Improve BYOD security by validating at every login that mobile apps do not contain malicious code and meet security and privacy compliance standards
Integrate with existing MDM solutions to protect sensitive data by detecting and blocking zero-day threats residing in managed and/or personal apps
Make risk-based decisions on which mobile apps from the Google Play and Apple App Store end users install on BYOD (bring your own device) or COPE (corporate-owned personally-enabled) devices
“We are at a time when privacy is hard to come by, with more and more people using apps for business, networking, shopping and more, it means a lot of your information is being collected and shared without your knowledge or permission. Along with security, privacy is paramount, Q-scout provides a level of visibility into what’s really happening in [end user] device[s] that, to date, nobody else can provide.”
Suresh Batchu, Co-Founder, Former CTO MobileIron
Benefits of mobile security that make you smile
Block malicious, or colluding, apps that attempt to exfiltrate data from mobile devices in order to prevent costly breaches for your organization
Make risk-based business decisions about which mobile devices can access enterprise data & systems based on real-world intelligence
Know your app security intelligence solution delivers the industry’s most comprehensive insights, even for the latest OS versions, in minutes
Q-scout found ByteDance’s TikTok asks for twice as much data than the average social media app and is one of the most invasive apps, among others, in the analysis.
Q-Scout capabilities | Personal Device Management (PDM) | App Intelligence for MDM |
---|---|---|
Easy enrollment & administration | ✓ | ✓ |
Vetted, managed apps via enterprise app store | ✓ | ✓ |
Personal app analysis | ✓ | ✓ |
Policies based on a collection of personal apps and where they send data | ✓ | ✓ |
Checks for malicious app behavior profiling in managed & personal apps | ✓ | ✓ |
Does not access personal information or data | ✓ | ✓ |
Supports compliance with HIPAA, GDPR, OWASP, and NIAP data privacy standards | ✓ | ✓ |
Device analysis | ✓ | via MDM |
Policies based on real-world context of device configurations and system settings | ✓ | via MDM |
Revokes access to corporate systems & data | ✓* | via MDM |
Blocks phishing attempts | ✓ | via MDM |
Filters network traffic to block risky nations and ad networks | ✓ | via MDM |
*with identity provider (IDP) integration
BYOD Guidelines – Quokka (then Kryptowire) participated in creating the NIST Special Publication 1800-22 and its insights and technologies were part of the example solutions used in the guide under the Cooperative Research and Development Agreement
COPE Guidelines – Quokka (then Kryptowire) participated in creating the NIST Special Publication 1800-21 and its insights and technologies were part of the example solutions used in the guide under the Cooperative Research and Development Agreement
Quokka (then Kryptowire) contributed automated analysis using proprietary mobile app vetting infrastructure
Mobile security has historically been underfunded – Quokka can cost-effectively reduce mobile risks.
Enable your mobile workforce with the peace of mind they’re using vetted enterprise apps on secure devices, all while protecting their privacy
70% of successful data breaches originate at endpoint devices[2]
Provide your customers with apps vetted for security, with the services they need to protect their mobile fleets from zero-day exploits
100% mobile fleet coverage, with or without an MDM
Rely on the industry’s only proprietary, defense-grade app scanning engines that uncover more security, privacy, and malicious behavior findings than any other app testing tool
External code fetches, websites visits, network traffic
Hard coded keys, Weak hash, Insecure web-views, permission usage analysis
RASP & TLS friendly dynamic analysis
Covers crypto best practices, dynamic code, inter-component and inter-app communication, tapjacking, PII leaks, input validation, tracking, webview weaknesses, and many more.
Code/Data Sharing Detection (App Collusion)
In-app purchase vulnerability, unprotected permission exploit
Exploitable inter-app communication vulnerabilities:
Advanced SBOM:
Malicious code that runs only after app runs for a long time
Remote Command & Control to give access to app, device or files
Read sensitive PIl data like device location and send over network
Copyright © 2024, Quokka. All rights reserved.