MOBILE PROTECTION PRODUCT UPDATE BULLETIN 1.4 - October 7th 2014
NEW Feature - Device Apps Tab
Mobile Protection now allows Admins to see which apps are installed on all mobile devices under management. In addition, the reputation of the installed applications is shown.
Increased visibility into the devices under management allows Admins to see risky apps and alert users of issues on their device. Additionally, users can be asked to remove applications which don’t comply with company policy.
At this time the details provided on the Device Apps tab is strictly informational. In a future release, Webroot will include enhanced Policy Management around allowed applications.
The new Mobile Admin Console will look like the image below:
http://sw.nohold.net/Webroot/Images/mp%20update%20131%20image%201.png
Details within Device Apps Tab
Applications will be listed by their Name, Identifier, Version, Category, and Reputation. Admins can manually update the device’s listed apps by clicking on the ‘Request App Listing’ button. This will send a request to that device to report all installed applications.
Note: iOS devices will only report user installed applications, not any preinstalled Apple applications.
http://sw.nohold.net/Webroot/Images/mp%20update%20131%20image%202.png
New Reports
Three new reports are available within the Reports tab.
http://sw.nohold.net/Webroot/Images/mp%20update%20131%20image%203.png
The App Rep Distribution report, shown below, illustrates the breakdown of all apps reported within the organization.
http://sw.nohold.net/Webroot/Images/mp%20update%20131%20image%204.png
The App Reputation Definitions
- Malicious: the application was detected as a threat (i.e. Trojan, Rootkit, etc.) by Webroot definitions.
- Unwanted: the application is detected as a Potentially Unwanted Application. A PUA is not malware but has unwanted characteristics which may include: aggressive ads and popups, intrusive privacy policies, marketing to contacts, etc.
- Suspicious: the application has not triggered any definitions but has received machine classifiers in the malicious and unwanted range.
- Moderate: the application does not appear to be suspicious, but contains dangerous permissions (i.e. Send, SMS, Call Phone, etc.).
- Benign: the application is non-whitelisted, contains no dangerous permissions and has received favorable scores from machine classifiers.
- Trustworthy: the application appears in our whitelist and is safe to use.
- Moderate**: this value is returned in a special case when reputation is computed based on package name (i.e. no md5 information is available) and means that both malicious and whitelisted application have been found with the same package name.