Risk
12/13/2012
08:21 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ALU's Kindsight Introduces New Mobile Security Features, Expands Protection

Kindsight Mobile Security alerts subscribers when mobile malware is detected in the network and shows them which infected apps to remove

MOUNTAIN VIEW, CALIF. – December 12, 2012 – Kindsight, a network-based security company, today released new features for Kindsight Mobile Security to expand the protection mobile operators can offer their subscribers. Mobile operators can now alert users of suspicious apps that would be missed by device-only security apps, block infected devices from communicating with attackers’ command-and-control (C&C) servers, and help the subscriber locate missing phones and remotely lock or wipe data from stolen phones. Kindsight Mobile Security continues to be the only mobile security solution for consumers that combines network-based and device-based security for complete protection.

“There’s a lack of consumer understanding of mobile device vulnerabilities and threats,” said Jeff Wilson, principal analyst, security at Infonetics. “By deploying early threat detection in their networks and complimentary security apps on mobile devices, mobile operators can offer a complete mobile security solution to their subscribers and differentiate themselves from their competition.”

Building upon the existing network-based malware detection capabilities of the Kindsight Network Intrusion Detection System (NIDS-8800), Kindsight Mobile Security uses sophisticated techniques to infer the malicious apps that have infected the device by comparing activity detected in the network with suspicious apps on the device. When mobile malware is detected in the network, subscribers are not only alerted but also shown which infected apps to remove. This powerful functionality protects subscribers against new mobile malware before device-only security apps.

The Kindsight NIDS sensor can also block infected devices from communicating with C&C servers while deployed offline, preventing hackers from stealing data on mobile devices or launching other attacks. This blocking capability can also be configured to put infected devices into a walled garden or prevent them from accessing the network.

The Kindsight Mobile Security app has also been expanded to offer anti-theft features including:

Find and Locate Phone – If a subscriber loses their phone, they can log in to their service provider’s website to find its location. The webpage provides a snapshot of the phone’s whereabouts and the subscriber can also sound an alarm to locate the device. Remote Lock and Wipe – Today’s mobile devices contain personal and sensitive information: photos, contacts, messages, etc. The Kindsight Mobile Security app now enables users to lock the device by setting a new passcode or wipe personal data when their phone is stolen or lost.

“Our mobile security solution is unique because it combines network-based detection and alerting capabilities with a mobile security app to detect more malware sooner which enables mobile operators to provide a truly differentiated service to consumers,” said Brendan Ziolo, vice president, marketing at Kindsight. “With these new features, our mobile security offering allows our mobile operator partners to provide a level of protection that is unsurpassed on the market today.

Mobile operators can deploy the white-labeled Kindsight Mobile Security solution to launch new value-added services to their subscribers under their own brand. These services can be offered for a monthly fee to generate new revenue or by using a freemium model where some functionality is offered for free and the subscriber can upgrade to the premium features for a fee. Since mobile operators are the only providers who can combine network-based and device-based security, by working with Kindsight they can offer a strongly differentiated offering to their subscribers as compared to off-the-shelf, device-only mobile security solutions.

To learn more about Kindsight Mobile Security, please visit: http://www.kindsight.net/serviceprovider/protecting-mobile-subscribers

View Kindsight’s latest security data: http://www.kindsight.net/securitylabs

Stay up-to-date on Kindsight with the company blog: http://www.kindsight.net/blog

Follow Kindsight on Twitter: http://www.twitter.com/Kindsight

About Kindsight

Kindsight, a majority-owned subsidiary of Alcatel-Lucent, offers network-based security products that are deployed by Internet service providers and mobile network operators to detect threats, send alerts, block infected devices and protect subscribers. Backed by the expertise of Kindsight Security Labs, the Kindsight Security Analytics solution analyzes Internet traffic for malware and pinpoints infected devices to identify risks and take action. To generate revenue and increase brand loyalty, the white-labeled Kindsight Security Services enable operators to launch differentiated, value-added services that combine network-based and device-based security for complete protection. Visit www.kindsight.net for more information.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-4403
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.ph...

CVE-2012-2930
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an adduser action to admin/index.php or (2) conduct static PHP code injection attacks in .htusers...

CVE-2012-2932
Published: 2015-04-24
Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to inject arbitrary web script or HTML via the (1) selitems[] parameter in a copy, (2) chmod, or (3) arch action to admin/index.php or (4) searchitem parameter in a search action to admin/...

CVE-2012-5451
Published: 2015-04-24
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.

CVE-2015-0297
Published: 2015-04-24
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methos via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.