Back in February, Microsoft promised to release its cyber-security software, Microsoft Defender antivirus for mobile devices that runs Android operating system. Now the company has began to fulfill the promise with the release of a free preview version of the application.

Android Gets Microsoft Defender Anti-Malware App

Called Microsoft Defender Advanced Threat Protection (ATP), the software is targeted at enterprises rather than at end-users. According to the company, the app will help organizations protect confidential data from being accessed via unsafe devices. According to Microsoft, its security software will protect users by detecting insecure emails, applications and endpoints on Android.

Microsoft Defender for Android

According to a official blog post on Tuesday, the company said that the software will offer protection against phishing and other online threats using deep-learning and heuristics. It will also offer malware scanning, and protect unsafe network connections from malicious apps and websites.

In addition, the app will also offer network administrators the ability to restrict access to corporate data from devices that are deemed ‘risky’. “(This) will enable enterprises to secure users and data on their Android devices”, said Microsoft.


Android contains a huge amount of threats, including malware, phishing apps, trojans, and more. Google removes hundreds or even thousands of applications every month. But, many of these dangerous apps end up in users’ devices.

Microsoft Defender ATP is currently still in a preview phase for Microsoft 365 customers. For all others, the antivirus will become available in the coming months.

ALSO READ:  11 Amazing Tech Innovations From CES 2018

Microsoft Defender Key Capabilities

Web protection

Phishing is one of the biggest threat vectors on mobile. The majority of attacks happening outside of emails such as via phishing sites, messaging apps, games, and other applications. Other potential threats come from apps that may make connections to unsafe domains, unknowingly to the user and security teams. Web protection capabilities in Microsoft Defender ATP for Android help to address these challenges with:

  1. Anti-phishing: 
  2. Blocking unsafe connections:
  3. Custom indicators

Malware scanning

Enterprises deploying Android can leverage built-in protections in the Android platform to limit the installation of apps to trusted sources as well as tools like Google Play Protect to significantly reduce the threat surface of potentially harmful apps being installed on devices. Microsoft Defender ATP fortifies this by introducing additional visibility and controls to deliver further assurances on keeping devices free of threats to device security.

Microsoft Defender ATP for Android uses cloud protection powered by deep learning. In addition to heuristics to provide coverage for low-fidelity signals which are inconclusively handled by signatures, in addition to offering signature-based malware detection. This protection extends to both malicious apps and files on the device.

Scans are instantly performed detect malware and potentially unwanted applications (PUA). If a safe app is downloaded, the end-user will see a lightweight notification letting them know the app is clean.

Android Gets Microsoft Defender Anti-Malware App

Blocking access to sensitive data

Additional layers of protection against malicious access to sensitive corporate information are offered by integrating with Microsoft Endpoint Manager. It includes both Microsoft Intune and Configuration Manager. For example, a compromised device would be blocked from accessing Outlook email. When Microsoft Defender ATP for Android finds that a device has malicious apps installed, it will classify the device as “high risk” and will flag it in the Microsoft Defender Security Center.

ALSO READ:  Xiaomi Black Shark 3 Specifications and Price

Microsoft Intune uses the device’s risk level in conjunction with pre-defined compliance polices to activate Conditional Access rules that block access to corporate assets from the high-risk device.

MS Defender on Android - Outlook blocked

Unified SecOps experience

The Microsoft Defender Security Center acts as the single pane of glass experience for security teams to get a centralized view of threats and activities. All the alerts for phishing and malware on Android devices are surfaced here. As part of the alert, analysts see the name of the threat, its severity, the alert process tree for the incident, and other additional context including file details and associated SHA information.

Android Gets Microsoft Defender Anti-Malware App.

Android device-related alerts also roll up into the incident where analysts can get a more holistic view of attacks associated with a device.




Please enter your comment!
Please enter your name here