Managed Mobile Threat Defense

Two levels of protection for continuous mobile threat monitoring, analysis, and response. 

=

Standard

Our Standard Mobile Threat Defense service provides a baseline of protection and assurance that your mobile devices will be secured against common threats and attack vectors.

A

Advanced

Our Advanced Mobile Threat Defense service is specifically for high risk users whose breach would cause the organization serious harm. This service provides everything available in the standard level plus much more. 

Mobile Threat Defense – The Missing Piece of Your Security Strategy

Corporate infrastructures have been venturing into the BYOD (Bring Your Own Device) world for years often without knowing it. Conditional restrictions are often not in place to prevent access to corporate data reposited in email, SharePoint, calendaring, corporate contacts, and other applications. And even in cases where conditional restrictions may exist, the usage of mobile threat defense software may not be present or utilized on the device.

Contrastingly companies will often stringently secure their corporate laptops and desktops with MDR solutions, SIEM agents, and vulnerability management solutions. The difference in approaches to BYOD devices versus corporate-managed devices is troubling because BYOD devices can often access the same confidential data but without similar safeguards. With the recent string of major vulnerabilities discovered in both the Android and Apple iOS ecosystems, it’s becoming more apparent that any device that can access corporate data is a potential avenue for attack.

Mobile Threat Defense from Cybriant Provides Protection from the Following Common Avenues of Attacks:

App Vulnerabilities

Just like your laptop/desktop computer your mobile (phone or tablet) device runs software that must be updated regularly. This includes apps running on the phone which may have vulnerabilities exploited by potential attackers or phishers to install malware or gain control of the mobile device data. This problem is compounded when apps request and are granted elevated privileges on the mobile device. For example, “This app would like to have access to your contacts” could be a target for phishers.

User Granted Privileges

This follows App Vulnerabilities namely because most users do not read software EULAs or take time to comprehend the privileges requested by an app. Furthermore, most app developers will request greater privileges than necessary to ensure ease of deployment and to avoid needing to require the user to agree to privilege escalation in the future due to an app update. The elevated User Granted Privileges are a ticking timebomb for vulnerable phone operating systems and apps.

Sideloaded Applications

Any app that is installed on a mobile device in a manner other than via the official App/Play store for the device is considered to be a Sideloaded Application. Sideloaded applications are typically not vetted by the official Apple/Google antivirus measures in their stores. So, users will install the “free” version of an app to avoid paying a fee to Apple/Google. It is common for the “free” software to have malicious code or device profiles/SSL certificates coupled with the software to harvest user data, banking credentials, personal pictures and messages, or your corporate data. Sideloaded Applications will commonly take advantage of the User Granted Privileges and App Vulnerabilities to gain access to data that was considered to be “secured.”

Malicious Device Profiles/SSL Certificates

Malicious Devices Profiles and SSL Certificates are commonly utilized to conduct Man in The Middle (MiTM) attacks on any cryptographically secured data leaving the mobile device. This combined with the fact that it is common for mobile application developers to not implement mobile SSL correctly in their applications is a common way for an attacker to harvest usernames/passwords as well as sensitive data.

Rogue Networks

Attackers can set up wireless access points and give them the same name as a legitimate network. For example, an executive of your organization likes to drink coffee and read the news on his phone at Starbucks. An attacker could set up a wireless access point with the same wireless name SSID as Starbucks. To make matters worse, they could require the executive (without their understanding) to install a “Starbuck” device profile “to ensure the security and privacy of Starbucks customers.” At that point, all data could be routed and decrypted via the MiTM attack that occurred on the executive’s phone.

Managed Mobile Threat Defense Offerings

Standard Service

Cybriant’s Standard Mobile Threat Defense (MTD) service is an affordable way to protect the majority of your workforce, contractors, and BYOD users.  It provides a baseline of protection and assurance that your mobile devices will be secured against common threats and attack vectors.  An exhaustive list of elements is available upon request. 

Standard Level Benefits

With MTD – Standard,  organizations are able to provide mobile protection for their general employee population, BYOD users, and/or any user with non-administrative access to infrastructure or computer operations for the organization.

To qualify for MTD – Standard we require that you have an MDM in place or utilize an MDM provided by Cybriant. 

Standard Level Offering Includes:

  • Reporting
  • Assisted End User Remediation
  • Policy Creation and Assisted Deployment
  • Threat Escalations
  • Mobile Advisory and Recommendations

Enhancements Available Include: 

  • Malicious App Sandboxing and Detailed Analysis
  • App Penetration Testing
  • Leaky App Analysis

Advanced Service

Cybriant’s Advanced Mobile Threat Defense service is specifically for high risk users whose breach would cause the organization serious harm. AI-based analysis is utilized to understand and profile the user’s actions, and raise alarms when the user’s devices behaves in a nonstandard manner. Additionally, Netflow traffic as well as SSL inspection is performed for deep traffic analysis to discover data exfiltration to Command and Control infrastructures and other malicious entities.

Advanced Level Benefits

MTD-Advanced will help protect high-risk users including C-Level Executives, financial representatives who can authorize/make money transfers, any user with superuser/Administrator level credentials in corporate infrastructure, or any other high-risk employee. 

To qualify for MTD – Advanced we require that you have an MDM in place or utilize an MDM provided by Cybriant plus have a defined Plan of Action in conjunction with Cybriant to secure devices. 

Advanced Level Offering Includes: 

  • Standard Service +
  • AI-Based Advanced Threat and Traffic Analysis
  • Deep App Inspection and Analysis
  • Malicious App Sandboxing and Detailed Analysis*

* Total number of apps sandboxed per month is based on total Advanced Offering devices being managed

Enhancements Available Include: 

  • Additional Malicious App Sandboxing and Detailed Analysis
  • App Penetration Testing
  • Leaky App Analysis

Learn More About Mobile Threat Defense from Cybriant

Get The Latest Cyber News In Your Inbox

Cyber news and threat updates from our cybersecurity experts.

You have Successfully Subscribed!

Read more cybriant reviews

You have Successfully Subscribed!