Detect and Control Risky Apps
Have a complete view of how apps in your environment behave and have complete control when they don’t.
Mobile Defense protects devices against malicious code (such as xCodeGhost and iBackDoor) embedded in apps. Organizations need protection from cybercriminals who will take advantage of mobile users by targeting popular apps. For example, Proofpoint researchers recently discovered an infected (backdoored) Android app version of the mobile game Pokémon GO. Easy-to-read summaries show you the risk and reputation of all installed apps; you choose how to respond through a connected MDM.
With Mobile Defense, you can detect malicious apps that have traversed the app store vetting and have been published in public app stores. You can even detect apps that have passed app store reviews but have added malicious capabilities through updates and background downloads. We also help detect hidden privacy issues. These include apps that don’t provide privacy policies and those that use third-party code libraries that quietly send data to other countries.
Mobile Defense even protects against riskware—apps that aren’t overtly malicious but still pose compliance, data-loss, and privacy risks. These apps have usually made it through app store views and often run rampant in bring-your-own-device (BYOD) settings.
See Where Apps Are Sending Your Data: Mobile Defense provides visibility into what apps in your environment are doing and where potentially sensitive information is going.
Get Superior App Intelligence
Mobile Defense looks beyond individual apps for a complete view into the broader mobile threat landscape.
It starts by analyzing each mobile application’s code, behavior, and dynamic operating attributes. The powerful analysis engine checks over 1,000 malicious and privacy-leaking behaviors. The engine has sandboxed more than 20 million free and paid iOS and Android apps and assessed the reputation of more than 1 million app publishers. We also check publisher reputation, factoring in the historical risk of other apps from the same publisher.
From there, we examine how and where the app is communicating with the outside world—websites, servers, and third-party cloud services. Utilizing our global threat intelligence database, we correlate that traffic with a historical global database of malicious sites, servers, and command-and-control (C&C) networks. We flag and quarantine apps that connect to sites that host phishing or steal credentials, botnets or with servers hosted by cyber criminals.
Detect and Protect Against Wi-Fi Attacks
Catch Wi-Fi attacks and protect users against them with our optional client app for iOS and Android. Mobile Defense will analyze external Wi-Fi networks to reveal attacks and risky configurations. These include man-in-the-middle attacks, SSL-stripping attacks, and content manipulation.
When someone connects to a risky or compromised Wi-Fi network, Mobile Defense will alert the user and system administrators.
Detect Device Anomalies and Threats
The client app for iOS and Android detects device anomalies such as abnormal CPU usage, unknown configuration profiles, and file system tampering that may indicate zero-day threats. The app also looks for side-loaded and enterprise-signed apps which do not exist in app stores.
Automate Controls and Workflows
Gain full visibility and control for Android and iOS devices in enterprise environments.
The Mobile Defense Enterprise Console presents at-a-glance visibility into mobile threats in your environment. You see the overall enterprise app risk, which apps are malicious and risky, and where the apps are sending and receiving data. You can set thresholds for risky app behavior and restrict specific activity.
And through API level integrations, you can sync with your MDM and EMM tools for continuous, automated protection. Easily enforce mobile policy, notify users and security teams about mobile threats, and quarantine affected devices.
Protect User Privacy
Mobile Defense offers several levels of control to help you comply with a wide range of worker privacy laws and workplace rules. You can configure Mobile Defense with the following privacy modes:
Full Transparency: report all apps and which users’ devices they’re on
Anonymized Apps: report apps anonymously, not linked to specific users
Total Privacy: does not report individual apps—only whether an app on an employee’s device exceeds a policy threshold
Total Privacy mode is patent-pending. The technology leaves enterprises fully protected without revealing what apps are on employees’ devices. MDM app inventory can even be turned off.