Pegasus and similar spyware has been discovered in over 20 countries. This and other mobile malware is used to steal sensitive data, to intercept private communications and to trick users into providing access to enterprise applications.
Built-in security protections have proven powerless against sophisticated spyware like Pegasus spyware, Predator spyware, and other mobile device malware.
Even routine malware can be destructive, tricking users into revealing critical information.
How Corrata protects against malware
Corrata defends against malware in multiple ways. By blocking access to malware download servers it reduces the opportunity for infection. By searching for indicators of compromise across all ports and protocols it gets ahead of the bad guys. And by quarantining impacted devices it limits the damage that malware can cause.
Advanced spyware detection and response
Advanced malware detection
Comprehensive monitoring of network traffic allows Corrata to pinpoint activity generated by malware which is not visible to the end user. Corrata not alone blocks traffic to known Command and Control sites but also blocks the IP addresses of servers used by threat groups
Preventing malware infections
By blocking access to malware download sites and sites containing risky content Corrata prevents malware being installed. Access to rarely used ports is also monitored for evidence of risky content.
Ongoing scanning for malware
Corrata routinely scans all apps installed to identify malware, potentially harmful spyware apps or those which exhibit risky behaviours using advanced spyware detection techniques.
Once infections are identified Corrata provides a protective cordon around the impacted device to ensure that it no longer has access to sensitive corporate data. Once the infection has been removed, access is automatically restored.
Removal of risky apps
In many cases dangerous apps can only be removed by direct end-user intervention. The Corrata app guides employees through the steps required to remove infections
Mobile malware can be split into two broad categories: commodity malware and advanced malware. Commodity malware, which is found almost exclusively on Android, is very common and uses social engineering techniques to trick users into revealing information and/or providing access to sensitive functions. Advanced malware impacts both iOS and Android. Typically it installs silent, without the need to download an application. This malware relies on vulnerabilities in the security architecture of the underlying operating system and is extremely dangerous.
Corrata relies on two broad approaches to malware detection. The first involves scanning the device to identify apps and flag any which are of concern. This is primarily useful against commodity malware. The second set of techniques go deeper by searching for indicators of compromise within all of the traffic going to and from the device. This is highly effective at identifying advanced malware which is difficult to detect via traditional scanning.
Corrata has a range of features to response to malware infection. Info Sec teams are alerted and impacted devices are automatically denied access to corporate applications. Communications with Command and Control (CnC) servers are intercepted and data exfiltration prevented. Users are alerted to the presence of malware and guided in its removal.
We’re on a mission
We’re here to stop every existing and emerging threat to your mobile workforce and business. Explore our Use Cases to find out more about the powerful and proactive protection we provide.