Assess and score mobile application and device risks
Posted on 12 June 2013.
Agiliance unveiled the new Agiliance Mobile Trust Service, an extension of the company's Agiliance RiskVision platform, enables organizations to address mobile and BYOD risks by allowing IT and security operations teams to assess and score mobile application and device risks before they connect to the network.


To provide a comprehensive real-time view of an enterprise's mobile and BYOD risk posture, the service identifies vulnerabilities at each layer of the mobile stack (infrastructure, hardware, operating system, and applications), correlates this data with existing threats, and scores risks within the context of an organization's security ecosystem (e.g., use of security controls such as encryption, role-based access control, etc.).

It is composed of the following components and capabilities:

Mobile Entity Repository
Provides an inventory of mobile devices and associated attributes such as operating system status (version, jail-broken, etc.), device information (serial number, model, version, open ports, etc.), and current applications (version, hash, etc.). This information is gathered via connectors to leading mobile device management (MDM) and mobile application management (MAM) solutions.

Mobile Threat Intelligence Feed
Contains threat and vulnerability data for millions of enterprise, public, or private mobile applications as it relates to malicious functionality (e.g., activity monitoring and data retrieval, system modification), vulnerabilities (e.g., sensitive data leakage, unsafe data transmission, unauthorized permission requests), and privacy behaviors (e.g., collection of phone or location data, request of data outside of application sandbox). This information is used as a baseline to correlation with data contained in the Mobile Entity Repository.

Mobile Risk Score
Application-use risk for BYOD or HYOD is calculated based on mobile entity data, mobile threat intelligence feed, and contextual data (e.g., owner's organizational role, access rights, etc.). Risk scores can be used to determine whether or not to grant a device access to the network, and what, if any, limitations should be imposed. Once mobile access is granted, continuous monitoring can be used to maintain updated risk scores. Risk tolerance can be customized by the administrator.





Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //