Lookout provides protection against phishing links that come through any app with the link in. Zimperium relies on the end user to long click a link and share it with the zIPS app in order to receive any protection from malicious links.
Via SMS, messaging and apps
Lookout provides protection against phishing links by alerting on the conneciton request and blocking it before the connection is made, no mattter what app the end user interacts with the link in. Zimperium provides no protection on phishing links in apps such as Slack, Facebook Messenger, WhatsApp.
Lookout identifies a malicious application at the point of download, which prevents any backdoor or unseen processes from automatically occuring. Zimperium does not warn the user until the application actually starts to install iteself, which could be too late.
Malformed content triggers OS or app vulnerabilities
Lookout inspects all URLs that the device attempts to access, protecting you against attachments that attempt to communicate to an external malicious website. Zimperium can only provide similar protection if the user long pressing and sharing the link with zIPS.
Opening attachments and visiting links to potentially unsafe content
Lookout will block the connection to a malicious URL or destination as soon as any attempt is made. Zimperium is able to provide limited protection here because the end user would need to first choose to share it with zIPS before opening it.
App-based Threat Classifications
With a data corpus of over 100 million apps, Lookout has granular visibility into malicous apps and maintains focused on app families that are a real risk to user’s privacy and security. This level of granularity enables Lookout to provide deeper protection across threat varients within threat families.
With Lookout, admins can create custom app policies as well as submit the app IPA, APK, or link to Lookout to validate app security. This allows organizations to assess the security of their custom-built mobile apps and create custom policies to ensure that every app in their fleet is secure.
Offline malware detection for Android
Lookout has robust offline protection against app, device, and configuration threats while the mobile device does not have a connection to the Lookout Security Cloud. Events are queued in a log and then the details of offline detection are sent to the console once a connection is restored.
Apps with vulnerable SDKs
Lookout scans apps to identify vulnerabilities that fall within all classes of the OWASP top 10 including coding errors, design flaws, as well as business logic issues. This is performed for both known and zero-day vulnerabilities.
Zero-day device compromise
Lookout has robust protection against device-based threats including detection of zero-day device compromise. Zimperium is also capable of detecting zero-day device compromises, but their coverage is limited due to their smaller dataset of device telemetry.
Lookout captures device forensic data, which can be used for analysis. Zimperium also provides insight into these parts of the threat landscape.
Device Privilege escalation
Lookout has excellent protection against device-based threats including device priviledge escalation. Zimperium can also detect the esacalation on the device.
Network Man-in-the-middle attack
Lookout provides network security on the important things, such as man-in-the-middle attacks. Zimperium's philosophy is to alert on everything related to network threats, such as captive portals, which can cause alert fatigue. While their man-in-the-middle capabilities are strong, it produces noise for security admins.
Lookout only requires email addresss and approximate location and limits other app permissions. Lookout also does not display any personal usage info that is tied to a individual user such as sites visited and apps used. Zimperium impacts user privacy and breaches trust by requiring precise GPS location, possibly making the employee uncomfortable using the app.
Read your text messages (SMS or MMS)
Neither Lookout nor Zimperium read messages to or from the device.
Lookout has over 150 mobile security patents, which is more than all in-class competitors combined, and drastically greater than Zimperium's 3. This shows the maturity of Lookout and the commitement to innovating in ways that no one else has in order to stay ahead of the market and provide the best Mobile Threat Defense
Mobile technology patents
Lookout is the innovation leader with 160 patents on mobile security. Zimperium has just three patents. Two granted in 2015, and one granted in 2016.
Mobile malware families discovered
Lookout is constantly crawling the entire mobile threat landscape for new threats across app, device, network, and phishing. Zimperium is hyperfocused on finding less-severe app vulns that are usually patched by the developer, and unimportant network-based threats.
Enterprise Deployments of Mobile Threat Defense
The Lookout enterprise customer base is growing year-over-year, and many of them are willing to speak about their experience with Lookout in case studies, at conferences, and on their own on social channels. Zimperium has no customer case studies on their website.
With a data corpus of over 100 million mobile apps, Lookout has the largest database of mobile apps in the world and Lookout continues to scan 90,000 mobile app daily and provides the best intelligence on app-based threats. Zimperium's customers will not receive the same level of insight by relying on such a small database of analyzed apps.
FedRAMP Joint Advisory Board Provisional Authorization to Operate (JAB P-ATO)
Lookout is the only mobile endpoint security solution to receive the "gold-standard" FedRAMP JAB P-ATO, which requires approval from the the U.S. Department of Defense (DoD), U.S. Department of Homeland Security (DHS) and General Services Administration (GSA). In late 2019, Zimperium obtained an "agency" FedRAMP 'In Process' ATO sponsored by only one agency.