For more than a decade, mobile security has focused on protecting devices from malware, phishing attacks, and policy violations. While these capabilities remain essential, they were designed for a different era of risk.

Today, mobile applications have become one of the most significant and least understood sources of enterprise exposure. Organizations may know which apps are installed across their fleets, but they often lack visibility into the software components that power them—from open-source libraries and third-party SDKs to APIs and embedded frameworks. As a result, security teams struggle to answer fundamental questions, such as which applications contain vulnerable software. Which users are exposed? How significant is the risk?

The challenge is becoming increasingly urgent as frontier AI dramatically accelerates vulnerability discovery and transforms the economics of software exploit development. Systems capable of analyzing massive codebases, traversing dependency chains, and identifying exploitable weaknesses at machine speed are compressing the time between vulnerability discovery and exploitation. Organizations need a new level of visibility into the software running inside their mobile environments.

Today, we are introducing Mobile Software Exposure Center, a new capability designed to help organizations identify, understand, and manage software exposure risk across their mobile application ecosystem.

The Growing Exposure Gap

The modern enterprise has become increasingly app-centric. Employees conduct much of their daily work through mobile applications that are assembled from hundreds or even thousands of third-party libraries, SDKs, APIs, and open-source components. Each of these components introduces potential risk.

When vulnerabilities emerge in widely used software components, organizations often struggle to determine:

  • Which applications contain the vulnerable component
  • Which users and devices are exposed
  • Whether the vulnerable code is reachable and exploitable
  • Which business units face the greatest risk
  • What remediation actions should be prioritized

As AI accelerates the discovery and exploitation of vulnerabilities, answering these questions is no longer optional. Visibility into application composition has become a foundational security requirement. 

A New Layer of Mobile Security Visibility

Mobile Software Exposure Center is a natural extension of Lookout's Mobile Endpoint Security (MES) platform, expanding visibility beyond device risk to the software running inside the applications employees use every day.

For years, MES has helped organizations protect mobile devices from phishing, malicious applications, network threats, and device compromise. Mobile Software Exposure Center extends that visibility into the application layer.

While MES answers questions such as:

  • Is this device compromised?
  • Is this application malicious?

Mobile Software Exposure Center answers a different set of questions:

  • What software components are embedded within this application?
  • Does this application contain vulnerable or outdated libraries?
  • Are there exploitable dependencies hidden beneath the surface?
  • Which users, devices, and business units are exposed?
  • What is our overall software exposure risk?

Together, MES and Mobile Software Exposure Center provide a more complete view of mobile risk—combining device threat detection with visibility into software vulnerabilities and supply chain exposure.

Knowing What's Installed Is No Longer Enough

Traditional mobile management tools provide inventory.

Mobile Software Exposure Center provides exposure intelligence.

Knowing an application's name and version reveals only a fraction of its risk profile. Security teams need visibility into the software components, dependencies, and vulnerabilities embedded beneath the surface.

With Mobile Software Exposure Center, a vulnerable SDK embedded across dozens of applications can be identified immediately. Newly disclosed vulnerabilities in widely used open-source libraries can be mapped to affected applications, users, and devices within minutes. Security teams gain the context needed to prioritize remediation based on actual exposure rather than guesswork.

Mobile Software Exposure Center also complements Lookout's AI Visibility & Governance solution. While AI Visibility & Governance helps organizations understand AI adoption and usage across the enterprise, Mobile Software Exposure Center reveals the software composition and exposure profile of those applications. Together, they provide a more complete view of application risk, security, and governance.

The result is a shift from reactive application management to proactive exposure management.

The Future of Mobile Security Has Arrived

As AI continues to compress the timeline between vulnerability discovery and exploitation, organizations need visibility that extends beyond devices and into the software itself.

The next generation of mobile security challenges will be driven less by traditional malware and more by vulnerabilities buried within application supply chains, inherited dependencies, and increasingly complex software ecosystems.

Mobile Software Exposure Center helps bring those risks into the light.

Because you cannot secure what you cannot see.

The Sword Has Been Drawn

With DarkSword’s expansion in the wild, it has crossed a critical threshold, moving from a tool only available to sophisticated and well-funded actors to an increasingly accessible exploit with the potential for broad, large-scale impact.