Jamf shows intent to acquire mobile security firm ZecOps
Jamf, the standard in Apple enterprise management, has announced signing a definitive agreement to acquire ZecOps, a mobile detection and response firm.
This acquisition positions Jamf to help IT and security teams strengthen their organisation’s mobile security posture. They will be able to accelerate mobile security investigations from weeks to minutes, leverage known indicators of compromise (IOC) at scale, and identify sophisticated 0 or 1-click attacks on a much deeper scale.
Mobile devices now account for 59% of global website traffic. According to the 2022 Verizon Mobile Security Index, nearly half (45%) of companies said they had suffered a compromise involving a mobile device in the past 12 months.
Jamf offers robust management and mobile security capabilities for iOS devices. However, access to deeper insights into potential security exploits is technically challenging and requires physical access to the device, which is difficult in a remote work environment.
ZecOps will bring important capabilities to the Jamf platform to help address the growing trend of targeted mobile attacks.
ZecOps is a robust, unparalleled solution that provides the deepest layer of insight and assurance for security-conscious customers with high-value targets that need something more.
ZecOps provides the same level of visibility currently available for macOS through Jamf Protect to iOS, making it capable of detecting sophisticated mobile threats that Apple's Lockdown mode aims to prevent.
With ZecOps, users can have both Lockdown mode and ZecOps software operating at the same time.
“I am very excited to bring ZecOps’ market-leading advanced mobile detection and response capabilities into the Jamf platform,” says Dean Hager, CEO, Jamf.
“We believe ZecOps has built a differentiated solution that meets a very important need for many organisations - the ability to thoroughly detect and investigate threats that target mobile users. This capability further propels our goal of continuing to bridge the gap between what Apple provides and the enterprise requires.”
Moreover, advanced protection of mobile devices requires a layered approach.
Proactive investigation and analysis complement device management and mobile threat defence for more advanced detections and preventative protections.
ZecOps enables advanced threat hunting by capturing and analysing logs from iOS and Android devices at the operating system layer, allowing security operations and incident response teams to perform automatic or on-demand mobile cyber investigations.
Furthermore, security teams are already drowning in data. This is so as event logs, analyst reports, third-party threat intelligence feeds, and more are produced regularly for applications, endpoints, and network infrastructure.
Mobile has historically been left out of this data feed. As a result, many investigation teams lack expertise in modern mobile platforms.
ZecOps' sophisticated digital forensics capabilities provide Security Operation Center (SOC) teams with unique mobile threat intelligence to uncover zero-day attacks. ZecOps does the heavy lifting for SOC teams, saving months of work per investigation.
The solution automatically constructs a timeline of suspicious events and indicators of compromise to demonstrate when and how a device was impacted.
Finally, data privacy is also extremely important to Jamf.
ZecOps shares Jamf's commitment to safeguarding user data by ensuring log collection doesn't include the user's material and personal data, such as photos, videos, text messages and call logs, and only leveraging low-level system information and diagnostics data to the cloud for analysis.
ZecOps analysis can also take place on-premises to meet various organisations' and governments' data privacy requirements.
“We founded ZecOps to catch hidden 0-click and 1-click attacks,” says Zuk Avraham, Co-founder and CEO, ZecOps.
“By combining with Jamf, we can offer our customers a truly powerful mobile threat intelligence and threat hunting capabilities that will keep up with the evolving threat landscape without compromising the user experience.”
This transaction is subject to the satisfaction of customary closing conditions and is expected to close in the fourth quarter. The terms of the transaction were not disclosed.