Risk
12/13/2012
08:21 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ALU's Kindsight Introduces New Mobile Security Features, Expands Protection

Kindsight Mobile Security alerts subscribers when mobile malware is detected in the network and shows them which infected apps to remove

MOUNTAIN VIEW, CALIF. – December 12, 2012 – Kindsight, a network-based security company, today released new features for Kindsight Mobile Security to expand the protection mobile operators can offer their subscribers. Mobile operators can now alert users of suspicious apps that would be missed by device-only security apps, block infected devices from communicating with attackers’ command-and-control (C&C) servers, and help the subscriber locate missing phones and remotely lock or wipe data from stolen phones. Kindsight Mobile Security continues to be the only mobile security solution for consumers that combines network-based and device-based security for complete protection.

“There’s a lack of consumer understanding of mobile device vulnerabilities and threats,” said Jeff Wilson, principal analyst, security at Infonetics. “By deploying early threat detection in their networks and complimentary security apps on mobile devices, mobile operators can offer a complete mobile security solution to their subscribers and differentiate themselves from their competition.”

Building upon the existing network-based malware detection capabilities of the Kindsight Network Intrusion Detection System (NIDS-8800), Kindsight Mobile Security uses sophisticated techniques to infer the malicious apps that have infected the device by comparing activity detected in the network with suspicious apps on the device. When mobile malware is detected in the network, subscribers are not only alerted but also shown which infected apps to remove. This powerful functionality protects subscribers against new mobile malware before device-only security apps.

The Kindsight NIDS sensor can also block infected devices from communicating with C&C servers while deployed offline, preventing hackers from stealing data on mobile devices or launching other attacks. This blocking capability can also be configured to put infected devices into a walled garden or prevent them from accessing the network.

The Kindsight Mobile Security app has also been expanded to offer anti-theft features including:

Find and Locate Phone – If a subscriber loses their phone, they can log in to their service provider’s website to find its location. The webpage provides a snapshot of the phone’s whereabouts and the subscriber can also sound an alarm to locate the device. Remote Lock and Wipe – Today’s mobile devices contain personal and sensitive information: photos, contacts, messages, etc. The Kindsight Mobile Security app now enables users to lock the device by setting a new passcode or wipe personal data when their phone is stolen or lost.

“Our mobile security solution is unique because it combines network-based detection and alerting capabilities with a mobile security app to detect more malware sooner which enables mobile operators to provide a truly differentiated service to consumers,” said Brendan Ziolo, vice president, marketing at Kindsight. “With these new features, our mobile security offering allows our mobile operator partners to provide a level of protection that is unsurpassed on the market today.

Mobile operators can deploy the white-labeled Kindsight Mobile Security solution to launch new value-added services to their subscribers under their own brand. These services can be offered for a monthly fee to generate new revenue or by using a freemium model where some functionality is offered for free and the subscriber can upgrade to the premium features for a fee. Since mobile operators are the only providers who can combine network-based and device-based security, by working with Kindsight they can offer a strongly differentiated offering to their subscribers as compared to off-the-shelf, device-only mobile security solutions.

To learn more about Kindsight Mobile Security, please visit: http://www.kindsight.net/serviceprovider/protecting-mobile-subscribers

View Kindsight’s latest security data: http://www.kindsight.net/securitylabs

Stay up-to-date on Kindsight with the company blog: http://www.kindsight.net/blog

Follow Kindsight on Twitter: http://www.twitter.com/Kindsight

About Kindsight

Kindsight, a majority-owned subsidiary of Alcatel-Lucent, offers network-based security products that are deployed by Internet service providers and mobile network operators to detect threats, send alerts, block infected devices and protect subscribers. Backed by the expertise of Kindsight Security Labs, the Kindsight Security Analytics solution analyzes Internet traffic for malware and pinpoints infected devices to identify risks and take action. To generate revenue and increase brand loyalty, the white-labeled Kindsight Security Services enable operators to launch differentiated, value-added services that combine network-based and device-based security for complete protection. Visit www.kindsight.net for more information.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1421
Published: 2014-11-25
mountall 1.54, as used in Ubuntu 14.10, does not properly handle the umask when using the mount utility, which allows local users to bypass intended access restrictions via unspecified vectors.

CVE-2014-3605
Published: 2014-11-25
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6407. Reason: This candidate is a reservation duplicate of CVE-2014-6407. Notes: All CVE users should reference CVE-2014-6407 instead of this candidate. All references and descriptions in this candidate have been removed to pre...

CVE-2014-6093
Published: 2014-11-25
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 7.0.x before 7.0.0.2 CF29, 8.0.x through 8.0.0.1 CF14, and 8.5.x before 8.5.0 CF02 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-6196
Published: 2014-11-25
Cross-site scripting (XSS) vulnerability in IBM Web Experience Factory (WEF) 6.1.5 through 8.5.0.1, as used in WebSphere Dashboard Framework (WDF) and Lotus Widget Factory (LWF), allows remote attackers to inject arbitrary web script or HTML by leveraging a Dojo builder error in an unspecified WebSp...

CVE-2014-7247
Published: 2014-11-25
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?