Risk
12/13/2012
08:21 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

ALU's Kindsight Introduces New Mobile Security Features, Expands Protection

Kindsight Mobile Security alerts subscribers when mobile malware is detected in the network and shows them which infected apps to remove

MOUNTAIN VIEW, CALIF. – December 12, 2012 – Kindsight, a network-based security company, today released new features for Kindsight Mobile Security to expand the protection mobile operators can offer their subscribers. Mobile operators can now alert users of suspicious apps that would be missed by device-only security apps, block infected devices from communicating with attackers’ command-and-control (C&C) servers, and help the subscriber locate missing phones and remotely lock or wipe data from stolen phones. Kindsight Mobile Security continues to be the only mobile security solution for consumers that combines network-based and device-based security for complete protection.

“There’s a lack of consumer understanding of mobile device vulnerabilities and threats,” said Jeff Wilson, principal analyst, security at Infonetics. “By deploying early threat detection in their networks and complimentary security apps on mobile devices, mobile operators can offer a complete mobile security solution to their subscribers and differentiate themselves from their competition.”

Building upon the existing network-based malware detection capabilities of the Kindsight Network Intrusion Detection System (NIDS-8800), Kindsight Mobile Security uses sophisticated techniques to infer the malicious apps that have infected the device by comparing activity detected in the network with suspicious apps on the device. When mobile malware is detected in the network, subscribers are not only alerted but also shown which infected apps to remove. This powerful functionality protects subscribers against new mobile malware before device-only security apps.

The Kindsight NIDS sensor can also block infected devices from communicating with C&C servers while deployed offline, preventing hackers from stealing data on mobile devices or launching other attacks. This blocking capability can also be configured to put infected devices into a walled garden or prevent them from accessing the network.

The Kindsight Mobile Security app has also been expanded to offer anti-theft features including:

Find and Locate Phone – If a subscriber loses their phone, they can log in to their service provider’s website to find its location. The webpage provides a snapshot of the phone’s whereabouts and the subscriber can also sound an alarm to locate the device. Remote Lock and Wipe – Today’s mobile devices contain personal and sensitive information: photos, contacts, messages, etc. The Kindsight Mobile Security app now enables users to lock the device by setting a new passcode or wipe personal data when their phone is stolen or lost.

“Our mobile security solution is unique because it combines network-based detection and alerting capabilities with a mobile security app to detect more malware sooner which enables mobile operators to provide a truly differentiated service to consumers,” said Brendan Ziolo, vice president, marketing at Kindsight. “With these new features, our mobile security offering allows our mobile operator partners to provide a level of protection that is unsurpassed on the market today.

Mobile operators can deploy the white-labeled Kindsight Mobile Security solution to launch new value-added services to their subscribers under their own brand. These services can be offered for a monthly fee to generate new revenue or by using a freemium model where some functionality is offered for free and the subscriber can upgrade to the premium features for a fee. Since mobile operators are the only providers who can combine network-based and device-based security, by working with Kindsight they can offer a strongly differentiated offering to their subscribers as compared to off-the-shelf, device-only mobile security solutions.

To learn more about Kindsight Mobile Security, please visit: http://www.kindsight.net/serviceprovider/protecting-mobile-subscribers

View Kindsight’s latest security data: http://www.kindsight.net/securitylabs

Stay up-to-date on Kindsight with the company blog: http://www.kindsight.net/blog

Follow Kindsight on Twitter: http://www.twitter.com/Kindsight

About Kindsight

Kindsight, a majority-owned subsidiary of Alcatel-Lucent, offers network-based security products that are deployed by Internet service providers and mobile network operators to detect threats, send alerts, block infected devices and protect subscribers. Backed by the expertise of Kindsight Security Labs, the Kindsight Security Analytics solution analyzes Internet traffic for malware and pinpoints infected devices to identify risks and take action. To generate revenue and increase brand loyalty, the white-labeled Kindsight Security Services enable operators to launch differentiated, value-added services that combine network-based and device-based security for complete protection. Visit www.kindsight.net for more information.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6278
Published: 2014-09-30
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and m...

CVE-2014-6805
Published: 2014-09-30
The weibo (aka magic.weibo) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6806
Published: 2014-09-30
The Thanodi - Setswana Translator (aka com.thanodi.thanodi) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6807
Published: 2014-09-30
The OLA School (aka com.conduit.app_00f9890a4f0145f2aae9d714e20b273a.app) application 1.2.7.132 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

CVE-2014-6808
Published: 2014-09-30
The Active 24 (aka com.zentity.app.active24) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.