Riccardo Canetta Regional Sales Director Mediterranean Digital360 Awards 2018 Primaria Banca Italiana Requisiti Proteggere i device mobili da attacchi mirati e non Remediation in tempo reale ID: 806308
Download The PPT/PDF document "MobileIron Threat D efense" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
MobileIron Threat Defense
Riccardo Canetta
Regional Sales Director, Mediterranean
Digital360 Awards, 2018
Slide2Primaria Banca ItalianaRequisitiProteggere i
device
mobili da attacchi mirati e non
Remediation
in tempo reale
Nessun impatto sulla
user
experience
Slide3Risk is escalating rapidly
Source:
CVE.Mitre.org
.
CVEDetails.com
: Android and iOS CVEs
Common Vulnerabilities & Events
Slide4Threats are real, sophisticated and escalating
2014
2015
2016
2017
Masque
7.x, 8.x
Wirelurker
2014-4487
<8.1.3
Used in jailbreak
ICMP Double Direct
xCode
Ghost
YiSpector
iOS 8.4 and below
Pegasus Remote iOS
exploit, in use for 2+ years
Stagefright
for iOS
CVE-2016-4637
zIVA
Mach portal
DoubleDirect
TowelRoot
200M devices impacted
Heartbleed
800K devices impacted
Stagefright
95% of Android impacted
Wormhole
(Moplus SDK)
Oxygen SwiftKey
Triada Zygote System exploit
HummingBad Hummer malware
QuadRooter
Godless
Blueborne
HummingWhale (HummingBad variant)
DirtyCow
Drammer
PokeMon Go Guide
Slide5Network AttacksWi-Fi Man in the Middle
At a coffee shop
near an office
Wi-Fi MITM
Redirect to
phishing page
Data exploit
Access to
corporate data
MobileIron threat defense solution detects and blocks here
Slide6Device Configuration Changes
Consultant that goes in and out of client networks
Doesn’t like client network restrictions on-site
Installs “free” VPN profile to bypass restrictions
Installs SSL cert to encrypt
/ decrypt
device traffic
All company data is decrypted to the hacker
MobileIron threat defense solution detects and blocks here
Slide7Silent Device AttackDevice exploitation (e.g. Stagefright
)
Phone on table
while you sleep
MMS sent to dormant device
MMS
processed
Exploit
executed
Privilege
elevation
Device
compromised
Persistence for targeted attack
MobileIron
threat defense solution detects and blocks here
Slide8Protect data from mobile threats
Manage
Dashboard
Remediate
On-device, no connectivity required
Analyze
Privacy & security risks
Detect
Known & unknown DNA attacks
Deploy
Single client,
no user action
Slide9Detection & remediationOther MTD & EMM solutions
In The Cloud
On Device
Scan Device
Perform Detection
Inform EMM
of Policy Violation
Send Remediation Instructions to EMM agent
Remediate Threat
Time to Detect & Remediate
MTD
EMM
Slide10Detection & remediationThe MobileIron Threat Defense Solution
Scan Device & Perform Detection
Recognize Policy Violation
Remediate Threat
Detect & Remediate
MTD
EMM
In The Cloud
On Device
Slide11Differentiators
1 app
No user action required
Zero-day
On-device
Slide12Thank You