Better in the News


Wall Street & Technology

Better competes with existing solutions, including the globally recognized mobile security solution Good. Good, like most of the other first-generation mobile security solutions, focuses on securing the device.

Read full article »


Business Insider

Better gives IT administrators the ability to instantly protect any mobile app from hackers, see if a hack is happening in real time and make sure no sensitive data is lost.

Read full article »

Analyzer-Risk

BETTER AppShield

Turns any mobile app into a secured and managed app rapidly in few seconds.

Use BETTER to attach any combination of enterprise selected security controls and policies to any mobile app, on any OS without coding

Unique run-time rule-based engine with configurable policies and actions that “teaches” the app how to act and how to protect itself before starting, during the operation and stopping.

Watch Video >>

 

BETTER Analyzer

Find the DNA of data exfiltration

BETTER Analyzer allows real-time mobile app code scanning for behavior and vulnerabilities for the purpose of assessing risk before deployment.

Risk is not uniform

Each business has its own risk profile it creates for regulatory compliance with FISMA, HIPPA, PCI DSS, etc.. or follow internal data governance procedures.

Better Analyzer enables the business to define its risk profile and identify security control and policies that are needed to reduce risk.

Analyzer-Risk

 

ON-DEMAND WORKSPACE

BETTER is the first and only product to secure and certify the entire 2 million mobile apps available today, in the Apple App Store and Google Play.

Employees can select any commercial app and simply push it for automatic DNA discovery, certification and shielding with your corporate standard security management and control tools.

Workspace

 

BETTER Manager

Manage the application lifecycle from planning to maintenance from one central console

The BETTER app View dashboard lets you see all security and management assigned for each BETTER App. Monitor with one click how each app is currently protected and managed.

Analyzer-Risk
Analyzer-Risk

BETTER Open Integration

The BETTER App Shield is open – working with third-party security and management solutions – to extend enterprise security and management to mobile applications.

The BETTER Apps can be distributed and managed by any MAM or MDM solution like Airwatch, MobileIron and GOOD.

Best APIs for integration to 3rd party managers

Videos

Blog

Mobile Devices and HeartBleed Bug

Recently, a vulnerability inside the popular OpenSSL library is found. HeartBleed. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS allows clients and servers to communicate over a secure channel. For more information about the bug please visit http://heartbleed.com/.

How is this related to mobile devices?

Most mobile operating systems use OpenSSL to carry out cryptographic operations. At this time of writing, the most popular mobile device operating system, Android, uses the following version of OpenSSL.

Android Version

OpenSSL Version

Openssl version vulnerable?

HeartBeats enabled

4.4.2

1.0.1e

yes

no

4.4

1.0.1e

yes

no

4.3

1.0.1e

yes

no

4.2.2

1.0.1c

yes

no

4.2

1.0.1c

yes

no

4.1.2

1.0.1c

yes

no

4.1.1

1.0.1c

yes

yes

 

NB – The above table only reflects AOSP status. Note that device manufacturers might individually modify the code resulting a different table.

 

For a device to be clear of such vulnerability the OpenSSL version should not match the vulnerable version found on http://heartbleed.com/ and compile configuration should disable HeartBeats (-DOPENSSL_NO_HEARTBEATS).

But checking the os version is not sufficient. Some HeartBleed detector apps on Google play only check such parameter only. Lookout with close to a million installs only checks for the OS version and unfortunately giving false sense of safety to millions.

Some apps use their own version of OpenSSL making the app’s communications at risk. Hence every app should be checked. Better’s HeartBleed Detector (https://play.google.com/store/apps/details?id=com.better.heartbleedchecker) app achieves this by doing the following

 

  1. Check if an app uses it own version of OpenSSL. This process determines the version of that OpenSSL (if used!) and cross checks it with vulnerable OpenSSL versions.

  2. Secondly, Check the configurations and determine whether HeartBeats is disabled or not before declaring the app vulnerable.

Note that, Better’s HeartBleed detector app will should display potentially vulnerable apps. For detailed informations, please contact the application developers responsible for maintaining the apps.

 

Google Play Store Link: https://play.google.com/store/apps/details?id=com.better.heartbleedchecker

 

For a complete vulnerability analysis and other enterprise app security solutions please visit http://better.mobi

 

 

Announcing iOS 7 Support with BETTER

We are exited to announce that BETTER supports Apple’s iOS 7. iOS 7 is leap forward for new Enterprise application management and security features.

The major features are configuring new capabilities such as Kerberos based Enterprise Single Sign On (SSO),Open In Management, Per App VPN and new features in Managed App Configuration.

But BETTER adds its additional features that do not come with iOS 7. One major feature is Federated Enterprise Single Sign On (SSO) for iOS 7.

Kerberos based Enterprise Single Sign On (SSO) requires the device/app to be inside the firewall to access Key Distribution Center (KDC). This is obviously not practical for most use cases.

BETTER’s Federated Enterprise Single Sign On (SSO) supports SAML and works where it matters outside the firewall and in the cloud.

Contact

  • , 110 Fifth Avenue, Fifth Floor New York, New York 10011
  • O 877-710-5636
  • @ support@better.mobi