+        this.noProxy = noProxy;
+        this.proxyUser = proxyUser;
+        this.proxyPass = proxyPass;
+        this.noProxyHosts = parseNoProxyHosts(this.noProxy);
+    }
+
+    /**
+     * Determines the appropriate proxy URL for the given target host.
+     * @param targetHost the target host to connect to
+     * @return proxy URL if proxy should be used, null otherwise
+     */
+    public String getProxyUrl(final String targetHost) {
+        if (shouldBypassProxy(targetHost)) {
+            return null;
+        }
+
+        // For HTTPS targets, prefer HTTPS_PROXY, fallback to HTTP_PROXY
+        if (httpsProxy != null && !httpsProxy.isEmpty()) {
+            return httpsProxy;
+        }
+
+        if (httpProxy != null && !httpProxy.isEmpty()) {
+            return httpProxy;
+        }
+
+        return null;
+    }
+
+    /**
+     * Checks if the proxy URL uses SOCKS5 protocol.
+     * @param proxyUrl the proxy URL to check
+     * @return true if it's a SOCKS5 proxy, false otherwise
+     */
+    public boolean isSocks5Proxy(final String proxyUrl) {
+        if (proxyUrl == null) {
+            return false;
+        }
+        return proxyUrl.toLowerCase().startsWith("socks5://");
+    }
+
+    /**
+     * Checks if proxy authentication is configured.
+     * @return true if both username and password are set, false otherwise
+     */
+    public boolean hasProxyAuth() {
+        return (
+            proxyUser != null
+            && !proxyUser.trim().isEmpty()
+            && proxyPass != null
+            && !proxyPass.isEmpty()
+        );
+    }
+
+    /**
+     * Gets the proxy username.
+     * @return proxy username or null if not configured
+     */
+    public String getProxyUser() {
+        return proxyUser;
+    }
+
+    /**
+     * Gets the proxy password.
+     * @return proxy password or null if not configured
+     */
+    public String getProxyPass() {
+        return proxyPass;
+    }
+
+    /**
+     * Gets the NO_PROXY value for setting Java system properties.
+     * @return NO_PROXY string or null if not configured
+     */
+    public String getNoProxyValue() {
+        return noProxy;
+    }
+
+    /**
+     * Parses a proxy URL and returns the host and port.
+     * @param proxyUrl the proxy URL to parse
+     * @return array with [host, port] or null if parsing fails
+     */
+    public String[] parseProxyHostPort(final String proxyUrl) {
+        if (proxyUrl == null || proxyUrl.trim().isEmpty()) {
+            return null;
+        }
+
+        try {
+            URI uri = URI.create(proxyUrl);
+            String host = uri.getHost();
+            int port = uri.getPort();
+
+            if (host == null) {
+                return null;
+            }
+            // Use default ports if not specified
+            if (port == -1) {
+                String scheme = uri.getScheme();
+                if ("http".equalsIgnoreCase(scheme)) {
+                    port = getDefaultHttpPort();
+                } else if ("https".equalsIgnoreCase(scheme)) {
+                    port = getDefaultHttpsPort();
+                } else if ("socks5".equalsIgnoreCase(scheme)) {
+                    port = getDefaultSocksPort();
+                } else {
+                    return null;
+                }
+            }
+
+            return new String[]{host, String.valueOf(port)};
+        } catch (Exception e) {
+            logger.log(
+                Level.WARNING,
+                "Failed to parse proxy URL: " + proxyUrl,
+                e
+            );
+            return null;
+        }
+    }
+
+    /**
+     * Creates an InetSocketAddress for the proxy.
+     * @param proxyUrl the proxy URL
+     * @return InetSocketAddress for the proxy or null if parsing fails
+     */
+    public InetSocketAddress getProxyAddress(final String proxyUrl) {
+        String[] hostPort = parseProxyHostPort(proxyUrl);
+        if (hostPort == null) {
+            return null;
+        }
+
+        try {
+            return new InetSocketAddress(
+                hostPort[0],
+                Integer.parseInt(hostPort[1])
+            );
+        } catch (NumberFormatException e) {
+            logger.log(
+                Level.WARNING,
+                "Invalid port number in proxy URL: " + proxyUrl,
+                e
+            );
+            return null;
+        }
+    }
+
+    /**
+     * Checks if the target host should bypass proxy.
+     * @param targetHost the target host to check
+     * @return true if proxy should be bypassed, false otherwise
+     */
+    private boolean shouldBypassProxy(final String targetHost) {
+        if (
+            targetHost == null || noProxyHosts == null || noProxyHosts.isEmpty()
+        ) {
+            return false;
+        }
+
+        // Check for exact match or wildcard
+        if (noProxyHosts.contains("*")) {
+            return true;
+        }
+
+        // Check for exact host match
+        if (noProxyHosts.contains(targetHost)) {
+            return true;
+        }
+
+        // Check for wildcard patterns
+        for (String noProxyHost : noProxyHosts) {
+            if (
+                noProxyHost.startsWith("*.")
+                && targetHost.endsWith(noProxyHost.substring(1))
+            ) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * Parses the NO_PROXY environment variable into a set of hosts.
+     * @param noProxy the NO_PROXY value
+     * @return set of hosts that should bypass proxy
+     */
+    private Set<String> parseNoProxyHosts(final String noProxy) {
+        Set<String> hosts = new HashSet<>();
+
+        if (noProxy == null || noProxy.trim().isEmpty()) {
+            return hosts;
+        }
+
+        String[] hostArray = noProxy.split(",");
+        for (String host : hostArray) {
+            String trimmedHost = host.trim();
+            if (!trimmedHost.isEmpty()) {
+                hosts.add(trimmedHost);
+            }
+        }
+
+        return hosts;
+    }
+
+    /**
+     * Gets the default HTTP port.
+     * @return default HTTP port (80)
+     */
+    private static int getDefaultHttpPort() {
+        return DEFAULT_HTTP_PORT;
+    }
+
+    /**
+     * Gets the default HTTPS port.
+     * @return default HTTPS port (443)
+     */
+    private static int getDefaultHttpsPort() {
+        return DEFAULT_HTTPS_PORT;
+    }
+
+    /**
+     * Gets the default SOCKS port.
+     * @return default SOCKS port (1080)
+     */
+    private static int getDefaultSocksPort() {
+        return DEFAULT_SOCKS_PORT;
+    }
+}
diff --git a/src/test/java/com/trend/cloudone/amaas/ProxyConfigTest.java b/src/test/java/com/trend/cloudone/amaas/ProxyConfigTest.java
new file mode 100644
index 0000000..ff77c00
--- /dev/null
+++ b/src/test/java/com/trend/cloudone/amaas/ProxyConfigTest.java
@@ -0,0 +1,288 @@
+package com.trend.cloudone.amaas;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.net.InetSocketAddress;
+import org.junit.Test;
+
+/**
+ * Unit tests for ProxyConfig class.
+ */
+public class ProxyConfigTest {
+
+    private static final int TEST_PORT = 8080;
+
+    @Test
+    public void testNoProxyConfiguration() {
+        ProxyConfig config = new ProxyConfig(null, null, null, null, null);
+        assertNull(config.getProxyUrl("example.com"));
+        assertFalse(config.hasProxyAuth());
+        assertNull(config.getProxyUser());
+        assertNull(config.getProxyPass());
+    }
+
+    @Test
+    public void testHttpProxyConfiguration() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.example.com:8080",
+            null,
+            null,
+            null,
+            null
+        );
+        String proxyUrl = config.getProxyUrl("target.com");
+        assertEquals("http://proxy.example.com:8080", proxyUrl);
+        assertFalse(config.isSocks5Proxy(proxyUrl));
+
+        String[] hostPort = config.parseProxyHostPort(proxyUrl);
+        assertEquals("proxy.example.com", hostPort[0]);
+        assertEquals("8080", hostPort[1]);
+    }
+
+    @Test
+    public void testHttpsProxyConfiguration() {
+        ProxyConfig config = new ProxyConfig(
+            "http://http-proxy.com:8080",
+            "https://https-proxy.com:8443",
+            null,
+            null,
+            null
+        );
+        String proxyUrl = config.getProxyUrl("target.com");
+        assertEquals("https://https-proxy.com:8443", proxyUrl);
+        assertFalse(config.isSocks5Proxy(proxyUrl));
+    }
+
+    @Test
+    public void testSocks5ProxyConfiguration() {
+        ProxyConfig config = new ProxyConfig(
+            null,
+            "socks5://socks.example.com:1080",
+            null,
+            null,
+            null
+        );
+        String proxyUrl = config.getProxyUrl("target.com");
+        assertEquals("socks5://socks.example.com:1080", proxyUrl);
+        assertTrue(config.isSocks5Proxy(proxyUrl));
+
+        String[] hostPort = config.parseProxyHostPort(proxyUrl);
+        assertEquals("socks.example.com", hostPort[0]);
+        assertEquals("1080", hostPort[1]);
+    }
+
+    @Test
+    public void testProxyAuthentication() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            null,
+            "testuser",
+            "testpass"
+        );
+        assertTrue(config.hasProxyAuth());
+        assertEquals("testuser", config.getProxyUser());
+        assertEquals("testpass", config.getProxyPass());
+    }
+
+    @Test
+    public void testIncompleteAuthentication() {
+        ProxyConfig config1 = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            null,
+            "testuser",
+            null
+        );
+        assertFalse(config1.hasProxyAuth());
+
+        ProxyConfig config2 = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            null,
+            null,
+            "testpass"
+        );
+        assertFalse(config2.hasProxyAuth());
+
+        ProxyConfig config3 = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            null,
+            "",
+            "testpass"
+        );
+        assertFalse(config3.hasProxyAuth());
+    }
+
+    @Test
+    public void testNoProxyBypass() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            "localhost,127.0.0.1,*.local",
+            null,
+            null
+        );
+
+        assertNull(config.getProxyUrl("localhost"));
+        assertNull(config.getProxyUrl("127.0.0.1"));
+        assertNotNull(config.getProxyUrl("example.com"));
+    }
+
+    @Test
+    public void testNoProxyWildcard() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            "*",
+            null,
+            null
+        );
+
+        assertNull(config.getProxyUrl("localhost"));
+        assertNull(config.getProxyUrl("example.com"));
+        assertNull(config.getProxyUrl("any.host.com"));
+    }
+
+    @Test
+    public void testNoProxyWithSpaces() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            " localhost , 127.0.0.1 , *.local ",
+            null,
+            null
+        );
+
+        assertNull(config.getProxyUrl("localhost"));
+        assertNull(config.getProxyUrl("127.0.0.1"));
+        assertNotNull(config.getProxyUrl("example.com"));
+    }
+
+    @Test
+    public void testDefaultPorts() {
+        ProxyConfig config = new ProxyConfig();
+
+        String[] httpHostPort = config.parseProxyHostPort("http://proxy.com");
+        assertEquals("proxy.com", httpHostPort[0]);
+        assertEquals("80", httpHostPort[1]);
+
+        String[] httpsHostPort = config.parseProxyHostPort("https://proxy.com");
+        assertEquals("proxy.com", httpsHostPort[0]);
+        assertEquals("443", httpsHostPort[1]);
+
+        String[] socksHostPort = config.parseProxyHostPort(
+            "socks5://proxy.com"
+        );
+        assertEquals("proxy.com", socksHostPort[0]);
+        assertEquals("1080", socksHostPort[1]);
+    }
+
+    @Test
+    public void testInvalidProxyUrls() {
+        ProxyConfig config = new ProxyConfig();
+
+        assertNull(config.parseProxyHostPort("invalid-url"));
+        assertNull(config.parseProxyHostPort(""));
+        assertNull(config.parseProxyHostPort(null));
+        assertNull(config.parseProxyHostPort("http://"));
+    }
+
+    @Test
+    public void testProxyAddress() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.example.com:8080",
+            null,
+            null,
+            null,
+            null
+        );
+
+        InetSocketAddress address = config.getProxyAddress(
+            "http://proxy.example.com:8080"
+        );
+        assertNotNull(address);
+        assertEquals("proxy.example.com", address.getHostName());
+        assertEquals(TEST_PORT, address.getPort());
+
+        // Test invalid URL
+        assertNull(config.getProxyAddress("invalid-url"));
+    }
+
+    @Test
+    public void testHostWithPort() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            "localhost:8080,example.com:443",
+            null,
+            null
+        );
+
+        assertNull(config.getProxyUrl("localhost:8080"));
+        assertNull(config.getProxyUrl("example.com:443"));
+        assertNotNull(config.getProxyUrl("other.com:80"));
+    }
+
+    @Test
+    public void testEmptyNoProxy() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            "",
+            null,
+            null
+        );
+        assertNotNull(config.getProxyUrl("localhost"));
+        assertNotNull(config.getProxyUrl("example.com"));
+    }
+
+    @Test
+    public void testCaseInsensitiveSocks5Detection() {
+        ProxyConfig config = new ProxyConfig();
+
+        assertTrue(config.isSocks5Proxy("socks5://proxy.com:1080"));
+        assertTrue(config.isSocks5Proxy("SOCKS5://proxy.com:1080"));
+        assertTrue(config.isSocks5Proxy("Socks5://proxy.com:1080"));
+        assertFalse(config.isSocks5Proxy("http://proxy.com:8080"));
+        assertFalse(config.isSocks5Proxy("https://proxy.com:8080"));
+        assertFalse(config.isSocks5Proxy(null));
+    }
+
+    @Test
+    public void testWildcardMatching() {
+        ProxyConfig config = new ProxyConfig(
+            "http://proxy.com:8080",
+            null,
+            "*.example.com,*.test.local",
+            null,
+            null
+        );
+
+        assertNull(config.getProxyUrl("api.example.com"));
+        assertNull(config.getProxyUrl("www.example.com"));
+        assertNull(config.getProxyUrl("service.test.local"));
+        assertNotNull(config.getProxyUrl("example.com"));
+        assertNotNull(config.getProxyUrl("other.com"));
+    }
+
+    @Test
+    public void testEnvironmentVariableConstructor() {
+        // Test the default constructor that reads from environment variables
+        ProxyConfig config = new ProxyConfig();
+
+        // Since we can't control environment variables in unit tests,
+        // we just verify the constructor doesn't throw exceptions
+        assertNotNull(config);
+
+        // Test that it handles null values gracefully
+        assertNull(config.getProxyUser());
+        assertNull(config.getProxyPass());
+        assertFalse(config.hasProxyAuth());
+    }
+}
diff --git a/src/test/java/com/trend/cloudone/amaas/TestSuite.java b/src/test/java/com/trend/cloudone/amaas/TestSuite.java
index 5fb87dd..0fc0165 100644
--- a/src/test/java/com/trend/cloudone/amaas/TestSuite.java
+++ b/src/test/java/com/trend/cloudone/amaas/TestSuite.java
@@ -20,6 +20,7 @@
    AMaasScanResultTest.class,
    MalwareItemTest.class,
    AMaasScanResultVerboseTest.class,
+   ProxyConfigTest.class,
 })