Zscaler's ThreatLabZ Launches Free Mobile App Profiler to Help Users Assess Their Risk

Zscaler, the leader in secure cloud gateway solutions, announced today the results of an analysis from ThreatLabZ, the company’s security research arm, which reveals that up to 10 percent of mobile apps expose user passwords and login names, 25 percent expose personally identifiable information and 40 percent communicate with third parties. The analysis was done using the new Zscaler Application Profiler (ZAP), a free online tool that makes it easy for users to assess mobile apps for security risks.

There are over one million mobile applications, and more than 1,500 new apps being released every week. Users who download these apps, even from trusted sources, assume security measures are built in. However, the new research from Zscaler ThreatLabZ shows that is not always the case. The ThreatLabZ team analyzed hundreds of applications, and found that many popular apps leave user names and passwords unencrypted, while others are insecurely sharing personal information—such as names, email addresses and phone numbers—as well as communicating with third parties, including advertisers.

“App stores have strict guidelines about which logos and colors developers can use, yet application security remains largely unenforced,” said Michael Sutton, vice president of Security Research at Zscaler. “Using ZAP, mobile app developers, users and corporate IT organizations can easily assess the security risks of apps before they are installed, and analyze installed apps for privacy violations.”

Zscaler’s Application Profiler is an easy to use online tool where users can search the name of any iOS or Android app, and receive an instant assessment of its security and privacy risks, along with an overall risk score. Users can also use ZAP to scan traffic from an app installed on their device to see whether their own data is being exposed. No security expertise is needed to use ZAP. As more users submit mobile apps for analysis, Zscaler’s ThreatLabZ team adds the results to the ZAP database, in effect crowdsourcing the security profiles of thousands of mobile apps. A video walkthrough on how to use the tool is available at http://youtu.be/r9pW8PCyxCo.

Zservices (Zscaler Middle East Cloud) is exhibiting at Gitex as an Etisalat partner and can be found at Etisalat stand number Z-A10 in Zabeel Hall.

“ We will be having live demonstrations of Zscaler android safe browser and the Zscaler mobile app profiler at Gitex, where trade visitors get an opportunity to experience these technologies first-hand,” concluded Mohammad  Flaifel, technical manager at Zservices (Zscaler Middle East Cloud).

About Zservices (Zscaler Middle East Cloud)

Zservices is deploying, building and operating Middle East local Zscaler cloud – through Zscaler’s multi-tenant, globally-deployed cloud infrastructure. Zservices Middle East cloud infrastructure offers per country local cloud traffic termination and end user data privacy.

About Zscaler: The Cloud Security Company™

Zscaler enforces business policy, mitigates risk and provides twice the functionality at a fraction of the cost of current solutions, utilizing a multi-tenant, globally-deployed infrastructure. Zscaler’s integrated, cloud-delivered security services include Web Security, Mobile Security, Email Security and DLP. Zscaler cloud services enable organizations to provide the right access to the right users, from any place and on any device—all while empowering the end-user with a rich Internet experience. For more information, visit www.zscaler.com 


Your email address will not be published. Required fields are marked *