Use Case


Pegasus and similar spyware has been discovered in over 20 countries. This and other mobile malware is used to steal sensitive data, to intercept private communications and to trick users into providing access to enterprise applications.


Built-in security protections have proven powerless against sophisticated spyware like Pegasus spyware, Predator spyware, and other mobile device malware.

Even routine malware can be destructive, tricking users into revealing critical information.


How Corrata protects against malware

Corrata defends against malware in multiple ways. By blocking access to malware download servers it reduces the opportunity for infection.  By searching for indicators of compromise across all ports and protocols it gets ahead of the bad guys. And by quarantining impacted devices it limits the damage that malware can cause.


Advanced spyware detection and response

  • check-icon

    Advanced malware detection

    Pegasus, Predator and other advanced malware require sophisticated Android and iOS malware detection techniques

    Comprehensive monitoring of network traffic allows Corrata to pinpoint activity generated by malware which is not visible to the end user. Corrata not alone blocks traffic to known Command and Control sites but also blocks the IP addresses of servers used by threat groups

  • check-icon

    Preventing malware infections

    Drive by downloads and sideloading can cause your device to be compromised

    By blocking access to malware download sites and sites containing risky content Corrata prevents malware being installed. Access to rarely used ports is also monitored for evidence of risky content.

  • check-icon

    Ongoing scanning for malware

    Apps shared outside official app stores are notoriously prone to abuse

    Corrata routinely scans all apps installed to identify malware, potentially harmful spyware apps or those which exhibit risky behaviours using advanced spyware detection techniques.

  • check-icon


    Automatic quarantining of devices is an effective response to malware discovery

    Once infections are identified Corrata provides a protective cordon around the impacted device to ensure that it no longer has access to sensitive corporate data. Once the infection has been removed, access is automatically restored.

  • check-icon

    Removal of risky apps

    The Corrata app prompts users to remove apps which are identified as risky

    In many cases dangerous apps can only be removed by direct end-user intervention. The Corrata app guides employees through the steps required to remove infections


Mobile malware can be split into two broad categories: commodity malware and advanced malware. Commodity malware, which is found almost exclusively on Android, is very common and uses social engineering techniques to trick users into revealing information and/or providing access to sensitive functions. Advanced malware impacts both iOS and Android. Typically it installs silent, without the need to download an application. This malware relies on vulnerabilities in the security architecture of the underlying operating system and is extremely dangerous.

Corrata relies on two broad approaches to malware detection. The first involves scanning the device to identify apps and flag any which are of concern. This is primarily useful against commodity malware. The second set of techniques go deeper by searching for indicators of compromise within all of the traffic going to and from the device. This is highly effective at identifying advanced malware which is difficult to detect via traditional scanning.

Corrata has a range of features to response to malware infection. Info Sec teams are alerted and impacted devices are automatically denied access to corporate applications. Communications with Command and Control (CnC) servers are intercepted and data exfiltration prevented. Users are alerted to the presence of malware and guided in its removal.

We’re on a mission

We’re here to stop every existing and emerging threat to your mobile workforce and business. Explore our Use Cases to find out more about the powerful and proactive protection we provide.

  • Smishing protection

  • Anti-malware

  • Dangerous applications

  • Man-in-the-Middle Protection

  • Vulnerability management

  • Web filtering

  • smishing-content-img

    use case

    Smishing protection

    Every day employees are being targeted with smishing messages designed to harvest credentials, steal authentication cookies and gather personal information for social engineering attacks.

    Learn more
  • malware-content-img

    use case


    Sophisticated malware such as the notorious Pegasus and its clones are being used to undermine the built in security of both iOS and Android making sensitive content accessible to bad actors.

    Learn more
  • integration-content-img

    use case

    Dangerous applications

    Even applications downloaded from official app stores can represent a threat to information security. Understand how Corrata identifies such risks and provides the tools you need to counter them.

    Learn more
  • wifi-content-img

    use case

    Man-in-the-Middle Protection

    In today’s cloud centric world most enterprise data travels over networks which are fundamentally insecure. Corrata provides the protection you need to ensure that your data remains private.

    Learn more
  • security-content-img

    use case

    Vulnerability management

    Good device security posture is critical to reducing risk. Corrata monitors the settings and activity on your employees’ devices, assessing their security status and prompting end users to remedy any issues found.

    Learn more
  • privacy-content-img

    use case

    Web filtering

    Blocking access to categories of content which are risky or against your organization’s acceptable use policy is an essential step for mobile security. Corrata provides robust, privacy sensitive web filtering tailored to your organization’s needs.

    Learn more