A new offering from the recently rebranded Kryptowire—now Quokka—looks to provide mobile application security without infringing on end-user privacy. Mobile security firm Quokka--which earlier this week rebranded from its previous name, Kryptowire--is launching a new smartphone protection product called Q-Scout, designed to offer deep insight into applications on Android and iOS devices without being intrusive to end users. Q-Scout has two primary functions. First, it checks through individual applications on an end-user's device to detect apps with known security flaws. Second, it analyzes the interaction and permission sets granted to installed apps to detect any potentially dangerous interactions. One example would be an app that has permission to access the camera and another with access to the internet--if those two apps are able to communicate freely with one another, it could create the opportunity to exfiltrate photos from the device. Angelos Stavrou, chief scientist at Quokka, said that Q-Scout works differently than traditional MDM (mobile device management) software. Rather than having a robust software agent on the device, which can read personal information and can take up CPU cycles and battery time, Q-Scout effectively clones the hardware and app profile of the device to analyze it in the company's own cloud. "Since we're lightweight, we don't have to analyze your users' data," he said. "Our system uses application technology that we have developed over many years, looking at configurations and cloning them to the cloud." Q-Scout takes policy-based security approach Q-Scout is designed to enable a policy-based approach to mobile security. Enterprise users can identify specific threats that they want to defend against--drawing on the above example, one such policy could be "don't let mobile devices exfiltrate photos to the internet"--and receive either a confirmation that a given user's phone is policy-compliant or a warning that it is not. The system also warns users directly of potential vulnerabilities, offering what Stavrou says is a much more granular approach to mobile security. "With [traditional MDM], you can only remove the app," he said. "With us, you can just curtail the permissions of the app. The key here is that we are trying to be user-centric, and we know that users want to use some apps but also might not like certain features of them." Q-Scout is currently available for Android users, and can be found on the Google Play Store, while the iOS version is expected to release in the fourth quarter of 2022. The client app for smartphones is free, while the enterprise portal will be priced on a per-device, per-month basis, with the actual price point “under $10,” according to Quokka. This story has been updated to include pricing information. Related content news Top cybersecurity product news of the week New product and service announcements from Coro, Descope, Genetec, Varonis, Cloudbrink, Databarracks, and Security Journey By CSO staff Dec 07, 2023 22 mins Generative AI Generative AI Machine Learning news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Cyberattacks Vulnerabilities news BSIMM 14 finds rapid growth in automated security technology Embrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing. By John P. Mello Jr. Dec 06, 2023 4 mins Application Security Network Security news Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending. By Gagandeep Kaur Dec 06, 2023 4 mins IT Jobs Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe