By Guido Ronchetti, CTO – XTN Cognitive Security
How could we live without our smartphone?
On the spot, you might be tempted to answer “fine”. The truth is that our lives are deeply linked to our digital presence and it will probably go on like this for many years to come.
Our digital dimension is closely connected to all devices and app we daily use. It’s not a secret that each of us wants to be able to quickly and easily access useful services through an app. That’s why the app should be intuitive, fluid, fast but most of all secure.
The success of a service depends on all these expectations. So, it’s should be pretty clear how this issue has become the biggest challenge for many companies.
Providing a secure application (mobile or not) means many different things:
- having assessed the quality of the app development;
- having subjected all the components (client, app, backend, data) at regular safety assessment;
- having monitored and protected the service continuously while it is being used.
I am very interested in this last aspect because ensuring that the service is provided securely during usage is essential. This approach could prevent reputational damages, frauds, sensitive data and intellectual property thefts.
It’s very widespread to focus only on protecting the mobile app as if it were independent of the service provided. This has led to concentrating on so-called RASP solutions that introduce a series of markers and countermeasures in the app itself, leaving all the action to remain isolated in the client that interacts with the service. By analogy, if we address the enterprise server security monitoring, we let each server independently evaluate the importance of the security log that produces and accordingly to decide how to react.
We all want the logs are sent to a collector capable of applying advanced information analysis. And we also want this collector to observe and recognize complex events that occur over time, potentially distributed among different servers.
What about mobile applications? Shouldn’t be the same?
It’s clear that an approach limited to the mobile client doesn’t allow to grasp the complexity of current attacks more and more often:
- combined in several phases
- focused on misleading the user (see our report on malware).
So, what is the state of the art? How to address mobile application security without underestimating the complexity of the phenomenon?
In XTN we believe that the device (client side) is one of the elements to be monitored, but also evaluation must be delegated to an intelligent component on the server side.
- should be based on AI
- should be capable of evaluating technological and behavioural aspects
- should be capable of weighing the user’s history, his identity, and attack trends in place.
Our answer to this need is SEAP® mobile.
SEAP® Mobile can secure the complete perimeter by recognizing:
- threats related to communications with the backend
- the presence of malware to the account takeover
- reverse engineering
SEAP® replicate the evaluation that an experienced analyst would produce about risk automatically and it also prevents the use of sensitive information in a device at risk.
What about the integration effort? SEAP® do all this in just 15 minutes for client-side integration and dozens of simple REST APIs for server-side use.