Avira Scan Engines

Avira scan engines utilize  advanced machine learning, heuristics and generics. They help identify and block malicious code from infiltrating and infecting clients, devices, networks and systems.

Learn more

Scan Engine Technology


For over three decades, Avira has led the  development of anti-malware technologies. Today, that technology is embedded within the security solutions of many of the world’s leading security companies.

We understand that there is no one technology that can protect against the broad threat landscape that threatens consumers and businesses alike.

Consequently, our scan engines now utilize advanced machine learning, heuristics and generics to identify and block malicious code from infiltrating networks and executing on devices. They are available within our Anti-malware SDKs, and our ICAP Proxy Security Solution.


Within any Avira scan engine lies an intelligent detection system. It leverages code anomalies and structure analysis, supported by advanced machine learning systems. This approach enables our scan engines to deliver performance that can exceed other engines, cover a greater spectrum of malware than classic signatures, and all while achieving some the industry’s lowest false positive rate.

This advanced design ensures Avira scan engines deliver performance and detection; they start faster and operate in less memory space than competing solutions. 


Threat intelligence and scan engines

World-class threat intelligence is at the core of any detection system, and lies at the heart of the Avira scan engine technology. No matter what form malware takes, no matter where it is found, outbreaks can be identified by the Avira global sensor network. As we protect our technology partners and our customers we see the threats they see. We take this data, and within the Avira Protection Cloud, develop it into valuable threat intelligence using sophisticated file and behavior analysis engines and NightVisionTM AI.

Our scan engines and virtual machines consume this intelligence in the form of machine learning models, heuristics and generics.  


Detecting the undetectable

On local scan engines, our MicroVisionTM and AndroidVisionTM machine learning systems apply powerful analytical rules to develop a risk profile for unknown files. They help protect the device from previously unseen malware.

For online environments – in clients, network devices (e.g. firewalls and gateways), and cloud security services - our scan engines benefit from the cloud computing power of the Avira Protection Cloud. Within this cloud security service,  our NightVisionTM AI uses machine learning to identify and protect against completely new and emerging forms of malicious code.



Not every network or system can share suspicious files with a cloud security service (such as the Avira Protection Cloud) for analysis. Client devices may not be connected to the internet, or files may contain highly private or classified information. In these cases, the scan engine can be deployed in offline mode, yet still benefit from regular system updates from the Avira Protection Cloud. 


Advanced features

Avira anti-malware SDKs form a flexible chassis into which elements such as the Avira scan engine fit. Other advanced features can include (depending on the SDK), quarantine & remediation, an enhanced firewall that adds application layer filtering, and behavioral analysis to help detect plymorphic and Zero-day cyberthreats.


False Positive Detection

False positives are a fact of life when you are looking to prevent new and emerging malware. The more efficiently they are controlled, the less disruptive they are to business. Avira's unique False Positive Control ensures exceptional false positive detections are identified in real-time and are prevented from impacting the performance of security systems. It is a no-cost option that can be enabled within many of Avira’s scan engine implementations, including the ICAP Proxy Security system.


AI and machine learning

Machine learning on the endpoint and in the cloud is one of the core technologies we use to protect people in the connected world.

Learn more

Avira Protection Cloud

At the heart of Avira's anti-malware and threat intelligence systems lies the Avira Protection Cloud.

Learn more

Avira scan technology

Find out how Avira’s scan engines utilize  advanced machine learning, heuristics and generics. 

Learn more

Data protection 

Understanding how to protect customer data, and build a licensing model is an important part of a technology partnership.

Learn more


Avira’s Insights Blog

News, views and insights from Avira experts on current issues in the cyber-security industry.

Let's have a chat about how we can offer you a tailored solution...

Build your own security systems with our anti-malware SDKs, and enhance your threat intelligence.

Contact us