There is a new security company being recognized for its expertise in the next generation of mobile security solutions, penetration testing and the detection of sophisticated vulnerabilities and exploits. It’s Trustlook, Inc., a Silicon Valley-based company established this year that is an innovator in behavior-based analysis of Android applications and a pioneer in providing the first APT (advanced persistent threat) resolution to protect smartphones and tablets from zero-day and advanced malware threats.
On July 16th, the private company announced its deep mobile application analysis platform: a cloud-based app-control solution, which consists of advanced detection and policy control services.
The security platform is revolutionary. It is a signature-based malware identification system that deals with APT and delivers fast malware response, but also provides four more key features that will take “mobile application security to the next level,” said Larry Li, founding managing partner of zPark Venture.
The app provides 100 percent signature-less malware screening—thanks to its detection engine that addresses and filters out high-risk applications before being deployed into corporate environments. Trustlook’s malware signature database can spot and mitigate malicious software before it disrupts the victim’s computer operations—again, due to the detection engine that provides application static and behavior data.
It addresses zero-day exploits (much like the FireEye platform) and helps discover any vulnerabilities in advance before a malicious computer attack takes advantage of a security hole, causes serious damage to a system, or corrupts or deletes files. This is something often missed in many cloud-based endpoint security services.
The app also offers a fully-automated deep application analysis platform through the use of its proprietary cloud sandbox technology. In essence, it is a framework for behavior-based malware analysis in the cloud. It is said to be the only solution in the market to detect unknown mobile malware and “constantly analyze application behaviors to build complete application profiles.”
It also supports REST-based application analysis services for mobile cloud computing (MCC); a fully integrated cloud platform that simplifies mobile device management (MDM) and provides seamless mobile enterprise integration with mobile application management (MAM) vendors. Ideally, this is a solution to control, manage and secure mobile devices and apps through its platform from the central admin console.
Unlike traditional on-premises solutions or other mobile security products on the market and services found online, this is a signature- and behavior-based analysis engine integrated with a back-end, easy-to-use data mining system: It is able to “catch zero-days immediately and on-the-fly as they’re released,” said Trustlook in an admin post on its website.
As Mike Murray, Managing Partner of MAD Security, said, “Trustlook’s [cloud-based sandbox technology] is the first to allow [its] users to breathe easily when it comes to trusting their sensitive data to Android devices.”
With malware on the rise, according to last year’s annual Mobile Threats Report from Juniper Networks, and having seen “mobile security products continue to fail to keep up to the threat environment,” said Trustlook, it is believed that this next-gen technology mentioned is what businesses will need to have as an effective APT mobile security solution, which is on a platform that controls malware threats.