Fairfax County integrates Lookout telemetry into SIEM
The county has moved beyond using Lookout solely for device protection. Fairfax County now feeds telemetry and event data from Lookout into its security information and event management system, where analysts correlate mobile threats with activity from traditional endpoints and network infrastructure.
“ They’ ve gone beyond just protecting the devices. They’ re using the telemetry and events from mobile to ingest into their SIEM, correlating it with event data from traditional endpoints and network devices,” Tim says.“ This gives them a better understanding of the overall cyber threat and strenghtens their security posture.”
This integration provides the county’ s security operations centre with a view across mobile, endpoint and network layers. When a phishing attempt reaches an employee’ s mobile device, analysts can trace the attack through multiple systems and identify whether other vectors have been compromised. Charles says the capability matters for protecting both county staff and citizens.“ The ability to proactively analyse suspicious links, messages and app behaviors is essential in helping protect our employees – and more importantly, the citizens we serve – from malicious actors,” he says.
Lookout adapts platform as threat actors change tactics
Lookout has operated in mobile security for more than 15 years, accumulating data that informs its threat detection models. The company uses this experience to identify emerging attack patterns as threat actors modify their techniques and as new vulnerabilities appear in iOS and Android operating systems.
Tim says the threat landscape shifts continuously.“ The cyber threat landscape constantly evolves. Threat actors and their motivations change, they change their TTPs, new vulnerabilities are exposed, and devices themselves change and evolve,” he says.“ The threat protection solutions must evolve also, and Lookout does.“ We will continue to work with Fairfax County to leverage the new capabilities in our roadmap to help them secure their mobile devices and users.”
Learn more