Risk
12/13/2012
08:21 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

ALU's Kindsight Introduces New Mobile Security Features, Expands Protection

Kindsight Mobile Security alerts subscribers when mobile malware is detected in the network and shows them which infected apps to remove

MOUNTAIN VIEW, CALIF. – December 12, 2012 – Kindsight, a network-based security company, today released new features for Kindsight Mobile Security to expand the protection mobile operators can offer their subscribers. Mobile operators can now alert users of suspicious apps that would be missed by device-only security apps, block infected devices from communicating with attackers’ command-and-control (C&C) servers, and help the subscriber locate missing phones and remotely lock or wipe data from stolen phones. Kindsight Mobile Security continues to be the only mobile security solution for consumers that combines network-based and device-based security for complete protection.

“There’s a lack of consumer understanding of mobile device vulnerabilities and threats,” said Jeff Wilson, principal analyst, security at Infonetics. “By deploying early threat detection in their networks and complimentary security apps on mobile devices, mobile operators can offer a complete mobile security solution to their subscribers and differentiate themselves from their competition.”

Building upon the existing network-based malware detection capabilities of the Kindsight Network Intrusion Detection System (NIDS-8800), Kindsight Mobile Security uses sophisticated techniques to infer the malicious apps that have infected the device by comparing activity detected in the network with suspicious apps on the device. When mobile malware is detected in the network, subscribers are not only alerted but also shown which infected apps to remove. This powerful functionality protects subscribers against new mobile malware before device-only security apps.

The Kindsight NIDS sensor can also block infected devices from communicating with C&C servers while deployed offline, preventing hackers from stealing data on mobile devices or launching other attacks. This blocking capability can also be configured to put infected devices into a walled garden or prevent them from accessing the network.

The Kindsight Mobile Security app has also been expanded to offer anti-theft features including:

Find and Locate Phone – If a subscriber loses their phone, they can log in to their service provider’s website to find its location. The webpage provides a snapshot of the phone’s whereabouts and the subscriber can also sound an alarm to locate the device. Remote Lock and Wipe – Today’s mobile devices contain personal and sensitive information: photos, contacts, messages, etc. The Kindsight Mobile Security app now enables users to lock the device by setting a new passcode or wipe personal data when their phone is stolen or lost.

“Our mobile security solution is unique because it combines network-based detection and alerting capabilities with a mobile security app to detect more malware sooner which enables mobile operators to provide a truly differentiated service to consumers,” said Brendan Ziolo, vice president, marketing at Kindsight. “With these new features, our mobile security offering allows our mobile operator partners to provide a level of protection that is unsurpassed on the market today.

Mobile operators can deploy the white-labeled Kindsight Mobile Security solution to launch new value-added services to their subscribers under their own brand. These services can be offered for a monthly fee to generate new revenue or by using a freemium model where some functionality is offered for free and the subscriber can upgrade to the premium features for a fee. Since mobile operators are the only providers who can combine network-based and device-based security, by working with Kindsight they can offer a strongly differentiated offering to their subscribers as compared to off-the-shelf, device-only mobile security solutions.

To learn more about Kindsight Mobile Security, please visit: http://www.kindsight.net/serviceprovider/protecting-mobile-subscribers

View Kindsight’s latest security data: http://www.kindsight.net/securitylabs

Stay up-to-date on Kindsight with the company blog: http://www.kindsight.net/blog

Follow Kindsight on Twitter: http://www.twitter.com/Kindsight

About Kindsight

Kindsight, a majority-owned subsidiary of Alcatel-Lucent, offers network-based security products that are deployed by Internet service providers and mobile network operators to detect threats, send alerts, block infected devices and protect subscribers. Backed by the expertise of Kindsight Security Labs, the Kindsight Security Analytics solution analyzes Internet traffic for malware and pinpoints infected devices to identify risks and take action. To generate revenue and increase brand loyalty, the white-labeled Kindsight Security Services enable operators to launch differentiated, value-added services that combine network-based and device-based security for complete protection. Visit www.kindsight.net for more information.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1556
Published: 2014-09-12
Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to photo/photo_one.php.

CVE-2014-2008
Published: 2014-09-12
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.

CVE-2014-2009
Published: 2014-09-12
The mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to obtain credentials, the installation path, and other sensitive information via a direct request to api/curllog.log.

CVE-2014-4735
Published: 2014-09-12
Cross-site scripting (XSS) vulnerability in MyWebSQL 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the table parameter to index.php.

CVE-2014-5259
Published: 2014-09-12
Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
CISO Insider: An Interview with James Christiansen, Vice President, Information Risk Management, Office of the CISO, Accuvant