Advanced mobile protection through the AlienApp for MobileIron

April 13, 2021 | Ziv Hagbi

Companies of all sizes need clear and cohesive security visibility over every aspect of their organization. As data and assets are trending to mobile, it’s critical to be equipped with the right tools to gain insights on mobile devices and users on the endpoints and mitigate threats whenever needed.

Collecting threat data from mobile devices and discovering mobile assets on the network is a core requirement to help detect malicious activity. USM Anywhere makes the ability to detect malicious activities on mobile devices a reality by incorporating mobile assets and threat data into the platform for easier management and threat detection. The biggest benefit is that it enables companies to act automatically on those threats, which is crucial for the success of security teams who are in charge of protecting the overall organization.

Knowing the importance of threat detection and response for mobile devices, AT&T has teamed up with MobileIron (recently acquired by Ivanti) to introduce the newest Advanced AlienApp for MobileIron Threat Defense. This Advanced AlienApp also introduces the first Mobile Asset Discovery capabilities for the USM Anywhere platform.

mobile asset discover screen

This collaboration between USM Anywhere and MobileIron provides near real-time threat detection and response, asset discovery, auditing, reporting, User Behavior Analytics (UBA) enrichment, and more. The Advanced AlienApp for MobileIron Threat Defense enables security teams to view threats through the power of MobileIron Threat Defense and the power to mitigate those threats in the same place using MobileIron Cloud’s Unified Endpoint Management solution.

USM Anywhere with the Advanced AlienApp for MobileIron Threat Defense also enables security teams to orchestrate actions that help streamline incident responses and provide even deeper visibility into the assets on the company’s network.

MobileIron AlienApp

MobileIron Threat Defense

Mobile devices are now the number one source of personal data consumption, and this pattern has extended to the workplace, especially in light of the COVID-19 pandemic. The ability to access all company data from mobile devices virtually anywhere and anytime is a doubled-edged sword. That’s because cybercriminals are increasingly targeting mobile devices as the means to infiltrate an organization’s most valuable assets.

MobileIron Threat Defense helps to detect and mitigate attacks on Android & iOS mobile devices. And all this happens in one place: at the endpoint level, providing protection against attacks on applications, the network, and the device, as well as social engineering attempts such as phishing.

  • MobileIron Threat Defense provides detection for mobile devices even if they are offline.
  • Built in protection means users don’t have to take any action
  • Remediation happens automatically, helping to protect against malicious applications on subscribed devices.
  • MobileIron Threat Defense has the power to defend against known and unknown threats.
  • MobileIron Threat Defense can be added as an option to MobileIron Cloud’s Unified Endpoint Management solution
  • MobileIron Blue is a unique bundle of the MobileIron Cloud ____ bundle plus MobileIron Threat Defense

How USM Anywhere, AT&T Alien Labs & MobileIron Threat Defense take threat detection and response to the next level

The true icing on the cake is the collaboration among USM Anywhere, AT&T Alien Labs, and MobileIron Threat Defense. USM Anywhere acts as a single pane of glass that displays all the threats detected by MobileIron Threat Defense, so customers can have full visibility over all their mobile assets in one place.

Once the Advanced AlienApp for MobileIron Threat Defense is configured, USM Anywhere can pull data on threats detected on mobile devices. Incorporating the knowledge and expertise of AT&T Alien Labs and the AT&T Alien Labs Open Threat Exchange®, information on the threats is enriched to provide more information about the threats to the users’ devices. The Advanced AlienApp can also collect mobile device details and add them into USM Anywhere for asset life cycle, improving traceability and management. Moreover, it has an algorithm to identify potential duplicate assets, simplifying the user experience.

MobileIron Threat Defense

Mobile Threat Defense additional  info

In addition to visibility, USM Anywhere utilizes the MobileIron Cloud orchestration engine so analysts can conduct actions to investigate threats more deeply and mitigate them using USM Anywhere automatically and/or manually – providing a one-stop-shop for mobile detection and protection.  

select action in MobileIron

The Advanced AlienApp for MobileIron Threat Defense enriches USM Anywhere’s UBA engine

USM Anywhere pulls user records from MobileIron Threat Defense and ingests them into its UBA engine for enrichment. Combining that with a robust response engine allows analysts to take various actions at the user and device level, such as grouping associated users or devices, pulling existing policy for users or devices, pushing different policies, and associating users with mobile assets. In addition, the app allows customers to mitigate threats on the mobile device directly from USM Anywhere, including wiping or locking devices, resetting passwords and more.

Try out these new AlienApps

AlienApps are included for all USM Anywhere customers at no extra charge. Try USM Anywhere by starting a free 14-Day Trial of USM Anywhere today and see how AlienApps can help your organization work more efficiently and reduce the time between threat detection and response.

Ziv Hagbi

About the Author: Ziv Hagbi

Ziv Hagbi is a lead product manager, responsible for USM Anywhere integration portfolio in AT&T Cybersecurity. Previously, Ziv played several roles within AT&T, including Software Automation, Architecture and Product Management. And was also a pre-sale engineer at Starhome-Mach. He holds a BA degree in Management and Law from the Open University of Israel.

Read more posts from Ziv Hagbi ›

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via email

RSS

Get price Free trial