Virtualization Technology News and Information
OpenPeak Advances Mobile Cybersecurity with SANCTION In-App Hypervisor

OpenPeak Inc., a leading provider of mobile cybersecurity solutions, today introduced the industry’s only in-app hypervisor. The new in-app hypervisor, named SANCTION, delivers unsurpassed levels of enterprise data encapsulation and advanced app firewalling. SANCTION enables organizations to track, detect, manage and protect all instances of data movement initiated by mobile applications on smartphones and tablet devices without any reliance on gateways or proxies in the network.

A number of recent events have illustrated the immediate need for a way to protect businesses and consumers from malicious developers, third-party libraries, and even developer tools used to create apps for mobile devices.

Apple recently announced the removal of over 250 iOS apps with over a million estimated downloads from its App Store. The affected apps were siphoning personal information from users and sending it to remote servers without the knowledge of their legitimate developers, who had unknowingly used a malicious 3rd party SDK in their application. This news came only a few weeks after the discovery of the XcodeGhost malware, where a modified version of Apple’s app development tool added malicious code to apps without the developer’s knowledge. Over 500 million users were potentially affected by the XcodeGhost malware. Most commercially available solutions for mobile app protection require modification or recompilation of an app with an SDK. Unfortunately, none of these SDK approaches could have identified the malicious code highlighted in recent attacks.

“Secure access to data from mobile devices is an absolute necessity in today’s business, education and government environments. Much of that access is now initiated via mobile applications on end user devices,” said Andy Aiello, COO of OpenPeak. “In order to ensure that those applications are not intentionally or unknowingly passing on sensitive business or personal information to unscrupulous 3rd parties is an imperative. The only way to successfully achieve the necessary level of security is by ongoing monitoring, threat detection, and remediation capabilities on a per-app, per-connection basis in a way that cannot be circumvented by malware or malicious libraries.”

OpenPeak’s SANCTION in-app hypervisor takes a revolutionary approach. Leveraging OpenPeak’s patented ADAPT technology, which adds a full suite of isolation, authentication, authorization, encryption, auditing, and policy enforcement into each app, SANCTION adds an embedded hypervisor and advanced firewall into the wrap to intercept and inspect every interaction between the app and the underlying OS.

Because ADAPT takes place after the app is compiled, there is no developer involvement needed and no way for any malicious software to bypass its security mechanisms. The embedded software provides protection from any actions by an app or from malicious code that may be embedded within third-party libraries or even development tools. This patented technology creates a distinct administration and protection domain for enterprise apps.

The SANCTION in-app hypervisor protects all forms of data movement by applications, and allows enterprises to block or allow specific connections on a per app or per connection basis. SANCTION gives enterprises control over: network traffic or traffic patterns, enterprise contacts usage, enterprise calendar access, enterprise email, copy and paste, external storage, inter-app communication including Open-In, URIs, URLs, intents, and service bindings; NFC/Bluetooth, screen capture, and device jailbreak/rooting. In addition to the vast levels of control that enterprises may enable through SANCTION, each blocked action can also have a policy violation rule attached to it. The policy rules allow enterprises to generate automated notifications to admins, end-users, and devices, or take actions like quarantining an application, or even removing an application or wiping the entire secure workspace.

SANCTION also provides surgical, closed-loop policy controls to identify, isolate, and respond to all security threats, even zero-day threats from code embedded in otherwise trusted apps.

For more information, visit

Published Thursday, October 29, 2015 1:03 PM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2015>