Tech-shield is a complete package providing quick and a portable security surveillance solution, a home assistant with activity recognition capability. This includes easily attachable and variable number of cameras, on site storage of feed and an application to manage and monitor all the services.
Mobile Threats and Trends Changing Mobile App SecurityDevOps.com
Deploying your high-value mobile app to untrusted environments such as consumer mobile devices can be a risky proposition. Are some of your customers’ devices compromised? Do your users also download apps from untrusted sources? Is there malware residing on their devices that target apps such as yours?
Despite your best efforts to code secure apps, assess their security posture, and remediate any identified vulnerabilities – it’s not quite enough in today’s mobile threat landscape. Safeguarding mobile apps during runtime and empowering them to protect themselves in hostile environments is becoming a necessity in the face of ever-evolving mobile attack tactics and techniques.
During this webinar, we will:
Discuss today’s mobile app threat landscape
Explain how changing distribution models (e.g., Fortnite for Android) affect your app’s security
Illustrate the potential financial impact of mobile threats on a business’s bottom line
Demonstrate mobile overlay and other attacks
Reveal how mobile apps can protect themselves against these attacks with app shielding and runtime protection
Upwardly Mobile: Looking at Evolving Cybercrime Tactics in Mobile MalwarePriyanka Aash
This session will cover two key trends in mobile malware observed over the past 12 months and explore the evolution in fraud-linked mobile malware where criminals are developing credential theft tools that attempt to duplicate the successes of Windows malware in modifying victim interactions with targeted services. Also a look at mobile ransomware variants becoming more numerous and damaging.
(Source: RSA USA 2016-San Francisco)
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7Rapid7
The Internet of Fails - Where IoT (the Internet of Things) has gone wrong and how we’re making it right. By Mark Stanislav @mstanislav, Senior Security Consultant, Rapid7
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7
This whitepaper details research conducted by Rapid7, which reveals that around 40-50 million network-enabled devices are at risk due to vulnerabilities found in the Universal Plug and Play (UPnP) protocol. UPnP enables devices such as routers, printers, network-attached storage (NAS), media players and smart TVs to communicate with each other. The paper investigates how three groups of security flaws relating to the UPnP protocol are exposing millions of users to attacks that could lead to a remote compromise of the vulnerable device.
Tech-shield is a complete package providing quick and a portable security surveillance solution, a home assistant with activity recognition capability. This includes easily attachable and variable number of cameras, on site storage of feed and an application to manage and monitor all the services.
Mobile Threats and Trends Changing Mobile App SecurityDevOps.com
Deploying your high-value mobile app to untrusted environments such as consumer mobile devices can be a risky proposition. Are some of your customers’ devices compromised? Do your users also download apps from untrusted sources? Is there malware residing on their devices that target apps such as yours?
Despite your best efforts to code secure apps, assess their security posture, and remediate any identified vulnerabilities – it’s not quite enough in today’s mobile threat landscape. Safeguarding mobile apps during runtime and empowering them to protect themselves in hostile environments is becoming a necessity in the face of ever-evolving mobile attack tactics and techniques.
During this webinar, we will:
Discuss today’s mobile app threat landscape
Explain how changing distribution models (e.g., Fortnite for Android) affect your app’s security
Illustrate the potential financial impact of mobile threats on a business’s bottom line
Demonstrate mobile overlay and other attacks
Reveal how mobile apps can protect themselves against these attacks with app shielding and runtime protection
Upwardly Mobile: Looking at Evolving Cybercrime Tactics in Mobile MalwarePriyanka Aash
This session will cover two key trends in mobile malware observed over the past 12 months and explore the evolution in fraud-linked mobile malware where criminals are developing credential theft tools that attempt to duplicate the successes of Windows malware in modifying victim interactions with targeted services. Also a look at mobile ransomware variants becoming more numerous and damaging.
(Source: RSA USA 2016-San Francisco)
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7Rapid7
The Internet of Fails - Where IoT (the Internet of Things) has gone wrong and how we’re making it right. By Mark Stanislav @mstanislav, Senior Security Consultant, Rapid7
Rapid7 Report: Security Flaws in Universal Plug and Play: Unplug, Don't Play.Rapid7
This whitepaper details research conducted by Rapid7, which reveals that around 40-50 million network-enabled devices are at risk due to vulnerabilities found in the Universal Plug and Play (UPnP) protocol. UPnP enables devices such as routers, printers, network-attached storage (NAS), media players and smart TVs to communicate with each other. The paper investigates how three groups of security flaws relating to the UPnP protocol are exposing millions of users to attacks that could lead to a remote compromise of the vulnerable device.
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)Ron Munitz
My session at AnDevCon, May 2014, Boston, MA
In the cloud era, most software projects have shifted from asking "What hardware architecture should be chosen for my back-end?" to "Which cloud configuration should be used for my back-end?" Bringing up a cloud server has become an obvious choice for any Linux or Windows-based deployment. As Android emerges as the new Embedded Linux for a growing number of industries, it only makes sense to consider its cloud application as a server.
In this class, we will discuss why and how Android can be brought on the cloud system, and on any cloud infrastructure, using AWS (Amazon Web Services) as an example.
LEVEL: Intermediate
AUDIENCE: Developer Essentials
For Training/Consulting requests: info@thepscg.com
My session in Wearable DevCon 2014, Burlingame, CA
[Note: now the conference is called "Wearable Tech Con" ]
The session gives an introduction to using the Java Native Interface (JNI) in Java, and in particular in the Android Platform. The session then covers the use of the Native Development Kit (NDK) for developing Android applications.
Mobile Enterprise Application PlatformNugroho Gito
mobile enterprise application, mobile application development, mobile enterprise, hybrid mobile, mobile security, reverse engineer, obfuscation, ibm, mobilefirst platform, bluemix, api management, mobile backend as a service
Meet Remaiten : Malware Builds Botnet on Linux based routers and potentially ...APNIC
Meet Remaiten : Malware Builds Botnet on Linux based routers and potentially other (IoT) devices by Afifa Abbas.
A presentation given at APNIC 42's FIRST TC Security Session (2) session on Wednesday, 5 October 2016.
A Large-Scale Empirical Study on the Effects of Code Obfuscations on Android ...Mahmoud Hammad
The Android platform has been the dominant mobile platform in recent years resulting in millions of apps and security threats against those apps. Anti-malware products aim to protect smartphone users from these threats, especially from malicious apps. However, malware authors use code obfuscation on their apps to evade detection by anti-malware products. To assess the effects of code obfuscation on Android apps and anti-malware products, we have conducted a large-scale empirical study that evaluates the effectiveness of the top anti-malware products against various obfuscation tools and strategies. To that end, we have obfuscated 3,000 benign apps and 3,000 malicious apps and generated 73,362 obfuscated apps using 29 obfuscation strategies from 7 open-source, academic, and commercial obfuscation tools. The findings of our study indicate that (1) code obfuscation significantly impacts Android anti-malware products; (2) the majority of anti-malware products are severely impacted by even trivial obfuscations; (3) in general, combined obfuscation strategies do not successfully evade anti-malware products more than individual strategies; (4) the detection of anti-malware products depend not only on the applied obfuscation strategy but also on the leveraged obfuscation tool; (5) anti-malware products are slow to adopt signatures of malicious apps; and (6) code obfuscation often results in changes to an app’s semantic behaviors.
APIsecure 2023 - Enhancing API Security with Runtime Secrets & Attestation, T...apidays
APIsecure 2023 - The world's first and only API security conference
March 14 & 15, 2023
Enhancing API Security with Runtime Secrets & Attestation
Ted Miracco, Chief Executive Officer at Approov Mobile Security
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Covered in this webinar:
- Overview of Perfecto
- Walkthrough of the Perfecto Automation IDE
- Understanding script basics
- Validations
- Script building, execution and results
- Q&A
By the end of this webinar, you'll be setting up your automation in no time!
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...Shakacon
Communication protocols are core to computing devices. They have evolved from the traditional Serial and LAN ports to complex (and lightweight) protocols of today, such as Bluetooth Low Energy (BLE), ANT+, ZigBee, etc.
Bluetooth Low Energy (BLE) is a popular protocol of choice for low energy, low performance computing systems. While versions of the BLE specification prior to 4.2 allowed simple key mechanisms to encrypt the communication between connected nodes, the more recent specification of BLE (4.2) provides better channel encryption via the Secure Simple Pairing (SSP) mode to protect data against snooping and man-in-the-middle style attacks. These protocols are used extensively by wearables such as smart watches and activity trackers.
Most wearables work in conjunction with a companion mobile application running on a platform that supports BLE with the aforementioned security mechanisms. We looked at Android and iOS for our study. We observe that there are fundamental assumptions (leading security limitations) in the adoption of the BLE security specifications on these two platforms. Relying on the standard BLE APIs for Android and iOS may be insufficient and may even project a false sense of security. It is critical to understand the degree of security that the BLE specifications can offer, and clearly separate that from the developers’ responsibility to design application level security in order to assure confidentiality and integrity of data being transmitted between a wearable device and its companion application.
Secure Development of Android App sometimes requires the use of third party libraries and external frameworks, often expensive or hard to quickly update if vulnerable.The Android SDK and Google Play Services provide security features and services, that allows a developer to take advantage of security enhancements in order to increase the security level of an application.The talk, starting from real common threats, will show how some of these features can be used into the different versions of Android, until the newest Nougat, to mitigate security risks that could afflict a mobile application.
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker IdentityCA API Management
Understanding how emerging standards like OAuth and OpenID Connect impact federation
Federation is a critical technology for reconciling user identity across Web applications. Now that users consume the same data through cloud and mobile, federation infrastructure must adapt to enable these new channels while maintaining security and providing a consistent user experience.
This webinar will examine the differences between identity federation across Web, cloud and mobile, look at API specific use cases and explore the impact of emerging federation standards.
You Will Learn
Best practices for federating identity across mobile and cloud
How emerging identity federation standards will impact your infrastructure
How to implement an identity-centric API security and management infrastructure
Presenters
Ehud Amiri
Director, Product Management, CA Technologies
Francois Lascelles
Chief Architect, Layer 7
This presentation will demonstrate a complete end-to-end analysis of an Android bot. This will include the decompilation and static analysis of bot code and the dynamic analysis of the bot’s behavior in a controlled sandboxed environment. The session will provide details of the lab environment and tools used for the analysis.
(Source: RSA USA 2016-San Francisco)
Improving Mobile Authentication for Public Safety and First RespondersPriyanka Aash
In this session, experts from the National Cybersecurity Center of Excellence (NCCoE) at NIST will discuss the challenge of mobile native application authentication for public safety personnel and demo a reference design developed by the NCCoE and industry experts.
Learning Objectives:
1: Learn about mobile authentication challenges including security and usability.
2: Discover standards and best practice that address the challenges discussed.
3: Obtain a reference design that use commercially available technology.
(Source: RSA Conference USA 2018)
Building android for the Cloud: Android as a Server (AnDevConBoston 2014)Ron Munitz
My session at AnDevCon, May 2014, Boston, MA
In the cloud era, most software projects have shifted from asking "What hardware architecture should be chosen for my back-end?" to "Which cloud configuration should be used for my back-end?" Bringing up a cloud server has become an obvious choice for any Linux or Windows-based deployment. As Android emerges as the new Embedded Linux for a growing number of industries, it only makes sense to consider its cloud application as a server.
In this class, we will discuss why and how Android can be brought on the cloud system, and on any cloud infrastructure, using AWS (Amazon Web Services) as an example.
LEVEL: Intermediate
AUDIENCE: Developer Essentials
For Training/Consulting requests: info@thepscg.com
My session in Wearable DevCon 2014, Burlingame, CA
[Note: now the conference is called "Wearable Tech Con" ]
The session gives an introduction to using the Java Native Interface (JNI) in Java, and in particular in the Android Platform. The session then covers the use of the Native Development Kit (NDK) for developing Android applications.
Mobile Enterprise Application PlatformNugroho Gito
mobile enterprise application, mobile application development, mobile enterprise, hybrid mobile, mobile security, reverse engineer, obfuscation, ibm, mobilefirst platform, bluemix, api management, mobile backend as a service
Meet Remaiten : Malware Builds Botnet on Linux based routers and potentially ...APNIC
Meet Remaiten : Malware Builds Botnet on Linux based routers and potentially other (IoT) devices by Afifa Abbas.
A presentation given at APNIC 42's FIRST TC Security Session (2) session on Wednesday, 5 October 2016.
A Large-Scale Empirical Study on the Effects of Code Obfuscations on Android ...Mahmoud Hammad
The Android platform has been the dominant mobile platform in recent years resulting in millions of apps and security threats against those apps. Anti-malware products aim to protect smartphone users from these threats, especially from malicious apps. However, malware authors use code obfuscation on their apps to evade detection by anti-malware products. To assess the effects of code obfuscation on Android apps and anti-malware products, we have conducted a large-scale empirical study that evaluates the effectiveness of the top anti-malware products against various obfuscation tools and strategies. To that end, we have obfuscated 3,000 benign apps and 3,000 malicious apps and generated 73,362 obfuscated apps using 29 obfuscation strategies from 7 open-source, academic, and commercial obfuscation tools. The findings of our study indicate that (1) code obfuscation significantly impacts Android anti-malware products; (2) the majority of anti-malware products are severely impacted by even trivial obfuscations; (3) in general, combined obfuscation strategies do not successfully evade anti-malware products more than individual strategies; (4) the detection of anti-malware products depend not only on the applied obfuscation strategy but also on the leveraged obfuscation tool; (5) anti-malware products are slow to adopt signatures of malicious apps; and (6) code obfuscation often results in changes to an app’s semantic behaviors.
APIsecure 2023 - Enhancing API Security with Runtime Secrets & Attestation, T...apidays
APIsecure 2023 - The world's first and only API security conference
March 14 & 15, 2023
Enhancing API Security with Runtime Secrets & Attestation
Ted Miracco, Chief Executive Officer at Approov Mobile Security
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Covered in this webinar:
- Overview of Perfecto
- Walkthrough of the Perfecto Automation IDE
- Understanding script basics
- Validations
- Script building, execution and results
- Q&A
By the end of this webinar, you'll be setting up your automation in no time!
When Encryption is Not Enough...Sumanth Naropanth, Chandra Prakash Gopalaiah ...Shakacon
Communication protocols are core to computing devices. They have evolved from the traditional Serial and LAN ports to complex (and lightweight) protocols of today, such as Bluetooth Low Energy (BLE), ANT+, ZigBee, etc.
Bluetooth Low Energy (BLE) is a popular protocol of choice for low energy, low performance computing systems. While versions of the BLE specification prior to 4.2 allowed simple key mechanisms to encrypt the communication between connected nodes, the more recent specification of BLE (4.2) provides better channel encryption via the Secure Simple Pairing (SSP) mode to protect data against snooping and man-in-the-middle style attacks. These protocols are used extensively by wearables such as smart watches and activity trackers.
Most wearables work in conjunction with a companion mobile application running on a platform that supports BLE with the aforementioned security mechanisms. We looked at Android and iOS for our study. We observe that there are fundamental assumptions (leading security limitations) in the adoption of the BLE security specifications on these two platforms. Relying on the standard BLE APIs for Android and iOS may be insufficient and may even project a false sense of security. It is critical to understand the degree of security that the BLE specifications can offer, and clearly separate that from the developers’ responsibility to design application level security in order to assure confidentiality and integrity of data being transmitted between a wearable device and its companion application.
Secure Development of Android App sometimes requires the use of third party libraries and external frameworks, often expensive or hard to quickly update if vulnerable.The Android SDK and Google Play Services provide security features and services, that allows a developer to take advantage of security enhancements in order to increase the security level of an application.The talk, starting from real common threats, will show how some of these features can be used into the different versions of Android, until the newest Nougat, to mitigate security risks that could afflict a mobile application.
Federation Evolved: How Cloud, Mobile & APIs Change the Way We Broker IdentityCA API Management
Understanding how emerging standards like OAuth and OpenID Connect impact federation
Federation is a critical technology for reconciling user identity across Web applications. Now that users consume the same data through cloud and mobile, federation infrastructure must adapt to enable these new channels while maintaining security and providing a consistent user experience.
This webinar will examine the differences between identity federation across Web, cloud and mobile, look at API specific use cases and explore the impact of emerging federation standards.
You Will Learn
Best practices for federating identity across mobile and cloud
How emerging identity federation standards will impact your infrastructure
How to implement an identity-centric API security and management infrastructure
Presenters
Ehud Amiri
Director, Product Management, CA Technologies
Francois Lascelles
Chief Architect, Layer 7
This presentation will demonstrate a complete end-to-end analysis of an Android bot. This will include the decompilation and static analysis of bot code and the dynamic analysis of the bot’s behavior in a controlled sandboxed environment. The session will provide details of the lab environment and tools used for the analysis.
(Source: RSA USA 2016-San Francisco)
Improving Mobile Authentication for Public Safety and First RespondersPriyanka Aash
In this session, experts from the National Cybersecurity Center of Excellence (NCCoE) at NIST will discuss the challenge of mobile native application authentication for public safety personnel and demo a reference design developed by the NCCoE and industry experts.
Learning Objectives:
1: Learn about mobile authentication challenges including security and usability.
2: Discover standards and best practice that address the challenges discussed.
3: Obtain a reference design that use commercially available technology.
(Source: RSA Conference USA 2018)
Securing and automating your application infrastructure meetup 23112021 blior mazor
Stay safe, grab your favorite food and join us virtually for our upcoming "Securing and Automating your application infrastructure" meetup to hear about the vast changes modern application deployment, application security in containers, ways to find vulnerabilities in your code and how to protect your application infrastructure.
apidays LIVE LONDON - Architecting Scalable Software Platforms for IoT Applic...apidays
apidays LIVE LONDON - The Road to Embedded Finance, Banking and Insurance with APIs
Architecting Scalable Software Platforms for IoT Applications
Pooja Subramanian, Office Technology Principal at ThoughtWorks Technologies & Archanaa Ravikumar, Lead Engineer at BCG Digital Ventures
This session will provide a high-level overview of all of the tools and SDKs offered to Android developers via the Qualcomm Developer Network. Covered topics include Qualcomm® Adreno™ graphics profiler, Qualcomm® Snapdragon™ LLVM compiler, Trepn™ power profiler, Qualcomm® MARE parallelization library, Adreno SDK, AllJoyn™ software framework, Qualcomm®Vuforia™ SDK and more.
Watch this presentation on YouTube: https://www.youtube.com/watch?v=ItrzdkBmRJQ
Learn more about Android Tools for Snapdragon processors at Qualcomm Developer Network: https://developer.qualcomm.com/
1. 1
F r o n t D o o r A c c e s s
to Pwning hundreds of Millions of Androids
Avi Bashan
Pavel Berengoltz
CERTIFIGATE
2. 2
AG
EN
DA
• Mobile Threats and Research Motivation
• Mobile Remote Support Tools Overview
• Pwning Mobile Remote Support Tools
• Conclusions
• Q & A
3. 3
ABOUT US
PAVEL BERENGOLTZ
̶ Decade of experience researching and working in the security space
̶ Former Director of Research @Lacoon Mobile Security
̶ Mobile Threat Detection Group Manager Manager @Check Point
AVI BASHAN
̶ Security researcher for over a decade in the PC and mobile areas
̶ Former CISO & Security Researcher @Lacoon
̶ Security Technology Leader @Check Point
MAJOR CONTRIBUTORS
̶ Daniel Brodie
̶ Andrey Polkovnichenko
̶ Denis Voznyuk
4. 4
• Used by malicious threat actors
• Provides unauthorized and stealth access to mobile devices
• Known mRATs
MOBILE REMOTE ACCESS TROJAN (mRAT)
11. 11
ANDROID PERMISSION MODEL 101
ANDROID IS A MODERN OS
• Sandboxing features
• Permission based access
̶ Must be obtained to access a resource
̶ User can view upon app installation
̶ ‘Take it or leave it’ approach
12. 12
SOME PERMISSIONS are considered “privileged”
Permissions Action
INSTALL_PACKAGES App installation
READ_FRAME_BUFFER
ACCESS_SURFACE_FLINGER
Screen access
INJECT_EVENTS User Input Control
GRANTED ONLY TO PRIVILEGED SYSTEMS APPS
ROM Pre-installed apps located under /system/priv-app
OR
Apps signed with the OEM’s certificate
ANDROID PERMISSION MODEL 101
13. 13
mRST PERMISSIONS
• Access Internet
• Get device network info
• Query installed app list
• Access to device storage
• Install apps
• Capture screen
• User input control
PRIVILEGED PERMISSIONS
15. 15
mRST ARCHITECTURE
MAIN APP
Signed by mRST
developer
Regular permissions
Network
connection
User interface
PLUGIN
Signed by OEM
privileged
permissions
Exported service
No user interaction
Binder
Verification
Mechanism?
16. 16
What do we know?
• Plugin signed by the OEM
• Obtained from Google Play ; Pre-Installed
• Designed to communicate with other apps
• VALIDATION CODE IS RE-INVENTED BY EACH VENDOR!
19. 19
mRST PLUGIN
VERIFICATION
• A plugin is an exported service
• Any app can connect to the plugin over Binder (IPC)
• Plugin needs to verify the requesting app’s identity
20. 20
WHERE’S WALDO?
Extract the requesting app’s
certificate serial number and
compare it
Set an hardcoded serial number
21. 21
RFC 2459
Internet X.509 Public Key Infrastructure
4.1.2.2 Serial number
The serial number is an integer assigned
by the CA to each certificate. It MUST be
unique for each certificate issued by a
given CA (i.e., the issuer name and
serial number identify a unique
certificate)
27. RSUPPORT OVERVIEW
• Samsung & LG flagship devices has the plugin pre-installed
̶ LG G4, G3, G2 and G Pro 2
̶ Samsung Galaxy S5 and S4 (Some ROMs)
• Invisible to user (no launcher icon)
• Cannot be uninstalled
28. 28
RSUPPORT CODE OVERVIEW
The plugin compares the connecting app’s certificate hash
code to a hardcoded hash code
Get the certificate hashCode
29. 29
Try to compare it to a
few hash codes,
if it’s equal - continue
RSUPPORT CODE OVERVIEW (Cont.)
30. 30
HASHCODE?
• But wait, what is the Signature’s hashCode?
MD5? SHA1? SHA256? CRC32???
Android is open source,
so we can just see it’s implementation
33. 33
WHAT
ELSE?
• We found multiple vulnerable plugins
• We didn’t check them all
Left as an exercise for the reader
• Verification flaw is not limited to mRSTs
• Certificates cannot be revoked
35. 35
COMMUNITAKE
One of the commands can modify
the subdomain of the CnC server
<xxx>.communitake.com
The subdomain can be altered without
requiring authentication
The app does not sanitize the subdomain
properly
Enables the addition of the '/' character to the
subdomain -
www.evil.com/.communitake.com
Main app allows changing settings by SMS
36. • An attacker can send a
command which changes the
CnC server to a malicious
CNC server
• Enabling them to take full
control of the device with a
single SMS message without
user intervention!
COMMUNITAKE VULNERABILITY
38. 38
VULNERABILITIES DISCLOSURE TIMELINE
MID APRIL
Reported to
Vendors, OEMs,
Google
AUGUST
Still waiting for
some vendors
responses..
MID APRIL – MAY
Got responses
from most of the
vendors, which
started to work
on resolving the
issues
MAY – JUNE
New version of
the plugins were
uploaded to the
Play Store
39. 39
CONCLUSION
Android’s eco-system is flawed
• Google delegated the responsibility to the OEMs
and carriers
• No way to patch it
Hundred of millions of Android
devices are vulnerable
40. 40
SO WHAT
SHOULD I DO?
• Check if you device is on the list of vulnerable OEMs
Can be found in our blog post
• Check if you have one of the plugins installed
Remove it (If you can)
41. 41
A LAYERED MOBILE SECURITY APPROACH
VULNERABILITY
ASSESSMENT
• System, OEM and 3rd party apps,
and plugins
• Continues monitoring
THREAT
DETECTION
• Horizontal escalation from 3rd party apps
RISK
MITIGATION
• Alert user to remove vulnerable plugins
• Track patching progress