Abstract: Historical data is collected from prior risk analysis for applications to be installed or already installed on computing devices. A risk profile is determined for new applications to be installed or already installed on the same and/or different computing devices. The risk profile is determined by comparing or correlating the historical data to data regarding the new applications (e.g., metadata such as package identifier, signer data, name, version). Various remediation actions are determined based on the risk profile.

Abstract: A cloud server collects and stores context data from mobile devices. Data collected for a mobile device is compared to the historical data. A security policy is selected for the mobile device based on the comparison. The selected policy is deployed to the mobile device. A status of the deployment is tracked by the cloud server.

Abstract: A cloud server collects and stores context data from mobile devices. Data collected for a mobile device is compared to the historical data. A security policy is selected for the mobile device based on the comparison. The selected policy is deployed to the mobile device. A status of the deployment is tracked by the cloud server.

Abstract: Techniques for deployment of policies to computing devices are described herein. The techniques can include a server deploying a passive policy to the computing devices. After deploying the passive policy, data is collected from each of the computing devices regarding operation of the computing device. The server monitors, based on comparing the passive policy to the collected data, compliance of each computing device with the passive policy. The server determines, based on the monitoring, a set of the computing devices that exhibit a policy violation associated with the passive policy. The server deploys an active policy to the set of computing devices. The active policy corresponds to the passive policy, and deploying the active policy causes one or more actions that correspond to the policy violation to be performed on each of the set of computing devices.

Abstract: In one approach, a request for software evaluation is received by an evaluation server from a user device. The request relates to software to be installed on the user device. In response to receiving the request, the evaluation server sends data associated with the software to an authenticity server. The evaluation server receives, from the authenticity server, a result from the evaluation of the software. The evaluation server determines based on the result whether a security threat is associated with the software. In response to determining that there is a security threat, the evaluation server sends a communication to the user device that causes the software to be quarantined.

Abstract: A method includes: after installation of software on a first mobile device, receiving new data from a second mobile device; analyzing, using a data repository, the new data to provide a security assessment; determining, based on the security assessment, a new security threat associated with the software; and in response to determining the new security threat, causing the first mobile device to implement a quarantine of the software.

Abstract: Techniques for deployment of policies to computing devices are described herein. The techniques can include a server deploying a passive policy to the computing devices. After deploying the passive policy, data is collected from each of the computing devices regarding operation of the computing device. The server monitors, based on comparing the passive policy to the collected data, compliance of each computing device with the passive policy. The server determines, based on the monitoring, a set of the computing devices that exhibit a policy violation associated with the passive policy. The server deploys an active policy to the set of computing devices. The active policy corresponds to the passive policy, and deploying the active policy causes one or more actions that correspond to the policy violation to be performed on each of the set of computing devices.

Abstract: Techniques for enterprise policy rehearsals, rollouts, and rollbacks are described herein. The techniques can include a server receiving data associated with computing devices. The server compares the received data to data stored in a data repository. The data in the data repository corresponds to risks identified based on information collected from different computing devices prior to receiving the data associated with the computing devices. A risk profile is generated by the server based on comparing the received data to the repository data for each of the computing devices. The server causes, based on the risk profile for each of the computing devices, one or more responsive actions (e.g., using the risk profiles to prioritize deployment of software to the computing devices).

Abstract: Techniques for enterprise policy rehearsals, rollouts, and rollbacks are described herein. The techniques can include a server receiving data associated with computing devices. The server compares the received data to data stored in a data repository. The data in the data repository corresponds to risks identified based on information collected from different computing devices prior to receiving the data associated with the computing devices. A risk profile is generated by the server based on comparing the received data to the repository data for each of the computing devices. The server causes, based on the risk profile for each of the computing devices, one or more responsive actions (e.g., using the risk profiles to prioritize deployment of software to the computing devices).

Abstract: A method includes: after installation of software on a first mobile device, receiving new data from a second mobile device; analyzing, using a data repository, the new data to provide a security assessment; determining, based on the security assessment, a new security threat associated with the software; and in response to determining the new security threat, causing the first mobile device to implement a quarantine of the software.