MobileIron Threat Defense ILS Session€¦ · TowelRoot DoubleDirect 200M devices impacted...
Transcript of MobileIron Threat Defense ILS Session€¦ · TowelRoot DoubleDirect 200M devices impacted...
MobileIron Confidential
MobileIron Threat Defense
Raffaele Clementelli
Regional Sales Manager
MobileIron ConfidentialMobileIron Confidential
Mobile threats are everywhere
24% Of organizations
suffered a mobile
security attack,
primarily driven by
malware &
malicious WiFi
43% Were unsure if
mobile security
incidents had
occurred
Source: 2017 Mobile Security Report, Zimperium
MobileIron ConfidentialMobileIron Confidential
Risk is escalating rapidly
Source: CVE.Mitre.org. CVEDetails.com: Android and iOS CVEs
0
200
400
600
800
1000
1200
1400
2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017
CVE Score 7+
CVE Score 1-6
Co
mm
on
Vu
lne
rab
ilitie
s &
Eve
nts
MobileIron ConfidentialMobileIron Confidential
Threats are real, sophisticated and escalating
2014 2015 2016 2017
Masque7.x, 8.x
Wirelurker 2014-4487<8.1.3
Used in jailbreak
ICMP Double
Direct
xCode
Ghost
YiSpectoriOS 8.4 and below
Pegasus
Remote iOS exploit, in use for
2+ years
Stagefright
for iOSCVE-2016-4637
zIVA Mach
portal
DoubleDirectTowelRoot200M devices
impacted
Heartbleed800K devices
impacted
Stagefright95% of Android
impacted
Wormhole
(Moplus SDK)
Oxygen
SwiftKey
Triada Zygote
System exploit
HummingBad
Hummer
malware
QuadRooter Godless Blueborne
HummingWhale(HummingBad variant)
DirtyCow
Drammer
PokeMon Go
Guide
MobileIron ConfidentialMobileIron Confidential
Network Attacks Configuration Changes Silent Device Attack
Mobile attacks
MobileIron ConfidentialMobileIron Confidential
Network AttacksWi-Fi Man in the Middle
At a coffee shop
near an officeWi-Fi MITM
Redirect to
phishing pageData exploit
Access to
corporate data
MobileIron threat defense
solution detects and
blocks here
MobileIron ConfidentialMobileIron Confidential
Device Configuration Changes
Consultant that goes in
and out of client
networks
Doesn’t like client
network restrictions on-
site
Installs “free” VPN profile to
bypass restrictions
Installs SSL cert to
encrypt / decrypt
device traffic
All company data is
decrypted to the hacker
MobileIron threat defense
solution detects and
blocks here
MobileIron ConfidentialMobileIron Confidential
Silent Device AttackDevice exploitation (e.g. Stagefright)
Phone on table
while you sleep
MMS sent to
dormant device
MMS
processed
Exploit
executed
Privilege
elevation
Device
compromisedPersistence for
targeted attack
MobileIron threat defense solution detects and blocks here
MobileIron ConfidentialMobileIron Confidential
Our Unique Approach
MobileIron ConfidentialMobileIron Confidential
Easy
One single app
The best security is invisible to the end user
MobileIron ConfidentialMobileIron Confidential
On-Device
Zero-day detection
and remediation,
on-device,
No internet
connectivity
required
Machine learning
algorithm
MobileIron ConfidentialMobileIron Confidential
Detection & remediationOther MTD & EMM solutions
In The
Cloud
On
Device
Scan
Device
Perform
Detection
Inform EMM
of Policy
Violation
Send Remediation
Instructions to EMM
agent
Remediate
Threat
MTDEMMTime to Detect & Remediate
MobileIron ConfidentialMobileIron Confidential
Detection & remediationThe MobileIron Threat Defense Solution
In The
Cloud
On
Device
Scan Device &
Perform Detection
Recognize Policy
ViolationRemediate
Threat
Detect & RemediateMTD EMM
MobileIron ConfidentialMobileIron Confidential
Jetzt eine kostenlose POC starten!
MobileIron Confidential
Thank You