Use Case
Man-in-the-Middle (MitM) Protection
40.5% of websites have inadequate encryption. Today with most corporate applications accessible on mobile we rely on Transport Layer Security (tls) to ensure confidentiality and integrity.
However, due to poor implementations and the activities of determined hackers, this reliance is not always safe. Public networks, including cellular, Wi-Fi, and broadband, are all susceptible to interception by Man in the Middle attacks.
Hackers have multiple opportunities to monitor your communications and to redirect your traffic to locations they control, making MITM protection essential. Today, the only coherent approach is one based on zero-trust.
How Corrata Protects Against Adversary-in-the-Middle Attacks
Corrata uses a variety of techniques to monitor the security of data mobile devices transmit. By examining indicators such as cipher suites, protocol versions, and TLS certificates, Corrata is able to identify rogue hotspots and other cases where communications are vulnerable to hackers and ensure that sensitive data is not transmitted when at risk of interception.
Advanced Network Protection For Your Mobile Communications
-
Countering Adversary-in-the-Middle Attacks
A series of measures which prevent bad actors intercepting sensitive communications
Corrata starts from the assumption that the safety of network infrastructure, including cell towers and Wi-Fi hotspots, can never be accurately assessed. Instead Corrata monitors the quality and integrity of Transport Layer Security, preventing the transmission of data where vulnerabilities are identified
-
Checking the quality of encryption
The use of out-of-data cipher suites leaves traffic vulnerable to snooping and Wifi eavesdropping.
Corrata continuously monitors the quality of encryption offered by applications and websites to ensure it cannot be compromised by Wifi Hacks. Traffic to applications or websites offering poor encryption can be automatically blocked.
-
Enforcing cert pinning for sensitive applications
Threat actors can easily trick end users into trusting servers they control using fake certificates.
Certificate pinning is a powerful technique to prevent devices from being mislead into trusting malicious websites, applications or APIs. Corrata offers the ability to extend cert pinning to any sensitive domain whether accessed via an app or a browser.
-
Preventing transmission of data in the clear
Posting data to a server without encryption should never be permitted
Corrata identifies attempts to send data ‘in the clear’ for storage. This prevents such data in transit from being captured by bad actors. It also allows Corrata to identify activity which may indicate malware infection.
FAQ’s
Mobile devices are used predominantly over public networks whether they are cellular, Wi-Fi or fixed. Because these networks are public they can be accessed by bad actors using a range of techniques to intercept and manipulate IP traffic. Internet users rely on the integrity of Transport Layer Security (tls) and SSL Certificates to secure their communications, but poor implementation by 3rd parties can lead to compromise.
There are a number of features of Wi-Fi that make it easier to hack. Your traffic can be observed while travelling over the radio waves. Hotspots can be faked or compromised. However many of the techniques used to interfere with traffic on Wi-Fi can also be used on fixed networks.
Corrata uses its position sitting between applications and the network to examine the quality of encryption (or its absence). It examines the tls implementation details and the SSL Certificates to identify weaknesses and prevents the transmission of sensitive data in circumstances where it may be hacked.
We’re on a mission
We’re here to stop every existing and emerging threat to your mobile workforce and business. Explore our Use Cases to find out more about the powerful and proactive protection we provide.
Smishing protection
Anti-malware
Dangerous applications
Man-in-the-Middle Protection
Vulnerability management
Web filtering
-
use case
Smishing protection
Every day employees are being targeted with smishing messages designed to harvest credentials, steal authentication cookies and gather personal information for social engineering attacks.
Learn more -
use case
Anti-malware
Sophisticated malware such as the notorious Pegasus and its clones are being used to undermine the built in security of both iOS and Android making sensitive content accessible to bad actors.
Learn more -
use case
Dangerous applications
Even applications downloaded from official app stores can represent a threat to information security. Understand how Corrata identifies such risks and provides the tools you need to counter them.
Learn more -
use case
Man-in-the-Middle Protection
In today’s cloud centric world most enterprise data travels over networks which are fundamentally insecure. Corrata provides the protection you need to ensure that your data remains private.
Learn more -
use case
Vulnerability management
Good device security posture is critical to reducing risk. Corrata monitors the settings and activity on your employees’ devices, assessing their security status and prompting end users to remedy any issues found.
Learn more -
use case
Web filtering
Blocking access to categories of content which are risky or against your organization’s acceptable use policy is an essential step for mobile security. Corrata provides robust, privacy sensitive web filtering tailored to your organization’s needs.
Learn more
