z9 Engine

Real Time on-device detection and protection against mobile cyber attacks

Request a Demo

Mobile Security that Uses Machine Learning to Detect Cyber Attacks

The security researchers and developers at Zimperium have developed and refined z9™, a revolutionary mobile threat defense engine that uses machine learning to detect device, network and application (“DNA”) cyber attacks in real time. The z9™ engine is specifically developed for mobile, to guard against the unique threat vectors of iOS and Android devices. z9™ runs efficiently on smartphones and tablets, without introducing latency or violating user privacy.


Entire Device Monitoring

Unlike other threat detection systems, z9™ monitors the entire mobile device for malicious behavior regardless of the attack entry point. The device-wide resident approach does not rely on external IDs or malware signatures, and does much more than app scanning. This makes z9™ immune to evasion techniques such as polymorphic malware, virtual machine awareness, download and execute techniques or binary obfuscation, allowing Zimperium solutions to find and protect against both known and unknown threats.

warning sensors

Advance Warning Sensors

The sheer number of mobile devices in use today, along with their propensity to be outside a controlled network, allows z9™ to serve as an advance early warning threat detection system for malicious attacks. Like Tsunami buoys that alert authorities to an oncoming tidal wave, z9™ mobile sensors alert IT or Security teams to attacks happening both inside and outside the corporate network to prevent a compromised device from turning into a wider outbreak.

BYOD - bring your own device

Transforms Mobile Devices from a Threat to an Advantage

z9™ puts the power of expensive intrusion prevention appliances into the mobile device, transforming it from a threat vector to a defensive advantage. This game-changing technological advance enables a company to increase the number of sensors from a mere handful, to tens or even hundreds of thousands across an entire organization for a fraction of the price. The more sensors you have, the better visibility you have into both mobile and non-mobile threats.

Request More Info

Mobile Threat Intelligence: How it Works in Real Time

mobile threats detection

Much like a doctor can diagnose an illness by analyzing the symptoms your body is exhibiting, z9™ can detect both known and unknown threats by analyzing the behavior of a mobile device. By analyzing slight deviations to the mobile device’s OS statistics, memory, CPU and other system parameters, z9™ can accurately identify not only the specific type of malicious attack, but also provide forensics associated with the who, what, where, when and how of an attack occurrence.

Zimperium developed the z9 engine by training it over many years on proprietary machine-learning algorithms.

Zimperium developed the revolutionary z9™ engine by training it over many years on proprietary machine-learning algorithms that distinguish normal from malicious behavior on Android and iOS devices. Unlike cloud-based mobile security solutions that employ app sandboxing or tunnel traffic through the cloud, the z9 engine sits directly on mobile devices. This unique approach detects attacks even when your users are not connected to the network or when facing unknown malware, new threats or zero-day attacks.

Read More on Machine Learning

Unmatched Detection & Protection Against Today's Advanced Threats

The z9™ engine monitors, detects, and protects mobile devices against known and unknown threats, including:

Device Network Application
OS/Kernel exploitation Man-in-the-Middle (MITM) Malicious apps
Profile/configuration modification SSL stripping techniques Known and unknown malware
System tampering Attempt to intercept SSL traffic Dynamic threats abusing download and execute techniques
Device vulnerability assessment Rogue access points Potentially unwanted applications (PUAs) from untrusted sources
Physical USB exploitation Reconnaissance scans



Identifies mobile threats

At every stage of an advanced persistent threat (APT) lifecycle

Advance warning system

Uses thousands of mobile sensors as a warning system to detect network, device and application mobile threats

Threat detection

Entire-device monitoring and intelligent detection of potentially malicious actors in a network

Continuous security engine

Predictive security engines continuously learn to better understand developing mobile attack vectors

Get started today

To see how Zimperium can protect your organization’s mobile devices from advanced threats, get a free enterprise trial today.

Free Enterprise Trial