Existing solutions either do not provide adequate protection or force users into changing how they use the device – such as by requiring them to login to a separate “walled off” area of the phone. Skycure offers protection from external attackers while remaining invisible to the user experience.
Skycure was founded by researchers Adi Sharabani and Yair Amit, who previously led the IT security research teams at IBM and Watchfire. The company, which also features IT security experts that previously worked at companies such as CheckPoint, Google and eBay, has already released research on a number of mobile security threats, including discovering potentially risky functionality whereby LinkedIn collects personal and calendar information without end-user knowledge. Skycure worked with LinkedIn to address and correct the issue.
"Skycure has studied the activity on mobile devices for many months, and we are concerned that these devices present new attack vectors for hackers, no matter how secure the environment claims to be,” said Yair Amit, co-founder and CTO at Skycure. “We offer a seamless way to protect the devices, backed by our research into mobile and network vulnerabilities. Our vision is to provide a comprehensive protection from attacks across three different major vectors, which we discovered in our research: attacks from the Internet, attacks from the device toward the corporate intranet, and attacks that result in sensitive data being leaked out of the device.”
The solution is installed as an application on end users’ phones or other devices, complemented by a cloud component that enables management, secure communications to mitigate Wi-Fi man-in-the-middle attacks, and the collecting of information about dangerous Wi-Fi-networks. The solution provides comprehensive protection for the devices and also allows corporate IT professionals to gain visibility into the threats their organizations face on a regular basis.
Features and benefits of the software include:
Behavioral analysis of device and wireless network activity to keep attackers out
Skycure’s software monitors network activity and spots behavior that demonstrates a phone has been compromised or that an active attack is in place. The solution utilizes a honeypot approach, in which Skycure lures attackers to perform actions that reveal their existence.
Close management by IT teams to enable secure, policy-driven BYOD
Corporate IT teams can guard their employees’ devices by receiving alerts when suspicious activity is detected. When applicable, a fix to eliminate the threat is automatically applied. When detecting more sophisticated attacks, IT staff is alerted with a suggested remediation task. Companies can permit employees to use their own phones and be confident those devices are both secure and centrally managed, preserving productivity benefits while also eliminating the risk of data leaks due to security breaches.
No performance or operational impact
No end user will tolerate a device slow down. Skycure’s thin app is undetectable in the background and only noticeable if a concern is detected. The solution can integrate with a corporate mobile device management (MDM) deployment, but such an MDM is not a requirement.
Skycure adds real-time intelligence into its solution to benefit all users. For example, when Skycure detects a Wi-Fi attack on one user, it takes proactive measures to make sure other users are protected when they arrive nearby the suspicious network.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.