MobileIron Confidential

MobileIron Threat Defense

Raffaele Clementelli

Regional Sales Manager

MobileIron ConfidentialMobileIron Confidential

Mobile threats are everywhere

24% Of organizations

suffered a mobile

security attack,

primarily driven by

malware &

malicious WiFi

43% Were unsure if

mobile security

incidents had

occurred

Source: 2017 Mobile Security Report, Zimperium

MobileIron ConfidentialMobileIron Confidential

Risk is escalating rapidly

Source: CVE.Mitre.org. CVEDetails.com: Android and iOS CVEs

0

200

400

600

800

1000

1200

1400

2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017

CVE Score 7+

CVE Score 1-6

Co

mm

on

Vu

lne

rab

ilitie

s &

Eve

nts

MobileIron ConfidentialMobileIron Confidential

Threats are real, sophisticated and escalating

2014 2015 2016 2017

Masque7.x, 8.x

Wirelurker 2014-4487<8.1.3

Used in jailbreak

ICMP Double

Direct

xCode

Ghost

YiSpectoriOS 8.4 and below

Pegasus

Remote iOS exploit, in use for

2+ years

Stagefright

for iOSCVE-2016-4637

zIVA Mach

portal

DoubleDirectTowelRoot200M devices

impacted

Heartbleed800K devices

impacted

Stagefright95% of Android

impacted

Wormhole

(Moplus SDK)

Oxygen

SwiftKey

Triada Zygote

System exploit

HummingBad

Hummer

malware

QuadRooter Godless Blueborne

HummingWhale(HummingBad variant)

DirtyCow

Drammer

PokeMon Go

Guide

MobileIron ConfidentialMobileIron Confidential

Network Attacks Configuration Changes Silent Device Attack

Mobile attacks

MobileIron ConfidentialMobileIron Confidential

Network AttacksWi-Fi Man in the Middle

At a coffee shop

near an officeWi-Fi MITM

Redirect to

phishing pageData exploit

Access to

corporate data

MobileIron threat defense

solution detects and

blocks here

MobileIron ConfidentialMobileIron Confidential

Device Configuration Changes

Consultant that goes in

and out of client

networks

Doesn’t like client

network restrictions on-

site

Installs “free” VPN profile to

bypass restrictions

Installs SSL cert to

encrypt / decrypt

device traffic

All company data is

decrypted to the hacker

MobileIron threat defense

solution detects and

blocks here

MobileIron ConfidentialMobileIron Confidential

Silent Device AttackDevice exploitation (e.g. Stagefright)

Phone on table

while you sleep

MMS sent to

dormant device

MMS

processed

Exploit

executed

Privilege

elevation

Device

compromisedPersistence for

targeted attack

MobileIron threat defense solution detects and blocks here

MobileIron ConfidentialMobileIron Confidential

Our Unique Approach

MobileIron ConfidentialMobileIron Confidential

Easy

One single app

The best security is invisible to the end user

MobileIron ConfidentialMobileIron Confidential

On-Device

Zero-day detection

and remediation,

on-device,

No internet

connectivity

required

Machine learning

algorithm

MobileIron ConfidentialMobileIron Confidential

Detection & remediationOther MTD & EMM solutions

In The

Cloud

On

Device

Scan

Device

Perform

Detection

Inform EMM

of Policy

Violation

Send Remediation

Instructions to EMM

agent

Remediate

Threat

MTDEMMTime to Detect & Remediate

MobileIron ConfidentialMobileIron Confidential

Detection & remediationThe MobileIron Threat Defense Solution

In The

Cloud

On

Device

Scan Device &

Perform Detection

Recognize Policy

ViolationRemediate

Threat

Detect & RemediateMTD EMM

MobileIron ConfidentialMobileIron Confidential

Jetzt eine kostenlose POC starten!

MobileIron Confidential

Thank You