RiskIQ analyzes eight million mobile apps from 91 different app stores. Since there are far more app stores than Google Play and the Apple App Store, there is a strong possibility that you'll find something malicious.
The process of app analysis is rigorous. First, RiskIQ does a full binary reproduction of the app. Then it performs both a static and dynamic analysis. Then it tracks the apps in the app store and around the world.
At the same time, RiskIQ is busy collecting data across the internet looking for phishing, malware distribution sites, etc. To do this, the firm uses virtual users rather than bots or web crawlers. These virtual users behave as real users do when browsing, downloading and using web resources. This activity unearths malicious content, such as malvertising and enables tracking.
Part of this activity helps RiskIQ locate its customers' digital assets no matter where they reside. Analysis also includes the typical tasks, such as passive DNS, reverse whois and monitoring of activity by Java scripts and widgets. Combining these techniques with the more sophisticated proprietary analysis capabilities in the RiskIQ arsenal provides a high assurance of protection against various types of online fraud.
This is a strong tool, well-conceived and chock-full of reports that contain as little or as much detail as your particular application requires. For the security or fraud analyst, there is more than enough information to help identify and respond to threats. The dashboard can provide a simple and quick view of activity. Overall, this is a complete product and a unique approach to the problem of online fraud.
At a glance
Product RiskIQ Platform
Price $35 per 1,000 analyzed pages per year; for the mobile product, $150,000 per analyzed brand plus cumulative consumer downloads per year.
What it does Threat protection centered outside the firewall.
What we liked This is a truly creative approach to intercepting web and mobile threats and diffusing them. We especially liked the concept of virtual users.