Cybereason Extends Endpoint Protection With Mobile Offering
Cybereason Mobile and Cybereason Mobile MDR provide better protection against threats like phishing than mobile device management tools, which are typically more focused on setting policy than actual defense, Roi Carmel says.
Cybereason has expanded its prevention, detection and response capabilities from traditional endpoints to mobile devices to allow customers to combat threats from a single console.
The Boston-based endpoint security vendor said Cybereason Mobile and Cybereason Mobile MDR provide much more robust protection against mobile-centric threats like phishing than existing mobile device management (MDM) or mobile application management (MAM) tools, which are typically more focused on setting policy than actual defense, according to Chief Product Officer Roi Carmel.
“The threat landscape has been there for a long long time,” Carmel told CRN. “We actually know for a fact that mobiles are exploited every single day.”
Vendors have for too long approached mobile security in a siloed manner even though threat actors can easily leverage user credentials to move from a breached mobile device to a traditional endpoint like a workstation or server, Carmel said. In order to have visibility across the entire enterprise, Carmel said the conversation about threat data needs to extend beyond traditional endpoint devices.
For instance, Carmel said about 60 percent of emails in the world are read on mobile devices, meaning that users are exposed to phishing more on their mobile devices than anywhere else. And once a link is clicked on an email and a malicious payload is downloaded onto the device, Carmel said the adversary can take control of the device and listen to phone calls, views emails and texts, and steal credentials.
Cybereason Mobile deploys a sensor on mobile or point of sale devices to detect information and send it back to the company’s cross-correlation engine, allowing inferences to be drawn on the back end, according to Carmel. The company is looking to integrate and develop more sensors in point of sale and operational technology (OT) environment to drop more information back into its data lakes, Carmel said.
Meanwhile, Carmel said Cybereason Mobile MDR is a fully managed tool that provide around the clock monitoring and robust incident response capabilities for customers and partners lacking the skillset or manpower to support this through their own SOC (Security Operations Center). In fact, Carmel said Cybereason can even help with deploying the sensors on employees’ mobile devices.
Cybereason Mobile and Cybereason Mobile MDR cost slightly more than the equivalent offerings for traditional endpoints, Carmel said. That’s because the company incurs a little more cost carrying out deployments and investigations on mobile devices since Cybereason need to look at information on the device and combine it with the data from traditional endpoints, according to Carmel.
Partners looking to add more value around Cybereason Mobile should provide their customers with around-the-clock monitoring as well as health checks that include mobile devices, Carmel said. An early access program for Cybereason Mobile run for the last few months, and the Cybereason has been told that analysts like having the data integrated into their regular workflow rather than in a separate flow.
“This is the first step of going beyond the endpoint,” Carmel said. “You're going to see us extend beyond mobile and go into other types of endpoints or other types of data sources as well.”
Mobile device in the past didn’t need as much protection since their capabilities were limited and not much data was stored on them, according to Matt Berry, principal solutions architect for global security at World Wide Technology (WWT).
But now that mobile devices are almost replacing traditional endpoints, Berry said he’s excited to see Cybereason bring traditional endpoint technology into protecting smartphones and tablets. Providing a uniform platform across may disparate types of devices can help close security gaps and expedite mitigation without forcing clients to have multiple teams managing different tools.
“There’s a trend to unify the management of many different endpoints under a single pane of glass,” Berry told CRN. “Not many endpoint security solutions are also able to deploy their technology onto mobile.”
Many customers are being asked to do more with less resources, and often have teams made up of generalists who are responsible for many things spread across a variety of different security domains, Berry said. Cybereason Mobile MDR helps organizations alleviate training and staffing issues, freeing up customer personnel to address other issues in the organization.
“Companies are doing to be hard-pressed to add experts who can hunt for threats and respond to them,” Berry said. “The Cybereason tool is very easy to use for people who are generalists without having to dumb down the product.”