MTP Scenarios

Appthority MTP supports robust scenarios for mobile threat detection and protection.

• Mobile Threat Protection Scenario
• App Threat Protection Scenario
• Mobile App Security Analysis (MASA) Scenario
• MTP Mobile App-Only Scenario (no EMM)

For each scenario, there are links to the steps for setting up and configuring the required components.

Tip: Some or all aspects of a scenario may be available via the Appthority APIs.

Mobile Threat Protection Scenario

In the Mobile Threat Protection scenario, the full strength of Appthority MTP combines with an EMM and the MTP Mobile App to protect mobile devices from all three threat vectors: app, network, and device. Components include:

• MTP Cloud and MTP Manager
• EMM Connector
• MTP Mobile App
• EMM
• EMM Mobile App

MTP Data Flow Activities

In the Mobile Threat Protection scenario, Appthority MTP:

• Gathers the app inventory from the EMM, analyzes, reports results, and triggers policy violations.
• Gathers device inventory from the EMM, analyzes, reports results, and triggers policy violations.
• Gathers app inventory from the MTP Mobile App (Android and pre-V11 iOS only), analyzes, reports results, triggers policy violations.
• Gathers threat-related device data from the MTP Mobile App, analyzes, reports results, triggers policy violations.
• The EMM Mobile App reports app and device inventories directly to EMM.

MTP Remediation and Compliance Enforcement

As Appthority MTP detects policy violations, it triggers remediation activities.

When policy violations occur, Appthority MTP:

• Sends push notification to MTP Mobile App, either concurrently with EMM escalation or after configurable time/repeats.
• Escalates to the EMM for enforcement.

To set up and configure this scenario see:

• Integrate and Sync with an EMM
• Configure Threat Detection and Remediation

App Threat Protection Scenario

In the App Threat Protection scenario, Appthority MTP combines with an EMM to protect mobile devices from otherwise unknown public app threats, without the MTP Mobile App. Components include:

• MTP Cloud and MTP Manager
• EMM Connector
• EMM
• EMM Mobile App

App Threat Protection Data Flow Activities

In the app threat protection scenario, Appthority MTP:

• Gathers the public app inventory from the EMM, analyzes, reports results, and triggers policy violations.
• Gathers device inventory from the EMM. Device Policies are not supported in this scenario.

App Threat Protection Notification and Escalation

• When policy violations occur:
  • Optionally sends push notification to the AirWatch mobile app (AirWatch only)
  • Optionally sends email digest to end user. (AirWatch only)
  • Escalates to the EMM for enforcement.
• The EMM Mobile App reports app and device inventories directly to EMM.

To set up and configure this scenario see:

• Integrate and Sync with an EMM
• Configure Threat Detection and Remediation

Mobile App Security Analysis (MASA) Scenario

In the Mobile App Security Analysis (MASA) scenario, you use Appthority MTP as an automated app analysis tool. Appthority MTP is particularly well suited for proactive security analysis of public and private apps before publication to the EMM App Store, Android Enterprise, custom enterprise app stores and consumer facing public store. Appthority analysis provides best of breed security intelligence across all major app threat categories: malicious, data leakage, vulnerabilities and suspicious behavior.

Connectivity with an EMM is not required, however it could be useful for streamlining analysis and the process of white/blacklisting apps.

In the Mobile App Security Analysis scenario:

• Appthority MTP gathers app inventory when an Org or Policy Admin manually uploads app information or an app binary file (.ipa or .apk) using MTP Manager.
• Appthority MTP analyzes the apps and records policy violations.
• MTP Manager shows results in the Apps tab, including detailed App Reports. You can export the list of apps as a CSV file, and the individual app reports as JSON or PDF.
• The Org or Policy Admin reviews app reports.
• No remediation occurs.

To set up and configure this scenario see:

• Add Apps in MTP Manager
• White and Blacklisting Apps
• Create Custom App Policies
• Use MTT-Managed Policies

MTP Mobile App-Only Detection Scenario

You can deploy Appthority MTP with the MTP Mobile App and no EMM.

In the MTP Mobile App Detection scenario, Appthority MTP:

• Gathers app inventory from the MTP Mobile App, analyzes, report results, and triggers policy violations.
• Gathers device inventory from all devices in the Org that have installed the MTP Mobile App.
• MTP Mobile App detects device and network threats.
• When a policy violation occurs, and based on the Remediation Policy, the MTP Mobile App notifies the end user with a push notification with detailed remediation steps.
• The MTP Mobile App does not modify the device.

To set up and configure this scenario see:

• Deploy the MTP Mobile App Directly to a Device
• Configure Threat Detection and Remediation

Copyright ©Appthority, Inc. 2017-2018 All Rights Reserved. Contact Support