As consumers venture out of walled-garden app stores, mobile malware is bound to pop up, and as it does, consumers (and businesses) frequently begin to ask how they should be protecting themselves and their devices. Is a mobile antivirus the solution? Never buying off-market apps?
zImperium, a startup founded by a cadre of security professionals, researchers on both the offense and defense sides of security with a background in mobile. This startup is today launching something new for mobile security. Called zDefender, this product can detect malicious attacks and take proactive measures to reduce threats via automatic preventive traffic filters and a remote management console.
“Currently, the antiviruses available to us are simply not doing the trick,” said zImperium chief executive and co-founder Zuk Avraham, onstage at DEMO Spring 2012 in Santa Clara, Calif., where he was unveiling his company’s new product. “Once a malware has infected your phone, any existing solution will not help, and it’s simply game over.”
zDefender isn’t just for paranoid consumers, either. In the world of BYOD (bring your own device) workplaces, smartphone security has become a huge topic of concern to tech-focused executives and managers. Higher-ups are concerned that employees are compromising company security and are taking extensive and aggressive measures to stay on top of employee-owned mobile device security. So zImperium is right on trend with this new product, and it’s poised to rake in the cheddar from a segment of the industry that loves to pay.
“Mobile phones are replacing the traditional home and business computers. Mobile security is therefore a growing concern, and most people don’t realize how vulnerable they really are,” Avraham said in a recent conversation with VentureBeat. “Today, mobile devices carry all of your personal data and information, and I don’t know of anyone who would want a persistant trojan on his system. We prevent that and help create a safer way to communicate and conduct business.”
The problem with currently available mobile anti-virus systems, says Avraham, is that they operate on the same permissions level as do the security threats themselves. As a result, by the time the anti-virus software is aware of the threat, it’s already too late, particularly for malware that has already managed to elevate its own privileges.
zDefender, on the other hand, will operate at the firmware level to make sure the device is protected from malicious software before the device is actually attacked.
The company demonstrated the weakness of many phones by redirecting HTTP traffic from some DEMO attendees’ phones to a harmless demonstration site, using the same techniques that more malicious phone hackers could use. According to Avraham’s demo, 16 attendees’ phones had been caught by the demonstration trap as of 11:30am on the conference’s first day. With zDefender installed, the same attack did not work.
“As you carry around devices that have sensitive information, you’re going to have this vulnerability that needs to be addressed,” said David Gutelius, chief social scientist at Jive, who was part of an investor panel after the company’s presentation.
To get more copies of zDefender on more devices, the company is trying to partner with mobile manufacturers and carriers around the globe — again, focusing less on the one-at-a-time consumer level and aiming for the big adoption numbers and big paychecks of huge organizations with millions of individual end users.
zImperium began its work in April 2011 in Tel Aviv. To date, the company has taken $250,000 from a sole angel investor.
zImperium is one of 80 companies chosen by VentureBeat to launch at the DEMO Spring 2012 event taking place this week in Silicon Valley. After we make our selections, the chosen companies pay a fee to present. Our coverage of them remains objective.
Image courtesy of David Hammonds, Shutterstock