This blog was written by an independent guest blogger.
In order to secure data and protect against threats like ransomware, it’s critical to take a unified approach to endpoint security. To help security teams achieve this. Lookout and AT&T are expanding their partnership with the introduction of the Lookout AlienApp, which complements existing endpoint protection integrations in the USM Anywhere platform and helps to make the concept of true unified endpoint protection a reality.
The Lookout AlienApp expands on the USM Anywhere platform’s ability to integrate log events and alerts from best-in-class partners such as SentinelOne - extending those same capabilities available via a single pane of glass to protect employees’ mobile devices.
As remote work is now the norm for a large percentage of the workforce, visibility into threat activity targeting mobile devices and the insight it provides into an organization’s overall threat posture cannot be overstated.
Over half of all work-related activities are performed via mobile devices, yet these devices continue to be a major gap in many organizations’ security architecture. Cyberattacks rarely occur in a single event and typically involve more than just the traditional endpoints (laptops, desktops, servers). Yet most enterprises only utilize security tools specifically designed to protect desktops and laptops.
Gartner estimates that roughly 30% of enterprises currently deploy some form of mobile threat defense (MTD). Contributing to this oversight, some companies confuse the deployment of mobile device management (MDM) platforms (e.g., Workspace ONE, MaaS360, etc.) with mobile security, even though MDM tools cannot detect most application, network, or content-based threats. Therefore, the need to integrate MTD into the incident response toolset should be seen as complementary to device management and deemed table stakes for a comprehensive security posture.
As evidence, when indicators of compromise (IOCs) are detected on traditional endpoints, those same threats often include elements that specifically target mobile devices. Due to their smaller form factors and the nature in which users blend their interactions between business and personal use, mobile devices are exponentially more susceptible to phishing and social engineering attacks.
In fact, sophisticated phishing attacks now attempt to obfuscate detection by traditional endpoint security tools. The relative lack of investment in mobile security tools and the increasing dependence on mobile devices has led to many bad actors directing their focus to mobile since it makes for a much softer target.
By checking the form factor and/or OS, these attacks can present mobile users with malicious websites while also directing users on traditional endpoints to the proper destination. Bad actors will then attempt to harvest the credentials of the mobile users accessing the malicious site, or they will install malware to initiate an attack. These bad actors need only a single access point to gain entry and start to move laterally through a network. To protect their data, organizations need to fill the mobile gap in their security posture.
To do this, they need access to the telemetry across all their endpoints, not just their servers and laptops. That data must also be treated as critical to their overall incident response capabilities.
Telemetry from mobile-specific attacks, such as phishing attacks, remote jailbreaks, and man-in-the-middle attacks can be correlated with the existing intelligence within USM Anywhere and subsequently remediated.
Lookout is a leader in endpoint and cloud security solutions. The advanced machine intelligence in the Lookout security platform leverages the Lookout Security Graph, which contains behavioral analysis of telemetry data from over 205 million devices and 170 million apps. The Graph continuously analyzes over four million URLs every day and automatically detects threats including “zero day” attacks. Using this telemetry, Lookout researchers have exposed some of the most sophisticated mobile threats ever found, such as Pegasus, Dark Caracal, Monokle, the iOS 14.3 Vulnerability, Corona Live, and Goontact. In fact, the Lookout research team has been responsible for uncovering over 90% of all mobile threats over the past five years and is trusted by some of the world’s largest enterprises and government agencies.
