Corrata Reimagines Mobile Device Security for the AI Era
Corrata Reimagines Mobile Device Security for the AI Era
Company investing in domain-specific Small Language Model for privacy-compliant mobile threat detection as AI reshapes the attack landscape
DUBLIN and LONDON, 3 June 2026 (Infosec Europe, ExCeL London) ** Updated on 9 June 2026: terminology updated from “on-device LLM” to “domain-specific SLM” to more accurately describe the model in development. — Corrata, the mobile endpoint security company, today announced a comprehensive reimagining of its approach to mobile device security in response to the rapid transformation of the threat landscape by artificial intelligence. The announcement encompasses new AI governance capabilities, enhanced data loss prevention, and a commitment to developing anon-device domain-specific small language model (SLM) for next-generation mobile threat detection.
“The device in your employee’s pocket is simultaneously connected to AI tools, targeted by AI-powered attackers, and operating in an environment where the threat landscape is being rewritten in real time,” said Colm Healy, CEO of Corrata. “The controls deployed two or three years ago were not built for this world. We have rebuilt ours to match it.”
How AI Is Reshaping the Mobile Threat Landscape
Mobile devices sit at the epicentre of three distinct AI-driven risk dimensions that security teams must now contend with simultaneously.
Hyper-personalised social engineering. AI has transformed phishing from a numbers game into targeted precision. Attackers now use large language models to construct lures from publicly available data, producing messages indistinguishable from genuine communications. Research puts the click-through rate on AI-generated phishing at 54%, against 12% for traditional campaigns. On mobile, where 85% of phishing attacks already occur outside email, across SMS, WhatsApp, Teams and other messaging channels, the impact is acute.
AI-accelerated exploits. In May 2026, Google Threat Intelligence Group confirmed a real-world threat actor had used a zero-day exploit developed with AI, planned for mass exploitation and only stopped by proactive counter-discovery. Finding and weaponising vulnerabilities no longer requires deep expertise or months of effort. The median time from disclosure to active exploitation had already fallen from 771 days in 2018 to single-digit hours before frontier AI models entered the picture. Mobile is particularly exposed, where apps are deployed quickly and sometimes outside the review processes that govern traditional software.
Shadow AI and data loss. When employees find that an AI tool makes them more productive, they use it, approved or not. Research suggests 43% of employees share corporate data with LLMs without authorisation. On mobile, where personal and professional boundaries are already blurred, the exposure is acute: sensitive documents uploaded to consumer AI services, client details pasted into chatbots, proprietary code submitted for debugging. Institutional knowledge is leaving organisations at an unprecedented rate, with no visibility and no controls in place.
How Corrata Is Responding
Corrata has always been built on a simple premise: mobile devices deserve the same depth of security monitoring as laptops and servers. Its on-device architecture inspects 100% of network traffic without routing it through a cloud relay, a visibility advantage no competitor has matched. In the AI era, that foundation becomes more important, not less. Corrata has now extended it across three areas.
On-device domain-specific SLM for enhanced threat detection. The vast majority of mobile traffic is now encrypted, and current detection methods will struggle against the more sophisticated social engineering and exploit techniques that AI is enabling. Corrata is developing an on-device domain-specific SLM purpose-built for the mobile environment. A general-purpose LLM cannot run on a phone with the speed, memory footprint and power budget that continuous threat detection requires. By narrowing the model to this single task, Corrata makes it small enough to run on the device itself, in real time, with no data leaving the phone.
AI governance for the mobile workspace. Corrata’s AI Governance capability lets organisations define which AI services and SDKs are sanctioned in the mobile workspace and enforces those policies automatically. Approved tools are unaffected; access to unsanctioned services, including consumer chatbots, AI coding assistants and embedded LLM SDKs in third-party apps, is flagged or blocked. As AI governance frameworks including ISO 42001 and the EU AI Act mature, mobile is the enforcement gap most organisations have yet to close. Corrata closes it.
Precision mobile DLP for the AI age. Data leakage via mobile is no longer confined to lost devices or unencrypted email. AI tools are now a primary exfiltration channel. Corrata’s enhanced data loss prevention uses fine-grained traffic analysis to detect sensitive corporate data being transmitted to external services, whether deliberately or inadvertently, enabling security teams to act on genuine data loss events rather than chase false positives.
“Corrata brings together the deepest visibility into mobile traffic of any solution on the market with a new generation of AI-native capabilities built for the threats that matter most right now,” said Colm Healy.
Availability
Corrata’s AI Governance and enhanced DLP capabilities are available now. The on-device domain-specific SLM is in active development, with availability to be announced.
About Corrata
Corrata is a mobile endpoint security company headquartered in Dublin, Ireland. Its on-device technology delivers comprehensive threat detection and response for iOS and Android devices, combining advanced mobile threat defence with data loss prevention and AI governance. Corrata is a member of the Microsoft Intelligent Security Association (MISA), verified for use with FirstNet, and is accredited as ‘Cybersecurity Made in Europe’ by ECSO. For more information, visit corrata.com.
###
