Continuous on-device protection against known and unknown threats
Over the past several years the security experts at Zimperium® have developed z9™, a revolutionary cyberattack defense engine that uses machine learning to detect network, device and application mobile attacks in real time. The z9™ engine was developed from the ground up for mobile to combat the unique challenges of protecting iOS and Android devices. z9™ runs efficiently on smartphones or tablets, without introducing latency or violating user privacy.
Unlike other threat detection systems, the z9™ engine monitors the entire mobile device for malicious behavior regardless of the attack entry point. It does much more than scanning apps, and does not rely on signatures. This approach is immune to evasion techniques such as polymorphic malware, virtual machine awareness, download and execute techniques or binary obfuscation and allows Zimperium® to find and protect against both known and unknown threats.
The sheer number of mobile devices, along with their propensity to be outside the network, allows z9™ to serve as an early warning threat detection system for malicious attacks. Like Tsunami buoys that alert you to an oncoming tidal wave, z9™ mobile sensors alert the Security Officer to attacks happening both inside and outside the corporate network, and prevent one compromised device from turning into a wider outbreak.
z9™ puts the power of expensive IPS appliances into a mobile device, turning a phone into a sensor and transforming it from a threat to an advantage. This game-changing technological advance enables a company to increase the number of sensors from a mere handful, to tens or even hundreds of thousands across an entire organization for a fraction of the price. The more sensors you have, the better visibility you have into both mobile and non-mobile threats.
Much like a doctor can diagnose an illness by analyzing the symptoms your body is exhibiting, z9™ can detect both known and unknown threats by analyzing the behavior of your mobile device. By analyzing slight deviations to the mobile device’s operating system’s statistics, memory, CPU and other system parameters, z9™ can accurately identify not only the specific type of malicious attack, but also provide forensics associated with the who, what, where, when, and how of an attack occurrence.
Zimperium® developed the revolutionary z9™ engine by training it over many years on proprietary machine-learning algorithms that distinguish normal from malicious behavior on Android and iOS devices. Unlike cloud-based mobile security solutions that employ app sandboxing or tunnel traffic through the cloud, the z9™ engine sits directly on the mobile devices. This unique approach detects attacks even when you are not connected to the corporate network or when facing unknown malware, such as zero-day attacks and APTs.
The z9™ engine monitors, detects, and protects mobile devices against known and unknown threats, including:
|Man-in-the-Middle||OS/Kernel exploitation||Malicious apps|
|SSL stripping techniques||Profile/configuration modification||Known and unknown malware|
|Attempt to intercept SSL traffic||System tampering||Dynamic threats abusing download and execute techniques|
|Rogue access points||Device vulnerability assessment|
|Reconnaissance scans||Physical USB exploitation|