Security Products¶
Detection and prevention products for mobile endpoints, plus companies that find vulnerabilities in Android apps.
Mobile Endpoint Security¶
Products running on devices or managing device fleets.
| Company | Product Type | Notes |
|---|---|---|
| CrowdStrike | EDR with mobile | Falcon for Mobile. Extends endpoint detection to Android/iOS. |
| Lookout | Mobile endpoint security | Enterprise MDM + threat detection. Acquired by F5. |
| Microsoft Defender | Cross-platform | Defender for Endpoint includes Android device management. |
| Pradeo | Mobile fleet security | App analysis and device protection. |
| Samsung Knox | Platform security | Hardware-backed isolation. Enterprise security platform. |
| Zimperium | Mobile threat defense (MTD) | On-device ML detection. zIPS for enterprise. z9 engine. |
App Security Testing (SAST/DAST)¶
| Company | Focus | Notes |
|---|---|---|
| Guardsquare | Protection (DexGuard) + testing (AppSweep) | Both sides: packer vendor and security testing. Contributes to ProGuard/R8. Acquired Verimatrix XTD in Feb 2026 for $8.5M -- now controls DexGuard, ProGuard, and Verimatrix XTD. |
| NowSecure | Mobile app security testing | Automated SAST/DAST. OWASP MASVS testing. Blog covers practical mobile security. |
| Oversecured | Automated Android/iOS vuln scanning | Founded by Sergey Toshin. 225+ Google app vulnerabilities. Top blog in the space. |
| Promon | App shielding (RASP) | Runtime protection. Discovered StrandHogg (task affinity attack). |
| Quixxi | App security | Mobile app security platform, vulnerability scanning. |
Offensive Security & Research¶
Organizations doing Android security research from an offensive perspective.
| Company | Focus | Notes |
|---|---|---|
| 8kSec | Mobile security training + research | Battlegrounds CTF platform. Blog covers app and kernel Android security. |
| Google Android Red Team | Internal offensive security | androidoffsec.withgoogle.com. Kernel exploitation, fuzzing. |
| Google Project Zero | 0-day research | Top-tier exploit chain research. Android kernel, Binder, codecs. |
| Trellix (formerly FireEye Mobile) | Advanced threat research | Mobile APT tracking, nation-state campaigns. |
| WithSecure (F-Secure) | Pentesting tools | Maintains Drozer (Android assessment tool). |