Skip to main content

About the Detection Engine

The statistical models employed by the detection engine enable it to detect advanced host- and network-based attacks, as well as malicious applications on mobile devices, in real-time.

The engine monitors the entire device for any malicious behavior without relying on signatures and enables security teams to detect and safeguard against both identified and unidentified hazards in real-time, irrespective of the origin of the threat and regardless of whether or not there is an Internet connection.

The malware engine provides continuous protection for Android and iOS devices with MDM integration by scanning for suspicious applications that are already installed on the device, as well as scanning applications before they are installed.

If malware is detected during a scan, you can take action to remove a potentially harmful application, even if the device in question is not connected to a network. The Mobile Security app conducts supplementary malware scanning analysis on Bitdefender's exclusive database if an internet connection is present.

The Mobile Security application houses the behavioral detection engine on the device. This engine is capable of detecting threats without requiring Internet connectivity or special privileges. Its purpose is to prevent a compromised device from accessing the corporate network.

The approach employed here is distinct in its ability to safeguard the privacy of the end user while also preventing excessive battery consumption that may result from transmitting data to the cloud for the purpose of identifying potentially malicious behavior. The device is responsible for making all decisions.

Bitdefender GravityZone MTD for iOS scanning and MDM integration

When using the GravityZone MTD through a MDM integration, the device's applications undergo scanning to detect any malicious content. In the case of the iOS app, the user is notified as required.

The system performs a real-time evaluation of unfamiliar applications and determines their legitimacy or maliciousness.

Bitdefender GravityZone MTD for Android scanning modes

The GravityZone MTD checks for suspicious applications in these modes:

  • Automatic Mode before Install - When a user downloads an application from a browser, email, or any other client, the file is saved on the SDCARD and subsequently scanned by the app. The app's system detects potentially harmful applications prior to installation and notifies the user accordingly. Additionally, the system offers a feature to remove the identified suspicious application from the device through a designated button.

  • Automatic Mode after Install - Upon installation of a new application, the software conducts a scan. In case of suspicion, the Mobile Security console receives an event and generates an alert that provides the option to uninstall the application.