Review: Lookout – Intelligent mobile threat protection
Lookout could become the next big vendor in the field of malware threat protection. They have a unique approach that is based on a huge network of users already using the Lookout app.
I first met Lookout in Cologne, Germany. One of their representatives explained to me that they protected devices from malware by analyzing the installed apps. My first thought was, it’s one of the many app security vendors that create app catalogues and categorize apps by the level of threat. The levels are: no threat, potential threat and infected. We met again at CeBIT and I had the chance to dive deeper. Then, I understood the difference and their value add. Lookout has been around for 9 years and started with a consumer app that helped users to protect their devices from malware, find their devices in case of loss or theft and backup their data (contacts and photos) to the cloud in case the device breaks or gets lost. Photo upload and also an automatic warning email, that is sent to you in case suspicious actions like taking out the SIM card or turning on flight mode are detected, are premium features. Even though, for photo upload, we already have cloud services like iCloud, Google Drive and One Drive, it is still nice to have, just in case the other backups weren’t turned on.
The consumers have the Lookout app on their phones and this app analyzes the apps on the phone for malware. In order to find malware or apps being potentially at risk, it compares the app data on the phone, basically the app code, with the app data that is already saved in Lookout’s cloud platform. They have information of over 100 million sensors (devices) and over 15 million apps in their cloud. When an attack is identified, the information about this attack’s structure is saved in the cloud. If a further app with a similar structure is identified, then this app might be potentially at risk. Lookout engineers check this app and if an infection is detected, this app is added to the dataset of infected apps. Lookout use machine learning (the Helix™ Security Engine) to get better and better predicting possible attacks. This way a zero-day prediction of infected apps can be provided. It is a very advanced approach that is so powerful thanks to the many users using the Lookout app privately.
For enterprises, this becomes even more interesting as many of their users might already have the Lookout app installed. Thus, data of most of the apps that their users use has already been analyzed by the Lookout cloud. In order for the enterprises to see what potential threats they might have in their network, they can get the Lookout enterprise edition and via an admin console (the Mobile Threat Protection Console) they can check which apps are infected. If their users don’t use Lookout yet, it would make sense to distribute the Lookout app via an Enterprise Mobility Management solution to all their devices to find out whether there are any potential threats. Threat protection happens on app and OS level.
For enterprises, there are three products available, the Mobile Threat Protection Console (mentioned above), the Mobile Intelligence Center (that gives you access to Lookout’s app dataset in the cloud) and an App Vetting API (that helps you check apps for malware before you roll them out).
They also have an integration with EMM vendors like MobileIron, that allows an easier communication between the two solutions. Before an app is rolled-out with MobileIron, it can be checked via Lookout, and Lookout’s app can be rolled-out to the devices via MobileIron.
Using Lookout on enterprise level, you get three main benefits:
- Data protection through early detection of threats
- Support of BYOD as all apps and data are under control
- Visibility into footprint of private devices without compromising user privacy
How does Lookout differentiate from other offerings that provide a catalogue of for malware analyzed apps?
They don’t analyze every app “manually” but use a powerful machine learning algorithm based on known threats. Their huge user-base allows to collect an immense amount of data which makes their cloud platform the biggest dataset of mobile app data. This system helps them to provide zero-day protection.
I tried out the Lookout app for private use. Below, you will find my experience.
I installed it from the App Store. At the beginning, you are taken through 4 questions that serve as a tutorial.
- What do you do when your phone is lost?
- What do you do when your battery is empty and you don’t find your phone?
- What happens when you break your phone and haven’t saved your data?
- How to make sure that your phone is safe?
The answer is always: Lookout will help you!
Then you register with an email address and password.
In the free version, you get
- Device locating (Missing Device)
- App and OS checking (Security)
- Backup of contacts (Backup)
Below, you will find some screenshots.
In the premium version, Theft Alert is added. This means that if suspicious action is taken on your device (elimination of SIM card or enabling flight mode) you will receive an email.
If you’d like to try Lookout, feel free to download it here:
In case you would like to try out the premium version, I have a goodie for you. The first 5 who register for the premium version below, will get a voucher for 12 months of premium version for free, instead of 2.99€/month.
IMPORTANT: If you use the redemption code delivered by the voucher, you will have to go to lookout.com/redeem on your mobile device first and enter the code. Then you are redirected to the app store of your choice and then you download the Lookout app. You can then register with the code being associated with your app.
If you download the Lookout app first, it won’t work.
Sign up for a free Lookout Premium voucher here:
If you go for the trial, please share your experience with me in the comments.
Have a great day!