Promon Insight™

Security analytics for mobile apps is the process of collecting and analyzing telemetry data from your applications to detect and respond to security threats. With security analytics, you can monitor the data on app or device performance, behavior, and security events to identify anomalies like unauthorized access or malware attacks. This enables you to proactively address vulnerabilities, enhance app security, comply with regulations, and deliver a safer experience for your users.

Promon Insight™ is a mobile security analytics platform that collects data from mobile apps about the device, app health, and its operating environment. Here's how it works:

Insight Client (on the device): Resides within the Promon SHIELD-protected app and collects device and app usage data, encrypting the data before sending it. If the message can't be delivered immediately, it is stored in a write-ahead log and resent later.

Insight Agent (on the server): The server-side component that receives data from the Insight Client, decrypts it and forwards it to designated storage systems or analytics tools. The agent can be deployed on nearly any server and isn't tied to a specific runtime environment.

Insight Cloud: After the Insight Agent forwards the data, it is processed and stored in the Insight Cloud, where pre-built dashboards provide easy-to-understand analytics and benchmarking for administrators. These dashboards give organizations visibility into threats, app usage, and device performance.

Additionally, the Insight Agent can forward data to other APIs chosen by the organization, giving flexibility for custom integrations with existing analytics and visualization systems.

The data collected will change over time with the evolving threat landscape and device and OS evolution. Initially, the data Insight collects will fall into the following categories:

1. Install-base data: Device manufacturer and model, operating system, version and architecture, app name and version, SHIELD version, etc.
2. Threat detections: jailbroken, rooted, untrusted keyboard, screen reader, emulator and hooking, etc.
3. Evidence data: data that validates the level of evidence behind the detection.*

The data collected by Insight is carefully selected according to privacy laws such as the GDPR or CCPA. As Insight is based on the Promon Trust Architecture, custom data, which can be classified as PII data, will never be sent to the Insight Cloud. You will have the flexibility to send back any data you want without worrying about privacy or compliance.

*Future capability

Promon Insight™ can be deployed on-premises or via the cloud, providing flexibility depending on organizational needs. The on-premises option ensures full control over data and security within the customer’s infrastructure, while the cloud deployment offers scalability, ease of management, and ready-to-go dashboards.

Promon Insight™ detects many mobile threats, including jailbreaking, rooting, debuggers, unauthorized access, emulator and hooking attempts, screen captures, screen recordings, screen readers, runtime integrity, virtual space, and more. It uses both deterministic and heuristic signals to provide comprehensive threat detection enriched with evidence-backed data to minimize false positives.

Promon Insight™ can be deployed and integrated into the app in minutes. Existing Promon customers only have to update their SHIELD® configuration to include Insight, which will automatically be included when the app is shielded. New customers benefit from the ease of implementation through Promon’s Shielder technology, implementing both SHIELD and Insight into the app in a matter of minutes, with no code changes required.

Promon Insight Agent can forward the data to your own third-party tools so you can leverage the power of mobile threat data to enhance your existing systems. As we add more connectors, we will enable quick and easy integration with popular third-party tools.

Yes, you can leverage Insight to add your own custom data elements to the data set. This allows you to add any custom data or data that can’t be collected by Promon due to privacy regulations and still benefit from its value in your own tools. By design, any custom data you add will never be sent to the Cloud component of Insight and will remain only under your control.