Zimperium: Eliminating the Weakest Cyber Links

It is often believed that the security of cyberspace is as strong as its weakest link. Amid increasing mobility among enterprises, mobile endpoints and industrial IoT prove to be the weakest links, as they remain the least protected in an enterprise, thus requiring utmost security. This vulnerability aspect makes enterprises an easy target for hackers. Since IoT and mobile devices share a common architecture, as opposed to the traditional endpoints, enterprises battle all the possible threats that could use employees’ devices as a doorway. Texas-based Zimperium—the leader in enterprise mobile threat defense— puts an end to these challengeswith expertise in detecting zero-day threats on mobile and IoT platforms. “Threats and malicious players follow the principle of ‘land and expand’—they land on a vulnerable element of a network and expand their hold,” says JT Keating, VP of product strategy at Zimperium.

While more and more business data is accessible on mobile devices, only 15-20 percent of mobile devices are protected. For example, with 60 percent of emails being accessed from mobile devices, experts consider mobile phishing as one of the most common methods of beginning a breach. To detect phishing and other cyber threats, Zimperium created the z9 engine, a versatile mobile security engine capable of performing real-time detection on the device where it is installed. This real-time detection counters the major threat vectors such as malicious apps and networks, phishing, andcompromised devices. z9 employs machine learning-powered detection, offered in two versions—z in-app protection (zIAP) and z intrusion prevention system (zIPS).

zIAP is a software development kit, which makes it possible to add all the z9 capabilities into a mobile app. Although this version focuses less on the device holistically, the development kit embeds z9 in the mobile application, which provides details of any threat to the app and initiates risk mitigation actions. From the intrusion prevention standpoint, zIPS—the next generation antivirus for mobile devices—protects the device, as well as the data that it contains and can access. Zimperium’s association with several mobile device management (MDM) companies makes it possible to protect the user device, where the former detects a threat on the device and the latter remediates it instantly.

Zimperium has the ability to integrate with all major enterprise mobile management (EMM) solutionsand even handles multiple EMMs in a single console.
This proves beneficial as enterprises transition from one EMM to another, or manages multiple instances they inherited from consolidations. Additionally, Zimperium’s machine learning-based zero-day detection recognizes a threat with no recorded history of previous perils, proving to be a key differentiator. When a threat is detected by z9, it is addressed on the device, which proved to be a savior for a bank in Australia that approached Zimperium for security support. The bank protected its employees’ devices using the z9 engine in zIPS. The engine once detected a malicious intrusion attempt that contacted employee devices under the facade of being the bank’s WiFi network. Zimperium protected the bank in real time and prevented the transfer of data to a different country. Upon zIPS raising the red flags, the EMM terminated the network and all the data was safeguarded.

Attackers follow the principle of ‘land and expand’—land on vulnerable systems and then expand to other systems. Mobile devices are today’s most vulnerable systems

With a keen eye on the future, Keating points out that since both mobile devices and IoT work on a similar architecture, the next step for the company will be using the z9 capabilities for IoT. Zimperium is implementing this in cars and traffic lights already, and is aiming to expand the reach of z9. “The key strategy is to get better at what we provide and find more innovative ways to nip cyber threats in the bud,” concludes Keating.


Dallas, TX

JT Keating, VP of Product Strategy

Zimperium is the industry leader in mobile threat defense with the large deployment of mobile device sensors. The business offers real-time, on-device protection against both known and unknown threats, enabling detection and remediation of attacks on all three levels - the device, the network, and the application. Zimperium’s patented machine-learning detection engine uses artificial intelligence to power zIPS, a mobile on-device Intrusion Prevention System app, and zIAP, an embedded, In-App Protection SDK that delivers self-protecting iOS and Android apps as well as comprehensive app risk analysis with z3A