Anti-Virus check on Azure Login

OAK 6 Reputation points

When a user is logging into the Corporate domain is there a way to check if the users device is running the corporate Anti-Virus 3rd party app we use internally. The Condiiton we are looking to achieve is that if the user is not using a corporate device which has the Anti-Virus installed we would get an alert that a staff member has logged in from a device not running the corporate 3rd party AV.
Situations might be they are using their home computer or a public computer/laptop and logging into Azure Corp Ad and we want to either log and alert or block this.

Is this possible using some kind of Conditional Access or another solution?


Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,812 questions
{count} vote

1 answer

Sort by: Most helpful
  1. SubhashSharma-MSFT 666 Reputation points Microsoft Employee

    Hi @OAK ,

    Thank you for reaching out. Based on the requirement you can create a conditional access policy and using filters like deviceOwnership, trustType, etc you can choose to allow or block access based on device properties mentioned in below documentation.
    Conditional Access: Filter for devices

    Please note that at present when implementing conditional access policy there is no condition to check the presence of anti-virus and cannot be used to determine access.
    I hope this answers your query.


    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments No comments