During my time in Black Hat Europe 2023, I met Shridhar Mittal, the CEO of Zimperium, and we discussed what the company does, what to expect in the future and much more insightful information regarding mobile app security. Protecting mobile apps is becoming bigger; Zimperium is offering a solution to secure people’s apps and mobiles. Computers are more advanced in security, but mobiles are less developed to use security software.
Zimperium, Inc. is a leading provider of mobile device and app security solutions offering real-time, on-device protection against known and unknown threats on Android, iOS, and Chromebook endpoints. The company was founded on the belief that more than the existing mobile security solutions were needed to address the growing security challenges mobile users face. Unlike other mobile security solutions that were mere adaptations of traditional endpoint security technologies, Zimperium recognized the unique characteristics of mobile devices and set out to develop an entirely new approach. This led to the z9 machine learning-based engine, which protects mobile devices from device, network, phishing, and application attacks. z9 has been widely acclaimed for its ability to identify 100% of zero-day mobile exploits in real-world scenarios without requiring updates or relying on cloud-based detection. This makes Zimperium a pioneer in the mobile security industry.
What does Zumperium do?
Zimperium is a software company based in Dallas, Texas, and the whole reason why the company exists is because the world is moving to mobiles. If you look at employees of companies, they have 24/7 connectivity to the networks through their mobile devices; they have all these apps to make them more productive. However, all these need to be secured for employees to be able to access them. Most companies nowadays interact with their companies via mobile apps, such as banks, cars, etc. The richer these will become, the more they will become targets for hackers. We developed a mobile platform in which companies can implement and secure all the mobile endpoints as well as the mobile apps.
Could you share a case study where Zimperium helped?
We have hundreds of customers that are using our platform, so one case is that you have more than 100.000 employees; they are connecting on the corporate network and other networks, such as hotels, coffee chains, etc. They are also downloading apps from the app store all the time and clicking on links, which might be phishing links. These are all significant risks for the company, so the company needs to know whether anyone connects to networks stealing information, downloading apps that have malware on, and sending data to places you don’t want to be sent.
That is why we have implemented a solution and put this platform to over 100.000 employees, and now they have immediate visibility on which devices are safe and which are not safe. The devices that are not safe can tell the employee to fix them by deleting an app or not connecting to a specific network. All these procedures protect against a potential phishing strategy.
So, when people click on a phishing link, our solution immediately blocks it and says this is a phishing link; do not click on it. Most organisations say they will educate their employees to refrain from clicking on links. However, not all employees listen to that. At least, with Zimperium, organisations can continue educating their employees, but they can actually use our solution to stop phishing links. We are using machinery AI to come up with which links are phishing links and which are not, and it is far more accurate than any database. That is a huge value to our customers.
On the other hand, in another case, like a banking customer building an app, when releasing the app, they do not know if the app is secure or if the app will send information to places that we don’t want to be sent. This can be an alarming situation for the bank. During the development process, the app needs to be scanned continuously to ensure there are no security and privacy issues and there is compliance.
We just came up with a report; last year, we discovered 29 malware families that are attacking 1800 different banking apps globally. That is a massive issue for these banks; we can help them protect their apps.
What are you expecting to gain from the Black Hat Europe 2023?
We have a perfect solution and great partners, but every company worldwide should use our solution. However, people do not know about us, and most are unaware of the problem. Black Hat is one way to get our message out and say this is a real problem, and you need to prioritise this. We aim at large and small enterprises.
What are the future plans of Zimperium?
We are continuing to expand in Europe and globally. We have a presence in the Middle East, Japan, and Australia, which is a big focus for us to keep growing. Also, we will continue building on our solution and increase the market.
What events and conferences are you attending in 2024?
Zimperium is attending the RSA, Black Hat USA, Asia, Europe, the Middle East and many more local shows.
What kind of tips are you giving to organisations to protect themselves?
Just download apps from official app stores, but people do download apps from not official app stores. There is a reason why some apps are off the official app stores. Also, do not connect to public networks; this can steal your information. For example, there is a legitimate app in one airport in Asia that makes you download an app to connect to the Wi-Fi, and you give permission to install a profile on your device. As soon as you do that, all your information is sent to countries you do not want to. People do not know about it, but if our solution is installed on their device, they will be told not to do that as it will be a security risk.