Guardsquare looks to revolutionize mobile application threat intelligence with ThreatCast

Belgian-headquartered Guardsquare recently opened a North American office in Boston, and sees the new ThreatCast capability as a key factor in expanding their business on this side of the Atlantic.

Today, mobile application security platform provider Guardsquare is launching ThreatCast, a cloud-based mobile application threat intelligence expansion to their platform that the company believes will have revolutionary implications for mobile security. The ThreatCast server detects the earliest stages of an attack, and delivers that to mobile users, to assess threats in real time. That’s old news to IT-managed devices, but not in mobile environments where most users own their own phones.

Guardsquare is headquartered in Leuven Belgium – the Flemish spelling of a town whose French name, Louvain, is likely better known in North America. Guardsquare is also better known in Europe than in North America – at this point –  but they are looking to change that.

Guardsquare’s DNA is in the open source world.

“In 2002, Eric Lafortune, our founder, built ProGuard, an open source optimizer for Java and Android applications,” said Grant Goodes, Chief Scientist at Guardsquare, who happens to be based in Ottawa. “It was so successful that Google adopted it for Android. This has always been available for free. But there was a growing opportunity around protection for mobile software applications, especially Android, because it was seen as less secure. That became DexGuard in 2012. The IoS one, iXGuard, came later [in 2016].”

Goodes described growth as slow but steady over the last decade, which has picked up recently. A year ago, they attracted their first funding round, for $29 million from Battery Ventures, they opened the U.S. office in Boston, and they have added over 200 paying corporate customers over the last year.

“Guardsquare has the largest market penetration in terms of number of customers in our segment,” Goodes said. “The ProGuard free product is a good stepping stone.”

They have a fair number of financial technology customers, as well as gaming companies.

“Mobile games don’t have a big price tag, but they have a huge number of users, and these applications still have sensitive customer data or financially valuable assets,’ Goodes said. “Even ‘free’ games have in-game purchases.”

While, unsurprisingly, their initial sales were mostly in Europe, with the opening of the Boston sales office, and the creation of a sales and marketing team, their North American business has been expanding. Their hybrid Go-to-Market model includes a variety of resellers, distributors, integration partners, and technology alliance partners.

ThreatCast is an expansion to Guardsquare’s platform, which provides threat intelligence, through a single dashboard interface, that the device owner can use to make decisions – something that hasn’t really been possible in the past.

“It’s a threat dashboard – a server based solution that gives insight into what’s going on in the field,” Goodes said. “That was already possible before. There has always been an option of sending a message to the server. But the customer had to manage it themselves, and not all customers had the resources or will to do that.”

Security on mobile devices has unique issues, Goodes stressed.

“Capturing interesting things on the device could always be done in practice, but it hasn’t existed before because security on mobile was running on a box that was fully owned by the user, rather than by IT departments,” he said. “That has made  security harder. But people are now doing more on their mobile device. They want to do banking in a secure manner.”

Until now, while there was protection for mobile applications, it was passive protection, which shut the device down in the face of a perceived threat. For the user, it was basically a crash.

“That was not a good user experience,” Goodes said. “It’s much better to get a notification from the ThreatCast server and have the user determine a response.”

Goodes said that ThreatCast works by turning on a field in a configuration.

“The protected application puts a small piece of agent code in the app, and when a tampering action is detected, this is sent to the customer. You can monitor these events in real time. It gives a real time view of information that you would have had to import yourself to see before.”

ThreatCast is free to any customer with a Guardsquare license for DexGuard or iXGuard. There is a freemium version as well, with some limitations on bandwidth and the number of apps that can be monitored. Goodes emphasized however, that this is such a breakthrough product, that Guardsquare wants it to be free to spread its presence.

“In the past, there was always a delay between a breach and detection,” he said. “Banks needed fraud detection systems to detect breaches and that was a long forensic processes. ThreatCast lets you see the earliest phases of an attack, when people have attached a debugger and are analyzing code. That’s not actually a breach, but its early in the process of a breach, so that’s a great value.

“The ThreatCast server shows these dangers and can be used in a company to help those who care about security to evangelize. We want this to penetrate the market. Everyone should be using it. That’s why it’s free.”