Risk
12/5/2012
10:40 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Mocana Rolls Out New Capabilities For Mobile App Protection (MAP)

Latest release of Mocana MAP introduces a host of new app-wrapping security policies

SAN FRANCISCO, California, December 4, 2012 –Mocana, the leader in mobile app and smart device security, today announced release of the latest version of its Mobile App Protection&trade (MAP) software, which features enhanced security for Android devices, advanced authentication and remediation capabilities and overall greater flexibility in meeting the security requirements of business at scale across the landscape of enterprise applications. Mocana also announced that the company won the prestigious "Vendor to Watch" award at the M3 Mobility xChange conference, held last month in San Diego.

"The biggest obstacle to enterprise mobility is not device management, it's applying enterprise grade application security in a timely manner to meet the business objectives of the organization," said Mike Siegel, VP Products at Mocana. "MAP accelerates mobile app deployment by separating app security from app development, which simplifies operational complexities and addresses security in a scalable way. It's simply not practical to expect app developers to meet the best-in-class or varying security policies of each enterprise."

This latest release of Mocana MAP introduces a host of new app-wrapping security policies:

· Enhanced security for Android – Rooting (aka "jailbreak") detection and per-application VPN support on Android (in addition to iOS).

· Enhanced authentication and remediation options – Extended and enhanced user authentication options through complex per-app passcodes, passcode expiration, failed authentication lock-out and help-desk assisted passcode reset. Addition of customizable end user acceptance agreements.

· Greater flexibility in establishing application security baselines – Allows IT to individualize security as needed for user groups and data sensitivity by enabling organizations to "toggle" true FIPS 140-2 encryption on or off.

· Secure data sharing between individually wrapped apps – Enables secured applications to pass data between themselves, fully encrypted, on the same handset.

· Time-based access control policies – Creates a time-limited access window to the application for employees or contractors.

"Mocana was the standout vendor at the M3 Mobility xChange conference, and MAP is a refreshing take on mobile application security that uniquely addresses the cost, complexity and time-to-market problems that would otherwise create a bottleneck in enterprise mobile application deployments," said Rodney Johnson, Head of Mobile Practice - Channels for CapGemini and M3 Mobility xChange Advisory Board Member. "Mocana clearly solves a pressing business issue recognized by the senior IT executives at the conference, as they overwhelmingly selected Mocana for the 'Vendor to Watch' award."

MAP's application wrapping technology enables enterprises and developers to quickly secure applications without any rewrites, simplifying large-scale app deployments in today's complex and expanding multi-platform BYOD environments. MAP offers market-critical security features to protect company information such as per-application VPN capabilities and FIPS 140-2 encryption both on iOS or Android. While many alternative approaches require modification of the application source code, Mocana eliminates this risky and complicated step by securing mobile applications in seconds without access to source code. The result is a Self-Defending App&trade that provides data protection and IT control for enterprise apps on both managed and unmanaged devices.

Organizations can establish flexible and unique security policies for different combinations of apps and users, and use MAP to establish scalable and certifiable processes for making mobile apps operational. MAP makes it easier and faster for lines of business to adopt mobile applications that can positively impact business operations and results. Homegrown mobile apps as well as those developed by third parties can be secured with best-in-class cryptography and robust security policies designed to pass even the most stringent of compliance standards. At the same time, Mocana MAP is largely invisible to end-users; apps work as they did before MAP was applied.

Availability and Pricing

MAP is available now on subscription or perpetual license basis. Contact sales@mocana.com for pricing information or a quote.

About M3 Mobility xChange

The second annual M3 Mobility xChange is a hosted event that focuses on three key verticals – healthcare, finance and retail – and addresses how mobility strategy is a critical business driver for enterprise organizations in each industry. M3 targets wireless initiatives for each vertical and covers best practices, trends, issues and solutions that can apply horizontally across all enterprise organizations.

About Mocana

Launched in 2004 and recognized by the World Economic Forum as a 2012 Technology Pioneer, Mocana provides the only device-independent security platform that secures all aspects of mobile and smart connected devices, as well as the apps and services that run on them. Mocana's solutions dramatically increase confidence and compliance for the enterprise, OEMs, service providers and their customers. Millions of people use products sold by the more than 200 companies that rely on Mocana's solutions, including Cisco, Honeywell, Dell GE and General Dynamics, as well as four of the top five Android handset makers. For more information, visit www.mocana.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.