SYSTEMS AND METHODS FOR APPLICATION SECURITY ANALYSIS
First Claim
1. A method, comprising:
- evaluating each of a plurality of applications for privacy, data leakage, or malicious behavior, the plurality of applications residing on a mobile device, the mobile device being configurable to access an enterprise system;
calculating a risk score for each of the plurality of applications based on the evaluating;
determining whether each of the plurality of applications meets or exceeds a risk score threshold; and
automatically remediating the applications, of the plurality of applications, for which the risk score meets or exceeds the risk score threshold.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for analyzing applications for risk are provided. In the example method, the applications reside on a mobile device that is configurable to access an enterprise system. The example method includes evaluating each of a plurality of applications variously for privacy, data leakage, and malicious behavior. The example method also includes calculating a risk score for each of the plurality of applications based on the evaluating; and automatically remediating (e.g., quarantining) the applications, of the plurality of applications, for which the risk score meets or exceeds a risk score threshold. The method may evaluate all of the applications residing on a mobile device. The method may include grouping application behaviors, for each of the applications, that indicate an increased risk into groups comprising various combinations of a privacy risk, a data leakage risk, an account takeover risk, a device takeover risk, and a malware risk.
-
Citations
26 Claims
-
1. A method, comprising:
-
evaluating each of a plurality of applications for privacy, data leakage, or malicious behavior, the plurality of applications residing on a mobile device, the mobile device being configurable to access an enterprise system; calculating a risk score for each of the plurality of applications based on the evaluating; determining whether each of the plurality of applications meets or exceeds a risk score threshold; and automatically remediating the applications, of the plurality of applications, for which the risk score meets or exceeds the risk score threshold. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A mobile device management system, comprising:
-
one or more enterprise devices that provide enterprise services; and an application risk analysis system, comprising a processor that executes instructions stored in memory to; detect mobile devices attempting to access the enterprise services; and conduct a risk analysis of a plurality of applications residing on the mobile devices, comprising; comparing the plurality of applications to a whitelist and blacklist; for the applications not on the whitelist or blacklist, monitoring application behaviors of the application; grouping application behaviors that indicate an increased risk into groups comprising a privacy risk, a data leak risk, an account takeover risk, a device takeover risk, and a malware risk; calculating a risk score for each of the plurality of applications based on the application behaviors; and automatically remediating respective applications of the plurality of applications if the risk score calculated for the respective applications meets or exceeds a risk score threshold.
-
-
26. A non-transitory computer-readable storage medium having embodied thereon instructions, which, when executed by at least one processor, perform steps of a method, the method comprising:
-
evaluating each of a plurality of applications for one or more of privacy, data leakage, and malicious behavior, the plurality of applications residing on a mobile device, the mobile device being configurable to access an enterprise system; calculating a risk score for each of the plurality of applications based on the evaluating; determining whether each of the plurality of applications meets or exceeds a risk score threshold; and automatically remediating the applications, of the plurality of applications, for which the risk score meets or exceeds the risk score threshold.
-
Specification