Zimperium

Zimperium, the global leader in protecting enterprises from mobile risks, offers the only real-time, on-device, machine learning-based protection against Android, iOS and Chromebook threats. Powered by our z9 machine learning detection engine, Zimperium’s solutions protect mobile endpoints and apps against device, network, phishing and malicious app attacks.

Insecure mobile devices pose real and immediate risks to enterprises. 50% of IT and Security professionals report that it is “likely to certain” that their organization has already had a security incident as a result of inadequate mobile device security ii. In order to realize the goal of mobility initiatives, enterprises need robust mobile security against today’s major threats.

Over the last 5 years, Zimperium’s machine learning-based engine, z9, has detected 100 percent of zero-day mobile exploits without requiring an update. In addition to its proven efficacy against zero-day device and network attacks, z9 is the only machine learning-based engine capable of detecting previously unknown mobile malware on- device without requiring updates and without the risks of cloud-based lookups.

zIPS: Enterprise-grade Mobile Security

zIPS runs locally on any mobile device and detects cyber attacks without a connection to the cloud.
It provides persistent, on-device protection for mobile devices similar to what next generation endpoint protection platform (EPP) solutions do for traditional endpoints. To help organizations assess the security and privacy risks of installed apps, zIPS also includes our z3A (advanced app analysis) scanning engine.

zIPSTM makes it possible for IT organizations to provide the mobile experience that enterprise users need without compromising information security. Zimperium 5.0’s four key solutions include:

zIPS

Zimperium’s stand-alone app that provides persistent, on-device protection for mobile devices and data in a manner analogous to next-generation antivirus on traditional endpoints.

zConsole

Zimperium’s management and reporting console, including threat forensics, policy administration and industry-leading integrations with EMM and SIEM solutions.

zIAP

Zimperium’s software development kit (SDK) that quickly embeds z9 into any mobile app, immediately protecting the app and all of its sessions from attacks.

z3A

Zimperium’s reporting and analytics tool that provides detailed privacy and security risk for every app on protected devices.

Mobile Application Protection Suite (MAPS) Solution

MAPS is comprised of three solutions:

• zScan, which helps organizations discover and fix compliance, privacy, and security issues;
• zShield, which hardens the app through obfuscation and anti- tampering; and
• zDefend, an SDK embedded in apps to help detect and defend against device, network, phishing and malicious app attacks while the app is in use.

MAPS is comprised of three solutions, each of which address specific enterprise needs and SDLC stages. With MAPS, the whole truly is greater than the sum of the parts. The solutions all utilize the same backend and administrative console, zConsole, to provide comprehensive and seamless visibility and management of risks and threats. By having an integrated suite across the SDLC, MAPS provides valuable insights that not only detect current risks, but also helps developers identify issues that can be solved in future releases.

Discovering Mobile App Risks in Development with Zimperium zSCAN

Zimperium zScan helps mobile app developers avoid reputation and financial risks by automatically identifying privacy, security and compliance risks in the development process before apps are released to the public. While traditional code analysis tools help assess the quality of a developer’s code overall, zScan’s binary analysis capabilities identify risks that an attacker could uncover to exploit the completed app. zScan provides immediate visibility into privacy and security app risks that are not detected with other scanners, and also uncovers findings that may cause compliance issues for NIAP, GDPR and the OWASP Top 10. In zScan’s administrative console, zConsole, compliance and security teams define and customize policies so that only the non-compliant issues are delivered to developers to fix.

Preventing App Tampering Attempts with Zimperium zSHIELD

Once a mobile app is released publicly, potential attackers can inspect it for any coding errors and vulnerabilities that can be exploited. Zimperium zShield’s obfuscation and anti-tampering functionality hardens and protects the app from attacks such as reverse engineering, piracy, removing ads, extracting assets, extracting API keys and inserting malware. Unlike obfuscation solutions that rely upon manual pen testing to demonstrate effectiveness and have no active reporting, zShield provides on-going and immediate visibility into app tampering attempts on end user devices by reporting the events into Zimperium’s administration and reporting dashboard, zConsole.

Protecting Apps from Mobile Attacks with Zimperium zDEFEND

Zimperium’s zDefend software development kit (SDK) enables developers to quickly and painlessly embed Zimperium’s leading machine learning-based detection engine, z9, directly inside any mobile app. With the zDefend SDK embedded, mobile apps can immediately determine if a user’s device is compromised, any network attacks are occurring and even if malicious apps are installed. zDefend is completely configurable by app developers, who can select whatever remedial action should apply when a given threat is detected. When a device is under attack, zDefend informs the app and initiates those predetermined risk mitigation actions.

Our Mobile Threat Advisory Services transforms mobile device security data and forensics into useful, actionable intelligence reports specifically designed for CISOs, CIOs and security operational teams.

Build Compliant

What issues should be fixed before releasing our app?

zScan helps organizations discover and fix compliance, privacy, and security issues within mobile apps before they are released as part of the development process.

Build Secure

How can we harden our app against reverse engineering or code tampering?

zShield app obfuscation and antitampering functionality protects the app from potential attacks like reverse engineering and code tampering.

Run Secure

How can we protect our app from advanced attacks on end user devices?

zDefend SDK is embedded in apps to help detect and defend against device, network and malicious app attacks.