The Heartbleed vulnerability - which could impact more than 65% of the Internet, has many scrambling. For mobile users, the Android devices or mobile apps they are using could be vulnerable and expose the information they access and store on their mobile phones. See how Lacoon's unique detection and protection capabilities can protect mobile devices from Heartbleed exploits, buying IT departments time to assess and patch affected devices/apps while preventing any data loss.

1. Why Heartbleed Doesn’t Give Lacoon
Customers a Heart Attack
How Lacoon Helps Enterprises Protect Their Mobile Devices
and Data
Lacoon Mobile Security
1

2. 2
What is Heartbleed?
Vulnerability that
leverages the
heartbeat messages
of an SSL session to
steal information
1
Products that use
OpenSSL Versions
1.0.1a through 1.0 are
vulnerable – our
research shows that
many enterprise apps
contain the
vulnerability.
Because heartbeat
messages don’t need
to authenticate to the
server, when this
vulnerability is
exploited it is hard to
identify.
2 3
Once exploited,
attackers can steal up
to 64KB of memory at
a time. This memory
can include anything
– passwords,
sensitive data, etc.

3. 3
What is the Specific Risk for Mobile Users?
Android mobile
devices and
applications can be
vulnerable to
Heartbleed
1
If the Device is
vulnerable it could
expose the
information in an
application or the
browser.
If the Application is
vulnerable, both the
connection and the
data in the application
could be exposed.
2 3
Once exploited,
attackers can
“eavesdrop on
communications,
steal data directly
from services and
users and
impersonate services
and users.”
-Heartbleed.com

4. 4
Requirements to Protect Mobile Devices from
Heartbleed
1.Ability to Detect if a Device is Vulnerable - does
the OS contain the vulnerability
2.Ability to Detect if any of the Applications on
the Device are Vulnerable
3.Ability to Prioritize Remediation Activities – given
the sheer volume of potentially impacted devices/apps, IT requires a
way to effectively allocate resources
4.Ability to Prevent Data Exfiltration – to give IT and
users the time they need to update their OS or applications, without
risking the user or enterprise’s sensitive information

5. 5
Lacoon scans the
OS’s OpenSSL
library on the
Android device
and validates if it
is vulnerable to
Heartbleed.
Lacoon MobileFortress Heartbleed Mitigation
Capabilities
Lacoon’s Cloud-
Based App
Reputation scans
the Android apps
installed on the
device and identifies
if they are vulnerable
for Heartbleed
Lacoon’s Threat
Framework assigns
a high risks score for
vulnerable devices
and medium risk
score for devices
with vulnerable
apps. Reporting on
risky devices is
available on the
dashboard
Depending on the
policy, Network
protection is enabled
and redirects the
network traffic
through the Lacoon
Secure Gateways
that are loaded with
IPS rules to drop
Heartbleed packets
1 2 3 4
1 On-Device vulnerable OS detection

6. 6
Lacoon scans the
OS’s OpenSSL
library on the
Android device
and validates if it
is vulnerable to
Heartbleed.
Lacoon MobileFortress Heartbleed Mitigation
Capabilities
Lacoon’s Cloud-
Based Advanced
App Reputation
Engine scans the
Android apps
installed on the
device and
identifies if they
are vulnerable to
Heartbleed
Lacoon’s Threat
Framework assigns
a high risks score for
vulnerable devices
and medium risk
score for devices
with vulnerable
apps. Reporting on
risky devices is
available on the
dashboard
Depending on the
policy, Network
protection is enabled
and redirects the
network traffic
through the Lacoon
Secure Gateways
that are loaded with
IPS rules to drop
Heartbleed packets
1 2 3 4
1 On-Device Vulnerable OS Detection
2 Cloud-Based Vulnerable Apps Detection

7. 7
Lacoon scans the
OS’s OpenSSL
library on the
Android device
and validates if it
is vulnerable to
Heartbleed.
Lacoon MobileFortress Heartbleed Mitigation
Capabilities
Lacoon’s Cloud-
Based Advanced
App Reputation
Engine scans the
Android apps
installed on the
device and
identifies if they
are vulnerable to
Heartbleed
Lacoon assigns a
risk score to each
device & displays
Dashboard Alerts
• High for
vulnerable
devices
• Medium for
devices w/
vulnerable
apps
Depending on the
policy, Network
protection is enabled
and redirects the
network traffic
through the Lacoon
Secure Gateways
that are loaded with
IPS rules to drop
Heartbleed packets
1 2 3 4
1 On-Device Vulnerable OS Detection
2 Cloud-Based Vulnerable Apps Detection
3 Affected devices and apps
assigned high or medium
risk score

8. 8
Lacoon scans the
OS’s OpenSSL
library on the
Android device
and validates if it
is vulnerable to
Heartbleed.
Lacoon MobileFortress Heartbleed Mitigation
Capabilities
Lacoon’s Cloud-
Based Advanced
App Reputation
Engine scans the
Android apps
installed on the
device and
identifies if they
are vulnerable to
Heartbleed.
Lacoon assigns a
risk score to each
device & displays
Dashboard Alerts
• High for
vulnerable
devices
• Medium for
devices w/
vulnerable
apps
Network
protection is
enabled ,
redirecting traffic
from high risk
devices to the
Lacoon Secure
Gateway, which
can drop
Heartbleed
packets.
1 2 3 4
1 On-Device Vulnerable OS Detection
2 Cloud-Based Vulnerable Apps Detection
3 Affected devices and apps
assigned high or medium
risk score
4 Heartbleed traffic
is dropped, data is
protected.

9. 9
A Quick Look at What Lacoon Customers See When
Heartbleed is Detected
All the
information IT
needs to
remediate

10. A Little About Lacoon 10
Who We Are What We Do
 Develop new mobile security
technologies that can detect and
prevent mobile threats
 Partner with leading mobile
operators and technology
companies to provide
comprehensive mobile security
solutions
 Founded by mobile security experts from
Military Intelligence and Telco Industries
 Supported by a Security Research Team
focused on uncovering undiscovered
threats to mobile apps and platforms
 Well-funded and backed by successful
security industry veterans

11. Want More Information?
Contact sales@lacoon.com
Request a Demo at www.lacoon.com
Follow us: @LacoonSecurity
11