Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Uncategorized

Cybereason Unveils New Mobile Device Security Offerings

Cybereason Mobile MDR gives enterprises a managed solution that will detect and prevent suspicious activity on mobile devices, while through Cybereason Mobile it provides access to a team of iOS and Android analysts, 24x7x365, for efficient discovery, triaging and mitigation of mobile incidents.

Cybereason Mobile MDR gives enterprises a managed solution that will detect and prevent suspicious activity on mobile devices, while through Cybereason Mobile it provides access to a team of iOS and Android analysts, 24x7x365, for efficient discovery, triaging and mitigation of mobile incidents.

Cybereason Mobile uses machine learning algorithms to generate a baseline of normal activity on mobile devices to immediately detect any abnormal or potentially malicious activity. A sensor deployed on all mobile devices detects relevant information and sends it to Cybereason’s cross-correlation engine from where inferences can be drawn on the mobile behavior and any necessary mitigation enforced.

With some estimates suggesting that 60% of all emails are now read on mobile devices, mobiles can no longer be considered as separate to classical enterprise security. Compromised mobile devices are not unusual. The compromise could come from phishing via the emails, or via a malicious app unwittingly installed by the user. Once compromised, all stored credentials are at risk — including access to the corporate network.

“Cybereason Mobile,” Cybereason’s Maor Franco told SecurityWeek, “can be configured to enforce preventative actions when a new threat is identified to stop the spread of malware across the enterprise, using mobile as a way into the network. In this case, mobile is even riskier. The attacker doesn’t require a back door in the network when using the infected mobile device to enter through the front door.”

This is not a mobile device management (MDM) product. Such systems have traditionally concentrated on separating corporate and personal activity on a mobile device rather than directly ensuring its security. While Cybereason Mobile can obviously be used on company-owned devices that prohibit personal usage, separating personal and company usage on a fully protected device becomes less of an issue. It can consequently also be used on personally owned devices.

This has been well received by users. “With the escalated threat landscape, the mobile security mindset — protecting both the corporate resources available on the device as well as the user personal information — is well received,” explained Franco. “Empowering the end-users to see what is being collected, the seamless deployment to any device, and a complete protection knowing privacy is well kept is well understood and appreciated.”

Examples of the mobile security features provided by Cybereason Mobile include the detection of any app controlled by attackers, whether through initiating suspicious connections to remote addresses, modifying legitimate app libraries or injecting foreign ones, re-signing applications to elevate privileges, or distributing spyware techniques. This includes, added Franco, “a legitimate mobile app that is used for another purpose than it was published for — which is considered an anomaly, such as ToTok.”

Cybereason Mobile will also detect any system tampering, such as an attacker’s removal of the security limitations put in place by the device manufacturer. It also detects any physical USB tampering. “Thanks to recent iOS and Android exploits that allow anyone with physical access to a device to permanently jailbreak or gain root access, visibility to USB connections is a critical capability for mobile solutions. Once exploited, attackers are able to perform an array of actions, from intercepting phone calls and network traffic to later obtaining the physical location of the device.”

Advertisement. Scroll to continue reading.

However, while Cybereason Mobile provides security to individual devices, it goes beyond just mobile security. Through integration with the wider cyber defense platform and use of Cybereason’s cross correlation engine, security teams can view anomalous mobile behavior in the full context of a wider attack scenario against the network.

A mobile device is as much an endpoint as a desktop computer, but the two have often been considered and treated as separate problems with separate solutions. By combining the Cybereason Mobile with the existing Cyber Defense Platform, this new Cybereason offering provides a single pane of glass for visibility into and security for both types of endpoint.

Boston, Mass-based Cybereason was founded in 2012 by Lior Div (CEO), Yonatan Amit (CTO), and Yossi Naar (CVO). It raised $200 million in a Series E funding round in August 2019, bringing the total funding raised to date to $388.6 million.

Related: Critical Bluetooth Vulnerability Exposes Android Devices to Attacks 

Related: Android’s February 2020 Update Patches Critical System Vulnerabilities 

Related: Lockheed Martin Invests in Threat Detection Firm Cybereason 

Related: Ignoring Mobile Security Doesn’t Make It Go Away 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Management & Strategy

Anna Tutt, CMO of Oort, shares her experiences and perspectives on how we can accelerate growth of women in cybersecurity.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Ransomware

A new CISA pilot program to warn critical infrastructure organizations if their systems are unpatched against vulnerabilities exploited in ransomware attacks.

Cybersecurity Funding

B2B payment security provider NsKnox raised $17 million in a new funding round that brings the total raised by the company to $35.6 million.

Cybersecurity Funding

Silk Security raised $12.5 million in seed funding and is on a mission to break down the silos between security and development with an...

Uncategorized

ICS Patch Tuesday: Siemens and Schneider Electric have published more than a dozen advisories addressing over 200 vulnerabilities.

Uncategorized

Exploitation of a critical vulnerability (CVE-2023-46747) in F5’s  BIG-IP product started less than five days after public disclosure and PoC exploit code was published.

Uncategorized

Thomas McCormick, aka fubar, an administrator of the Darkode hacking forum, has been sentenced to 18 months in prison.