Why do we need data science for mobile security?

It’s easy to talk about big data. It’s not quite so simple, however, to manage billions of pieces of information coming at you each day. How do you make sense of all that input? How do you turn it around into something actionable? More importantly, what individual or security team can sift through that much information in a timely fashion?

MI:RIAM in numbers (last 12 months)

Unique domains visited
Requests handled
Data leaks
Apps scanned

What does she do?

Powered by billions of daily inputs from millions of mobile endpoints, MI:RIAM continuously analyzes these vast quantities of real-time data to detect and prevent new threats.

Zero-day detection

MI:RIAM combs through Wandera’s real-time mobile data set to identify suspicious activity and emerging threats. She powers Wandera’s mobile threat defense to identify new malware and highlight previously unknown vulnerabilities and zero-day threats.

Risky app discovery

MI:RIAM is continuously analyzing apps that are newly installed on your endpoints and the network traffic they generate, identifying risky apps before they can put your organization at risk.

Anomaly detection

Trained on the standard operating procedure of devices, apps, Wi-Fi access points and user groups, MI:RIAM builds a baseline understanding of behavior, then seeks out suspicious anomalies.

Instant reaction

MI:RIAM makes informed, intelligent assessment of the security events she encounters enabling our mobile threat defense to block threats and prevent attacks in real-time.

Case Study: SLocker trojan malware

MI:RIAM protected our customers’ endpoints from over 400 variants of this vicious trojan malware, while other organizations were forced to pay millions of dollars in ransom to retrieve their data.

How she works

MI:RIAM not only has access to more data inputs than any other threat intelligence engine, but is able to analyze it from multiple sources generating a level of security that is just not possible with traditional list based security which is out of date as soon as it is published.

She works by continually analyzing the world’s biggest and most varied mobile dataset, and is powered by a sophisticated and continuously trained group of machine-learning technologies.


Billion of inputs

Network Infrastructure
App Store

Threat intelligence

Neural networks

A very broad class of ML algorithms loosely based on imitating a biological brain. Responsible for several recent breakthroughs especially in image processing and language translation.


Attempting to divide a set of samples into different groups such that samples in the same group are more similar to each other than samples in the other groups.

Support vector machine

A binary classification algorithm that works by finding the dividing line between two types of samples.

Anomaly detection

A broad class of problems in machine learning and statistics about finding samples that are different from the norm. This can include unusual periods in time, users, apps etc.

Predictive analytics

The field of making predictions about the future based on current data by whatever method – be that machine learning algorithms or statistics.

Markov models

A predictive model in which a system can be in one of a certain number of states and the probability of future states depends only on the current state.



Zero-day detection
Anomaly identification
Risky app discovery
Instant reaction
Infrastructure risk assessments

Machine vs. human

Universal focus

MI:RIAM can do all things simultaneously, never needing to prioritize one task over another. She can therefore discover unknown patterns in multiple dimensions.

Tireless ethic

All MI:RIAM needs to function is data and electricity. She’s never tired and never stops working, but she does need continuous retraining!

Breakneck speeds

She’s not only far quicker at analyzing data than humans but she’s been engineered to be faster than other automated solutions.

Continuous Improvement

The machine learning technologies that MI:RIAM is built with means she gets better with time, adapting to new inputs and results as she processes them. She never stops learning.

Eternal Accuracy

MI:RIAM is never wrong. She’s continuously checking and double-checking her work to ensure absolute accuracy and acceptable levels of confidence.

Constant connection

MI:RIAM is always connected, her data set is always up to date, actionable, distributed and taken from real-time traffic from our security customers.

Case Study: Pharmaceutical nightmares

MI:RIAM detected a rogue internal device attacking its own company from the inside which was completely undetected by the UEM.

Get MI:RIAM working to protect your mobile endpoints against threats