Proofpoint Buys Mobile App Threat Identification Assets

Proofpoint has purchased the assets of Marble Security, a malicious mobile app identification company, to provide enterprise customers with greater visibility into this rapidly growing threat.

The Sunnyvale, Calif.-based cybersecurity vendor said its acquisition of Menlo Park, Calif.-based Marble Security's technology and nearly 20 employees will help prevent hackers from gaining access to company emails, contacts or calendar invites through an employee's Android or iPhone, said Ryan Kalember, Proofpoint's senior vice president of cybersecurity strategy.

Marble Security's technology can comb through all of Google Play or Apple's App Store and find apps that are behaving in ways they shouldn't, Kalember said.

[RELATED: Q&A: Proofpoint CEO On How To Keep Up With Rapidly Evolving Security Landscape]

Terms of the acquisition, which closed early last week, were not disclosed. Proofpoint extended offers of employment to all employees of Marble Security, which was founded in 2012.

Marble Security's offering will be rebranded as part of Proofpoint's TAP (Targeted Attack Prevention) Mobile Defense and will typically be bundled with other TAP offerings, according to Kalember.

It will likely be sold as a 12- or 24-month subscription service priced on a per-user basis, with the capability of rolling Marble Security protections out to hundreds of thousands of users in mere days.

Although mobile apps are only the third most common way to penetrate an IT system -- behind social media and the old standby of email -- Kalember said it's the fastest-growing breach method. Even though a mobile device can't be compromised or taken over like a PC, hackers can still coerce employees into opening malicious apps and then withdraw the information they find most valuable.

Kalember anticipates Proofpoint partners will sell Marble Security's offering ether as part of an advanced threat bundle or as an upsell to an enterprise mobility management tool. The advanced threat bundle can address everything from threat detection to endpoint security, Kalember said, and, thanks to this latest acquisition, will now include fewer vendors.

Kalember said a mobile application threat identifier such as Marble Security can only differentiate itself from the competition by connecting its intelligence to the intelligence of other sources. To wit, Proofpoint plans to link the Marble Security offering to an internal graph database, which Kalember said uses big data analytics to try to find patterns in how the hackers are operating.

"The bad guys use a lot of the same tools over and over again," Kalember said.

Even though some of the data points are IP addresses while others are strings or files, Kalember said Proofpoint is capable of identifying correlations regardless of how the data is sourced.

Optiv Security (formerly Accuvant and FishNet Security) customers are very concerned about malicious mobile apps, according to Dan Wilson, executive vice president of partner solutions for the Denver-based company, No. 26 on the 2015 CRN Solution Provider 500.

"Whenever we see a strong partner of ours expand their solution set organically or via acquisition, it's positive for our business and our clients," Wilson said in an email.

PUBLISHED AUG. 5, 2015