AzureFeeds

We are excited to announce the availability of a new solution from Samsung Knox Asset Intelligence that will deliver enhanced visibility into mobile threats. Microsoft and Samsung are working together to enhance mobile security. This collaboration combines Samsung’s expertise in mobile devices with Microsoft Sentinel’s advanced capabilities in threat hunting, investigation, and response offering enterprises new visibility and protection against mobile security threats on Samsung devices and builds on the longstanding collaboration between Microsoft Security and Samsung.

Solution Overview

Samsung Knox Asset Intelligence is a mobile device analytics solution that now provides security monitoring and enhanced protection for enterprise Samsung Galaxy devices. Knox Asset Intelligence uniquely provides high-value security events from the Samsung mobile platform – across the device, OS, and security layer – through Knox Assent Intelligent to Microsoft Sentinel, enhancing detection and response capabilities.

The Samsung Knox Asset Intelligence solution for Microsoft Sentinel, available in the Microsoft Sentinel content hub, enables effective detection and response to mobile security threats on enterprise Samsung Galaxy device fleets. By incorporating Knox security events into Security Operations Center (SOC) workflows, organizations can enhance their alert triage and incident investigation processes. This integration delivers key insights into mobile security threats and risk posture in near real-time, complementing existing security solutions like Microsoft Defender for Endpoint and Microsoft Intune, and ensuring that security teams can respond swiftly and effectively.

“Samsung is thrilled to partner with Microsoft to bring improved mobile security to our customers,” said Jerry Park, EVP of Samsung Global Mobile B2B. “This collaboration presents a comprehensive solution to detect and respond to the growing number of mobile device cyber threats. Our collaboration brings enhanced protection to ensure that our customers’ mobile environments remain secure and resilient.”

Key Features and Benefits

• Centralized Visibility: Gain centralized visibility into Samsung Galaxy mobile security threats with the industry-first mobile OEM to SOC connector. This integration allows for seamless onboarding of mobile endpoints, providing high-value security events that reduce noise and improve detection and response capabilities.


• Enhanced Detection and Response: Knox can detect mobile security threats early in the attack chain, reducing breaches by eliminating blind spots. The integration with Microsoft Sentinel ensures that high-severity events are prioritized, accelerating threat detection and response.


• Cost Efficiency: By prioritizing events with high signal-to-noise ratio and reporting indicators of attack and compromise, data ingestion can be optimized, and detection and response can be made more effective and efficient for enterprises.


• The seamless integration of mobile endpoints with existing SOC workflows helps close the gap with other endpoints, reducing the risk of breaches.

Use Cases

The integration addresses several critical use cases, including:

• Phishing: SOC analysts can monitor suspicious URLs encountered on devices, providing early detection of potential phishing attacks.


• Malware: Alerts for process privilege escalation and potentially malicious use of accessibility APIs help detect and respond to malware threats.


• Insider Threats and Policy Violations: SOC analysts can triage alerts associated with policy violations and unsanctioned use of device admin roles, ensuring swift response to insider threats.

Future Direction

Looking ahead, Samsung and Microsoft are exploring additional collaboration opportunities to further enhance mobile threat prevention, disruption, detection, and response. This solution is just the beginning of a strategic collaboration aimed at providing security-conscious customers with the best-in-class mobile security solutions.

To learn more about this exciting integration and how it can benefit your organization, please see Samsung’s recent blog post. The Samsung Knox Asset Intelligence for Sentinel solution is now ready and available for customers to download and try. Join the Public Preview and take the next step towards a more secure future.