Driven by exponential growth in the consumer market, new mobile devices (smartphones and tablets) are now entering the world of governments and companies. They open up opportunities to develop new applications on very large targets for citizens, customers, and already the first connected objects.
The advent of this new equipment is largely due to the success of application stores (Apps Store, Google Play, Windows Store ...) and very large scale deployments of of micro-applications.
These Apps fully exploit the interactive capabilities of the mobile devices. They enable new way to use smartphones and tablets. Most importantly, they are free, simple to use and efficient.
For administrations and corporations, if these developments are a source of opportunity, they generate, at the same time, new needs in terms of security and confidence because the mobility services expose organizations, their employees, partners and customers to new threats.
The origin of these threats lies in several points:
1. The nature of the new terminals, more open and communicative, are used for business purposes but also private
2. App stores are more or less secure,
3. Apps are easy to copy, clone or divert for hackers,
4. Consumers are not inhibited by the risk of downloading malicious apps,
5. Conventional antivirus solutions are inadequate with the reactivity of hackers, their exponential production of clones and other malware.
6. Users do not control personal or professional data handled by Apps: Phone numbers, SMS, agenda, payment and card details, health data, professional and personal files, pictures, recordings, etc.
The threat increases when apps establish connections and perform actions on the mobile device, often without control regarding the compliance of the security policy of corporate information systems with which the device interconnects.
The "Apps + Store" model induces new constraints on the IS and extends the scope and the security issues.
In the field of mobile security, Pradeo has designed and developed a behavioral analysis engine for mobile application, called "Trust Revealing".
For a given application, the engine reveals exhaustively actions performed by the application:
1. What connections the devices establishes,
2. What data the manipulates: user data (SMS, pictures, calendars, contacts, files, etc..), device data, application data,
3. What operations it performs: Sending data to a remote server, sending automatic SMS payment over unsecured connections, etc…
Thanks to Trust Revealing technology Pradeo offers to its customers a securing apps promise and a protection against attacks by cybercriminals made through
mobile applications available on public stores.
A new generation of security solutions dedicated to mobile and connected items' apps by pradeo 4-page flyer_english_(c)2014
1. 1
New generation of security solutions
dedicated to mobile and connected items apps
Mobility and security needs …
Driven by exponential growth in the consumer market, new mobile devices (smartphones and tablets) are now entering the world of governments and companies. They open up opportunities to develop new applications on very large targets for citizens, customers, and already the first connected objects.
The advent of this new equipment is largely due to the success of application stores general public (Apps Store, Google Play, Windows Store ...) and very large scale deployment of the concept of micro-application. These Apps fully exploit the interactive capabilities of the mobile devices. They make appear new way to use smartphones and tablets. Most importantly, they are ready to use, simple and intuitive.
For administrations and companies, if these developments are a source of opportunity, they generate, at the same time, new needs in terms of security and confidence because the mobility services expose organizations, their employees and their customers, to new threats. The origin of these threats lies in several points:
- The nature of the new terminals, more open and communicative, used for business purposes but also private,
- Public app store more or less secure,
- The Apps are easy to copy, clone or divert for hackers,
- Some gullible consumers without inhibition or restraint against the risk of downloading malicious apps,
- Conventional antivirus solutions inadequate with the reactivity of hackers and their exponential production of clones and other malware antivirus solutions.
- Sensitive local, personal or professional data, handled through Apps, uncontrolled by the user: phone numbers, SMS, diary, mobile payment, health data, professional and personal files, photos, etc.
As part of professional practice, the threat increases as the Apps established connections and perform actions on the mobile device, often without control regarding the respect of the security policy of the Information System. The "Apps + Store" model induces new constraints on the IS and extends the scope and the security issues.
2. 2
The company and its innovative solutions …
3 major products based on:
History
Pradeo is an innovative French company
founded in 2010, specialized in the field of
mobile devices security and mobile
application security.
The particularly innovative nature of our
products has been recognized and praised
by many professionals invested in the field
of mobility. Pradeo has earned many
prices:
- In 2010 and 2011, twice in a row
winner of the competition to help
create innovative enterprises of the
French Ministry of Research.
- In 2011, winner of the Innovation
Award at the Digiworld summit.
- In 2012, winner of the prestigious
"Venture Capital" of the French
Senate contest, and the prize for
the internationalization of the CCI
(Chamber of Commerce and
Industry) in Paris.
More recently, the Gartner analysis
demonstrates the global reach of our
technology and confirms the relevance of
our solutions. Thus, Gartner recognizes
Pradeo as "visionary" on mobile
applications security (ref: Magic
Quadrant "Apps Security Testing" - Joseph
Feiman & Neil MacDonald - 1 July 2014)
A structuring innovation …
In the field of mobile security, Pradeo has designed and developed a
behavioral analysis engine for mobile application, called "Trust
Revealing". For a given application, the engine reveals exhaustively
actions performed by the application:
- What connections it establishes,
- What data it manipulates: user data (SMS, photos, calendar,
contacts, files, etc..), Device data, application data,
- What operations it performs: sending data to a remote
server, sending automatic SMS payment over unsecured
connections, etc…
Thanks to this technology which is the foundation of our products
and service, Pradeo offers to its customers a securing apps promise
and a protection against attacks by cybercriminals made through
mobile applications available on public stores.
Products targeting Apps security
Pradeo’s products are positioned on the apps value chain for
contributing to mobile application security.
The value chain is composed by 3 key links:
- Application production provide by the company and/or its
partners
- The distribution of applications, through a private store (for
employees) or public stores (for customers)
- Their "consumption" from mobile devices users.
Pradeo secures the implementation of the Apps value chain within
companies.
SaaS or “on Premise” platform, where an
editor, consultant or company may submit
a mobile application, with one click, and
get a security audit of an application.
THE Solution for companies to secure
their smartphones and tablets by taking
control of applications security level. This
solution unifies in a single product of the
security services and the services of
traditional management: MDM (Mobile
Device Management), MIM (Mobile
Information Management), MAM (Mobile
Application Management).
API version of CheckMyApps, dedicated to
companies that develop critical mobile
applications (payment, healthcare,
defense, etc...). CheckMyApps API is
integrated into their critical application
and check that the others applications
installed on the smartphone environment
are safe in order to guarantee the
execution of the critical apps.
3. 3
The way Pradeo support companies in developing their own Apps value chain …
… and the key differentiators of Pradeo on the the IT mobile security market
■ Manage and protect a fleet of
mobile devices
■ Real time control of
downloaded apps and mobile
fleet exposure to security risk
■ Prohibit the use of applications
that do not comply with the
security policy of the company
■ Audit with one click the
behavior of a mobile
application
■ Deliver a trust and
security mark base on
the behavior of an app
Trusted mobile services
and Secured use of mobile
devices…
On the entire apps value
chain…
■ Protect the execution of a
critical mobile application
■ Real time control of
downloaded apps
■ Block the execution of the
critical apps in case of major
risk
Production Consumption
App App App App
App App App App App
App App App App
App App App App
App App App App
App App App App App App App
App App App App App App App
Distribution
Corporate Store
Public Store
■ Manage a Corporate store dedicated to
employees
■ Manage public or business list of apps
recommended by the company
■ Manage whitelists and / or
blacklists of applications thanks to
ourworld database of apps audit
Pradeo technology is unique, only now
able to reveal the hidden behavior of
mobile applications (ie having the ability
to detect simultaneously manipulation by
an App of the smartphone resources and
the use of communication functions
presupposes a leak or theft of such data).
Pradeo’s technology has a truly global
reach. It is protected by patents and is
unique among historical security actors.
To date, none have the ability to reveal
the behavior of Apps with depth and
completeness of Pradeo.
Unlike traditional antivirus do not provide
effective protection against malwares,
Pradeo brings major technological
breakthroughs in mobile security:
protection from the 1st download and
customization of security policy.
Although it is a young company, Pradeo
has already acquired early references
that legitimize and validate its
development priorities and the relevance
of its solutions: Sanofi, Bull, French
Ministry of Foreign Affairs, La Poste, Radio
France, Leroy Merlin ...
4. 4
France – Montpellier
Headquarter
Cap Omega
Rond Point Benjamin Franklin
34960 Montpellier cedex 2 France
+33 4 67 13 01 05
contact@pradeo.net
France – Paris
150 rue Galliéni
92100 Boulogne Billancourt
France
United States– New York
New York
NY
+1 201 920 8778
Thailand
Terry Wilcox
Mobile:+66 (0)8170 11 315