In an era where digital threats are increasingly sophisticated, the Cyber Security Agency of Singapore (CSA) has once again updated its list of recommended security apps for users to safeguard their devices from cyberattacks. The revised list, announced on January 20, 2025, highlights six top apps that can be used on Android and iOS devices, designed to protect against malware, phishing attacks, and other cyber threats.
This initiative follows the CSA’s first launch of the list in September 2023. After reviewing and testing 18 unique apps, the agency has carefully selected those that best meet the stringent criteria for security and performance. According to CSA, these apps were evaluated using the same rigorous tests conducted by third-party cybersecurity firms like AV Test and AV Comparatives.
The list includes both free and subscription-based apps, with some requiring users to pay for premium features. For Android users, recommended apps include Avast Antivirus & Security, AVG Antivirus & Security, Norton360 Antivirus & Security, and Sophos Intercept X for Mobile. iOS users have two additional options, F-Secure Mobile Security and ZoneAlarm Mobile Security, which have been optimized for Apple’s ecosystem.
A major focus of CSA’s evaluation process was malware detection. The tested apps were assessed based on their ability to detect a wide range of malware, including spyware and dropper programs—malicious software designed to deliver further threats to the device. CSA emphasized the importance of these security apps in identifying disguised threats before they could harm a user’s device.
However, the agency also noted that due to the strict security architecture on iOS devices, security apps cannot scan other apps on iOS for malware, making this functionality unavailable for iOS users. Despite this limitation, CSA remains confident that these apps offer strong protection for both platforms, including the ability to block phishing attempts.
Phishing detection was another critical category in the app review process. Phishing attacks are commonly used by cybercriminals to steal sensitive information, such as login credentials and financial data, by deceiving users into visiting fake websites. CSA tested how well the apps can detect and block phishing links in different environments, including browsers and in-app browsers. When users attempt to visit fraudulent websites, the apps immediately alert them, helping prevent potential identity theft and financial loss.
In addition to malware and phishing detection, CSA also tested the apps’ ability to detect network-based attacks. One such threat, Secure Sockets Layer (SSL) stripping, is a technique that cybercriminals use to intercept encrypted data. CSA evaluated how well the apps could identify such attacks, ensuring that users’ sensitive information, like banking details, remains secure during transmission.
A relatively new addition to the evaluation process is the assessment of device integrity. This test checks whether a security app can detect unauthorized modifications to the device’s operating system, such as rooting or jailbreaking. These modifications can grant cybercriminals privileged access to the device, leaving it vulnerable to attacks. Additionally, apps were evaluated on their ability to detect the absence of authentication measures like biometrics, which are crucial for device security.
For an app to make CSA’s list, it must score at least 50% in malware and phishing detection. Furthermore, it must pass at least one of the new categories—network detection or device integrity checks. This balanced approach ensures that the apps offer comprehensive protection for users, covering both the core areas of security and emerging threats.
As cybercriminals constantly evolve their tactics, CSA’s efforts to update its testing criteria reflect the agency’s commitment to providing the public with the most effective tools to defend against cybersecurity threats. The recommended apps are available for download from the Google Play Store and the Apple App Store, making them easily accessible for both Android and iOS users.
Mr. Chua Kuan Seah, the Deputy Chief Executive of CSA, emphasized that the list of security apps is a valuable resource for users looking to choose the right protection based on their needs and budget. He also mentioned that CSA will continue collaborating with industry professionals and developers to improve cybersecurity solutions and help users stay ahead of cybercriminals.
This updated list serves as a reminder of the importance of installing security apps in today’s digital landscape. As technology continues to advance, so too does the ingenuity of cybercriminals. By choosing trusted apps recommended by CSA, users can significantly reduce their risk of falling victim to malware and phishing attacks.
