On May 10th 2017, we officially announced the launch of our mobile intelligence engine MI:RIAM. While her personality and design came to be only recently, she’s been working in the background for our customers for many months.

What most don’t know is that the journey to her creation began years ago, back in the mid 2000s, at a company called ScanSafe.

The ScanSafe story

Before founding Wandera, Roy and Eldar Tuvey gave up successful careers in investment banking to start a company called ScanSafe.
The business, which scanned employees’ web browsing for viruses and hacking attempts, became a runaway success, earning an approximate 30% share of the web gateway market.
In 2009, after raising around $43.5 million in funding, the company sold to Cisco for an impressive $183 million.

The opportunity

But the brothers weren’t done yet. They recognized a unique opportunity in the enterprise security market before anyone else did. That opportunity was mobile.
Employees were starting to using their laptops less, and their mobile phones more, to carry out everyday tasks. The four walls of the office were no longer constricting where or when people worked and this meant one thing for certain: increased enterprise risk.
With corporate computers becoming increasingly difficult to penetrate, cybercriminals began to see mobile phones as an alternative ‘way in’. With the lack of protection and visibility into corporate mobile devices across most organizations, a gap in the market was beginning to form.
The Tuveys realized that both data usage and mobile security were going to start becoming major concerns for enterprise IT teams. And thus, Wandera’s pioneering web gateway for mobile was born.


Once the unique architecture of the mobile solution was built, the company was well on its way to success. Customers starting flocking in from all over the world to get real-time visibility into their mobile estates.
What the team started to realize, however, was that the amount of data being generated – and processed – was growing rapidly with every customer that licensed the solution.
This wasn’t a problem for the technology, but it did present yet another opportunity to do something innovative. So the Tuveys once again took the lead. This time, it was to create the world’s first mobile intelligence engine focused exclusively on mobile security and data management.

Wandera has always been an innovator and not a follower, that’s just part of our DNA.Eldar Tuvey, CEO Wandera

The Data Science team

In 2015, the data science team was created to develop our mobile intelligence engine MI:RIAM. Wandera needed individuals who were passionate about data and smart enough to build the sophisticated models and tools required to perform advanced Data Science techniques.
The company found exactly what it was looking for in Dr. David Pryce. David is now the Director of Wandera’s data science team.
After finishing his mathematics Masters from the University of Sheffield, David went straight into his Applied Mathematics PhD at Imperial College. From there, he jumped straight into the data science industry.
He started his career at a ‘big four’ firm (KPMG). where he was able to tackle various customer issues from a data and prospective predictive analytics viewpoint. He also gained valuable technical expertise in python, SQL, Hadoop, Scala, Apache Spark and various machine learning and big data technologies.
With these data science weapons in hand, he decided to seek more experience in a truly data-driven and technically challenging environment. His job search brought him to Wandera.
With David and the rest of the data science team on board and keen to tackle the task at hand, MI:RIAM started to become a reality.

Say hello to MI:RIAM

MI:RIAM, for those of you who aren’t aware, is technically an acronym. She’s called “mobile intelligence: a real-time insights and analytics machine”. Her name was inspired by the biblical Miriam who was a prophet and Moses’ elder sister. Being a prophet means she was able to tell the future in the same way our engine is trained by historical threats to find future zero-day threats.
MI:RIAM is able to take large data sets and analyze them, using a variety of methods such as neural networks, support vector machine learning, clustering, and outlier detection. She employs unsupervised and hybrid techniques to detect traffic anomalies, allowing admins to respond to them in real-time.
She has the unique ability to detect devices engaging in odd or anomalous behaviors using a combination of network, on-device, and EMM dimensions, and use these to trigger a fine-grained dynamic security policy.
Since her official launch, we’ve seen multiple instances of MI:RIAM’s advanced detection capabilities. The first was SLocker, a ransomware variant that is still making headlines today for its ability to regenerate and obfuscate itself in to avoid detection by security scanners.
MI:RIAM also managed to discover a device being used by a rogue employee to upload sensitive files online, meaning security teams were able to identify a threat that had gone completely undetected by the customer’s MDM and anti virus solutions.
An employee at an American pharmaceutical company was using an unapproved file-sharing service to transfer large amounts of corporate data to an unknown location.

The 12GB data upload was caught and prevented in real-time, with admins alerted instantaneously. MI:RIAM was able to uncover this anomalous activity thanks to her baseline understanding of device behavior.
She is constantly monitoring all devices within Wandera’s global network. Devices are compared to how they behave historically, how they compare to their colleagues and how they act compared to devices at other organizations.
MI:RIAM doesn’t just search for existing findings, but actively makes predictions based on historical data. She has been designed to mimic the decision-making process of security experts.

The mobile intelligence journey continues

Thanks to our data science team, everyday MI:RIAM is growing, changing and developing.
She’s getting smarter and more reactive, continuously identifying new threats before they impact our customers’ mobile devices.
We can’t wait to see what MI:RIAM uncovers in the months to come.
[text-blocks id=”3610″]