Skycure, an emerging mobile security vendor, has unveiled new threat detection software that it says monitors network traffic to address suspicious behavior on user devices and prevent cybercriminals from stealing passwords or carrying out other attacks.
The Tel Aviv, Israel-based security firm said its software uses sensors to monitor device and wireless network activity and will trigger an alert if a user has connected to a rogue Wi-Fi access point or is being actively targeted by a man-in-the-middle attack. The software supports Apple iOS devices and can safeguard against iPhones being automatically connected to access points by carriers.
Skycure co-founders Adi Sharabani and Yair Amit, who previously led the IT security research teams at IBM and Watchfire, started the company to protect mobile devices from Internet threats, prevent devices from carrying out attacks against the corporate intranet and block activity that could result in sensitive data exposure.
In June, the researchers released information about a weakness in some iPhones that enabled AT&T, Vodafone and other carriers to frequently force the devices to connect to any Wi-Fi network identified as "attwifi." The configuration was put in place to boost performance in areas with poor cellular data signals, but Skycure researchers and other security experts said it opens up an avenue for a cybercriminal to snoop and steal on device owners.
"It's one of a number of issues that mobile security vendors are not yet adequately addressing," said Rick Doten, chief information security officer at Digital Management Inc., a Bethesda, Md.-based mobility solutions provider and Skycure partner that does a lot of public sector work. "Skycure fills a gap that no one is really looking at, which is middle and side channel attacks on the network."
Skycure's newly unveiled mobile firewall requires software to run on the device, a cloud component to manage policies and VPN support, and a data collection component to keep track of information on malicious Wi-Fi hotspots. Skycure said the software does not impede device performance or impact battery usage. The firm said once its behavioral analysis spots suspicious activity, it alerts users to a potential problem.
IT staff is alerted for more sophisticated attacks. The software also integrates with most mobile device management platforms. The company's cloud-based component will also block users from accessing access points that have been identified as being malicious.
Systems integrators told CRN that mobile security has become a growing topic of discussion with clients, who are dealing with employees using more than just a standard laptop to connect to corporate resources. Android malware and data loss as a result of lost or stolen devices are top concerns, said Monte Robertson, president of Denver-based Software Security Solutions. Robertson told CRN that his firm is in the process of evaluating mobile security platforms to sell to clients.
"We're about a month away from rolling out a mobile managed platform with layers built into it for mobile device security management," Robertson said.
Skycure, which was founded in May of 2012, will go up against some mobile device management (MDM) vendors. Atlanta-based Mobile Active Defense sells a mobile security platform that does firewalling and intrusion prevention and can automate certificate authentication and VPN functionality, Doten said. Gartner notes that the market for MDM platforms will likely consolidate.
"There's no doubt there will be consolidation with MDM," said Digital Management's Doten. "Eventually, five years or so from now, we'll see a lot of large players involved in not only managing all corporate assets but configuring and securing them in one place without the need of multiple point solutions."
PUBLISHED OCT. 17, 2013