A new offering from the recently rebranded Kryptowire—now Quokka—looks to provide mobile application security without infringing on end-user privacy. Mobile security firm Quokka--which earlier this week rebranded from its previous name, Kryptowire--is launching a new smartphone protection product called Q-Scout, designed to offer deep insight into applications on Android and iOS devices without being intrusive to end users. Q-Scout has two primary functions. First, it checks through individual applications on an end-user's device to detect apps with known security flaws. Second, it analyzes the interaction and permission sets granted to installed apps to detect any potentially dangerous interactions. One example would be an app that has permission to access the camera and another with access to the internet--if those two apps are able to communicate freely with one another, it could create the opportunity to exfiltrate photos from the device. Angelos Stavrou, chief scientist at Quokka, said that Q-Scout works differently than traditional MDM (mobile device management) software. Rather than having a robust software agent on the device, which can read personal information and can take up CPU cycles and battery time, Q-Scout effectively clones the hardware and app profile of the device to analyze it in the company's own cloud. "Since we're lightweight, we don't have to analyze your users' data," he said. "Our system uses application technology that we have developed over many years, looking at configurations and cloning them to the cloud." Q-Scout takes policy-based security approach Q-Scout is designed to enable a policy-based approach to mobile security. Enterprise users can identify specific threats that they want to defend against--drawing on the above example, one such policy could be "don't let mobile devices exfiltrate photos to the internet"--and receive either a confirmation that a given user's phone is policy-compliant or a warning that it is not. The system also warns users directly of potential vulnerabilities, offering what Stavrou says is a much more granular approach to mobile security. "With [traditional MDM], you can only remove the app," he said. "With us, you can just curtail the permissions of the app. The key here is that we are trying to be user-centric, and we know that users want to use some apps but also might not like certain features of them." Q-Scout is currently available for Android users, and can be found on the Google Play Store, while the iOS version is expected to release in the fourth quarter of 2022. The client app for smartphones is free, while the enterprise portal will be priced on a per-device, per-month basis, with the actual price point “under $10,” according to Quokka. This story has been updated to include pricing information. Related content news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry news UK data regulator warns that data breaches put abuse victims’ lives at risk The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse. By Michael Hill Sep 28, 2023 3 mins Electronic Health Records Data Breach Government news EchoMark releases watermarking solution to secure private communications, detect insider threats Enterprise-grade software embeds AI-driven, forensic watermarking in emails and documents to pinpoint potential insider risks By Michael Hill Sep 28, 2023 4 mins Communications Security Threat and Vulnerability Management Security Software news SpecterOps to use in-house approximation to test for global attack variations The new offering uses atomic tests and in-house approximation in purple team assessment to test all known techniques of an attack. By Shweta Sharma Sep 28, 2023 3 mins Penetration Testing Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe