Lookout announced their new Lookout Mobile Intelligence Application Programming Interfaces (APIs), exponentially expanding the scope of visibility into enterprise mobile security data.
Lookout Mobile Intelligence APIs integrate critical security data from mobile devices into the solutions already in use by security teams – those like SIEM, SOAR, and XDR. This enables security teams to identify cross-platform attacks, risky trends or abnormalities, and potential risks.
Mobile devices have become the cornerstone of modern organizations, allowing employees to complete their work and access the sensitive data they need with flexibility and accessibility. However, mobile devices have also become a ripe target for threat actors attempting to compromise sensitive corporate data through the modern kill chain.
To protect against this imminent threat, Lookout Mobile Intelligence APIs give security teams visibility into what’s going on with their mobile fleet to protect against account compromise due to social engineering, potential data leaks due to vulnerable apps and device takeovers due to out of date operating systems.
“Enterprise security teams must have the utmost visibility across all endpoints to ensure their organizations are fully protected, but the SIEM, SOAR, and XDR solutions they rely on to do that are only as effective as the data within them,” said Firas Azmeh, President, Mobile Endpoint Security, Lookout. “Lookout Mobile Intelligence APIs elevate the critical security data that exists in mobile environments, so organizations can get the most out of their existing SIEM and XDR investments and security teams can stay ahead of modern attackers.”
The integrations available through Lookout Mobile Intelligence APIs work both ways, meaning that Lookout not only provides an immense amount of insight into an organization’s mobile fleet, but can also accept inbound policies that security teams may have applied to other endpoints, allowing them to standardize across the organization.
While mobile environments differ significantly from conventional endpoints, the Lookout Mobile Intelligence APIs deliver a wealth of data about a customer’s unique and specific environment so they can make well-informed decisions on how to keep that data secure.
Additional capabilities include:
- Detailed streaming of:
- Administrative audit events, like who at the organization made changes to the environment
- Device state change events, like newly registered and risk changes
- Threat events, as they occur
- Smishing and Executive impersonation alerts, as they happen
- The ability to review the state of their mobile fleet by:
- Generating lists of devices that meet certain criteria
- Retrieving specific device details, if for example a device is still showing as high risk
- Identifying the versions of iOS and Android Security Patch levels in their environment
- Identifying the CVEs associated with a given OS or ASPL or even specific devices
- Make use of third party threat data by ingesting lists of domains that devices should be prevented from connecting to, allowing a security team to normalize web protection across all platforms.