Sophos in android doesn't have a proper on install scan methodology. It should scan each and every app regardless of user choice, as soon as it is installed in the device no matter from which source, whether or not it was installed by user or installed automatically. I installed an apk using Google Files app, and Sophos didn't scan the app immediately at all. When I install from other file manager apps or any other app, it asks me if I want to open the apk with Sophos scanner. It shouldn't ask me and rather scan it after install automatically and immediately without needing any confirmation from user. Malicious programs like Pegasus that installs itself automatically in the background, would certainly get through the defenses of Sophos in android, if this methodology of scanning is continued.
The scheduled scanner isn't enough as , it gives away a long period of time to a virus to act before it is scanned,detected and removed.
This thread was automatically locked due to age.