Posts

Ingest Mobile Threat Events from Zimperium zConsole in Amazon Kinesis Data Streams & Kinesis Data Analytics

Image
Prologue: In uncertain times; we search for security, stability, and certainty. This could be economic security, financial security, information security, or even securing your next roll of toilet paper. I want to thank medical experts around the world who have tirelessly worked around the clock to combat the COVID-19 pandemic, and help bring that feeling of security back. Their selfless actions are an inspiration to us all, and I am forever thankful for their sacrifice. Thank you to the businesses who have stepped up and shown the best of themselves. Examples include;  American Airlines & Hyatt  offering complimentary vacations to medical experts,  Samsung and Google  offering free device repairs to medical experts, VMware partnering with  NHS  to develop a contact tracing application, while  Google and Apple would partner to develop API's for contact tracing. Leaders outside the medical community have stepped up and shown the best of themsel...

Remove sensitive information from data at rest when authenticating to Workspace ONE API's by entering credentials at runtime (part 2)

Image
When it comes to accessing API's and securing your digital workspace, we have options. When accessing Workspace ONE API's, we have options when securely interacting with them; like using base64 encoded credentials, or  OAuth  access tokens (versions 2001 and newer). In a previous blog post, we covered how to store sensitive credentials used to access Workspace ONE API's with a config.ini file. This approach works, and while ACL's can limit accounts that can read data at rest; organizations may still prefer to not store credentials in something like json or a old school ini file.  Today, we'll provide you with your daily dose of uplifting imagery from Hawaii, code to retrieve credentials at runtime, store base64 encoded credentials in memory during execution, and access Workspace ONE API's with the credentials. This way, you can simply hand your code off to operations, sit by the beach, hop on a trail, and enjoy your time in Hawaii. Waimea Canyon, the G...

Digital Workspace Mobile Threat Detection & Response with Workspace ONE & Zimperium - Integrating zConsole

Image
Mobile threat detection and response is an area of ever-growing importance, as the world finds themselves accessing sensitive resources on devices everywhere. Application, identity or device management only offers so many protections to the assortment of threats users are faced with.  Digital Workspace products like Workspace ONE and Zimperium's zIPS compliment each other, and offer an additional level of compensating controls, specifically for mobile threats. These capabilities allow your organization to detect threats you might not have had visibility of, let alone the ability to mitigate. Zimperium focuses on being best-in-breed in MTD, and it shows. In 2019; Zimperium would be the first MTD to be FedRAMP authorized, partner with the VMware to join the Trust Network, and selected by Google to join the App Defense Alliance.  To make this integration possible, you must first, thank your CISO, and then integrate Zimperium's zConsole with Workspace ONE UEM. I...