Enterprise mobility is the new norm for today’s organizations. And while organizations adopt this new productivity tool to the benefit of the business, attacks targeted at these devices is increasing faster than any other target. In fact, the number of mobile threats is increasing over 100 percent per year and will account for over 30 percent of ALL threats by 2019. As a result, detecting and protecting against these attacks calls for innovative technology, explicitly designed for the mobile device platforms. Machine learning plays a transformational role in improving mobile security both in defensive and offensive security measures. A company which is pioneering the mobile security landscape by offering unmatched visibility into mobile threats by leveraging machine learning is Zimperium.
Zimperium is a global leader in enterprise mobile device security, offering real-time, on-device protection against both known and unknown Android and iOS threats. The Zimperium platform leverages the award-winning machine learning-based engine, z9™, to protect mobile data, apps and sessions against device compromises, network attacks, malicious apps and phishing attempts. To date, z9 has detected 100% of zero-day mobile exploits the company has tested that were discovered in the wild without requiring an update or suffering from the delays and limitations of cloud-based detection—something no other mobile device security provider can claim.
Zimperium was founded in 2010 to provide protection against the onslaught of mobile-targeted threats that have since continued to increase year in and year out. To accomplish this mission, the company invented a new way to detect how mobile computing platforms could be attacked, especially from previously unknown threats. This led the company to the Machine Learning (ML) approach in use today. And since mobility is a massive and global undertaking, Zimperium enlisted the investment backing of Warburg Pincus, SoftBank, Sierra Ventures, Telstra and Samsung, and built an ecosystem that includes many of the world’s largest telcos, security companies, federal and local government agencies, and major OEMs. The company is headquartered in Dallas, TX with sales and support resources around the world.
Developing the Revolutionary Mobile Threat Defense Engine z9™
Zimperium developed the revolutionary z9 engine by training it over many years with billions of datapoints on proprietary machine-learning algorithms that distinguish normal from malicious behavior on Android and iOS devices. z9 uses machine learning to detect device, network and application (“DNA”) cyber-attacks in real-time. The z9 engine is specifically developed for mobile, to guard against the unique threat vectors of iOS and Android devices. z9 runs efficiently on smartphones and tablets, without introducing latency or violating user privacy.
Unlike cloud-based mobile security solutions that employ signatures, app sandboxing, or tunneling traffic to the cloud, the z9 engine sits directly on mobile devices. This unique approach detects attacks even when the users are not connected to the network or when facing unknown malware, new threats or zero-day attacks. The on-device detection architecture enables mobile devices to become powerful sensors that alert users and management to enterprise threats from mobile device endpoints across organizations.
In addition to its proven efficacy against zero-day device and network attacks, z9 is the only machine learning-based engine capable of detecting previously unknown mobile malware on-device without requiring updates and without the risks of cloud-based lookups.
Meet the Futuristic Leaders
Shridhar Mittal is the CEO of Zimperium. He joined Zimperium to lead the company through the early product definition phase to the current rapid customer acquisition and growth phase. Previously he was the GM of the Application Delivery business unit at CA Technologies (CA), where he was responsible for creating the DevOps vision and establishing CA as a leader in the high-growth space. John Michelsen is the Chief Technology Officer of Zimperium. He has invested himself in helping enterprise customers push the leading edge of technology transformation to deliver on business outcomes, and is a highly respected technologist who moves others to action. With 12 patents awarded or in process, market-leading inventions delivered in database, distributed computing, virtual/cloud management, multi-channel web application portals, Service Virtualization (LISA), and now with the industry’s most advanced mobile security company Zimperium, John is a factory of innovation.
Machine Learning: Why it Matters for Mobile?
The application of ML to prevent mobile attacks is a huge step forward in proving the technology’s applicability to an otherwise unsolvable problem. Mobile operating systems are designed to prevent the very means of protection that desktop and server operating systems allow, e.g., there is generally no ability to hook into the system to check network traffic or confirm system calls are valid. “Detecting threats with no special privileges required us to research the possibility of ML as an effective means of detection. This research was quite successful. Customers benefit from the most effective means of detecting threats to their mobile devices as a result,” John said.
While enterprises are integrating and applying various ML technologies in their process today, Zimperium has already pushed its original thinking far beyond early expectations. The company uses ML in areas that were initially perceived as impossible. “Like every successful technology adoption, ML is growing but we are still in the early adopters’ phase. With widely available open source and large software vendors like Google and Apple providing ML kits, we see ML entering a mass option phase very soon. Yet ML has not solved for its potentially greatest achievements of dramatically enhancing auto safety, thinking robotic systems, or untold concerns in human biology. The state of the art will continue to evolve,” John mentioned.
The Most Innovative Defense Against Advanced Mobile Threats
What makes Zimperium the most innovative mobile device security provider is a refusal to follow the path of others when the company believed the best solution was yet to be developed. Mobility and IoT are vastly different and changing at a more rapid pace than any other computing platforms in history. Zimperium saw competitors borrowing yesterday’s approaches to solve for threat detection on these platforms and refused to accept the limitations designed into those solutions as a consequence. Thus, the company invested in the future and can match today’s most advanced threats with the most advanced detection capabilities. This innovation mindset continues to drive the research and development teams and the company overall.
Zimperium works at the convergence of disruptive technologies. Talking about the same John said, big data analytics, ML, artificial intelligence and cloud computing have moved from under consideration to the mainstream. Zimperium is a perfect example of this. “We don’t ‘consider’ cloud, it is given when large distributed computing is required. We don’t ‘consider’ big data or ML, we know there are problems well suited to these approaches and adopt them without hesitation. And the orchestration of these and other novel approaches have given us a solution that even just a few years ago would be impossible to deliver”.
The company develops its industry-changing solutions backed by years of research and development. Zimperium has established zLabs, a research lab dedicated solely to understanding and developing disruptive solutions for the enterprise mobile security market. The Advanced Research and Exploitation team is the world’s most qualified and talented collection of researchers focused 100% exclusively on mobile threat research. With backgrounds at companies ranging from eBay and Samsung to Microsoft and Freescale, zLabs researchers are setting the bar for all others to reach. zLabs analysts discovered and documented attacks such as Stagefright on Android and zIVA on iOS, and responsibly disclosed more iOS and Android vulnerabilities than all other major competitors combined.
Global Leadership, Awards and Recognition
Zimperium has been recognized as a global leader in mobile security by top analyst firms including Gartner, Forrester and IDC. While the company, leadership and solution have won too many awards to mention, here are just a few: CIO Applications’ Top 20 Machine Learning Solution Providers, Cybersecurity’s Best Mobile Security Product, Cyber Defense Magazine’s Next Generation BYOD Solution, Enterprise Mobile Security and Most Innovative CEO, Frost & Sullivan’s Mobile Threat Detection Technology, IDC’s Best Cloud-enabled Mobile Security Product, Cybersecurity’s Most Innovative Company, Cyber Defense Magazine’s Best Mobile Endpoint Security/ Cloud Computing Solutions.
Meeting Challenges Head-On
Zimperium faced mass skepticism that ML was a viable means to detect threats on a mobile device. It almost seems incredible to say in 2018, but as recently as 2013, much of the business and investment community perceived ML as voodoo and very unlikely to be deployed in enterprise scenarios successfully. “The impression of ML’s false positives then challenged our ecosystem. Even to this day, these impressions, since proven wrong, are propagated by competitors in our field,” commented John.
Securing the Future with Machine Learning
The team at Zimperium found that leveraging ML techniques for mobile platforms is compelling. Providing similar protections for the IoT devices now proliferating at an even higher rate than mobile devices is equally compelling. Much like mobile, the art of protecting an IoT device is an order of magnitude more complex than that of traditional computing platforms. “That invariably means new thinking, just like when we first approached ML for mobile, will be required. We are well underway with ML-based means to detect platform exploit, malicious communication, and unauthorized state changes on IoT devices purely with ML techniques,” John said.