1 00:00:00,630 --> 00:00:03,400 So that's one of the things that we are doing up and testing. 2 00:00:03,600 --> 00:00:08,670 You actually have to keep in mind that some of these devices that you may actually be able to enumerate 3 00:00:08,670 --> 00:00:13,770 whenever you do reconnaissance on the network or either you are scanning and that perhaps are actually 4 00:00:13,770 --> 00:00:17,810 vulnerable to something, they may actually be managed by an MDM. 5 00:00:18,030 --> 00:00:24,540 So try to actually find ways that you can bypass or even block the communication between the MBM and 6 00:00:24,540 --> 00:00:25,360 the mobile device. 7 00:00:25,380 --> 00:00:25,750 Right. 8 00:00:25,770 --> 00:00:28,650 So, of course, that's easier said than done. 9 00:00:28,980 --> 00:00:34,830 But there may be ways that you can analyze the communication of that device is actually allowed to do 10 00:00:34,830 --> 00:00:35,760 or not to do. 11 00:00:35,800 --> 00:00:36,130 Right. 12 00:00:36,630 --> 00:00:42,960 So you can actually do this by actually monitoring the device activity or perhaps you say, OK, you 13 00:00:42,960 --> 00:00:48,240 know, this device perhaps is actually communicating that I am seeing these type of transactions to 14 00:00:48,240 --> 00:00:52,960 some AIPA in the Internet and this medium is actually allowing that to happen. 15 00:00:53,160 --> 00:00:59,150 So now you actually have a footprint and if an attack surface that you can actually further explore. 16 00:00:59,250 --> 00:01:05,400 So, for example, if that perhaps is actually doing with crypto, you probably can take advantage of 17 00:01:05,400 --> 00:01:12,240 a vulnerability to hijack that transaction, for example, or an EPA abuse vulnerability that may actually 18 00:01:12,240 --> 00:01:13,800 be irrelevant in that case. 19 00:01:13,980 --> 00:01:19,980 But always keep in mind that a lot of organizations now are actually using MDM to actually manage those 20 00:01:19,980 --> 00:01:22,730 devices, monitor them and also patch them. 21 00:01:22,740 --> 00:01:23,040 Right. 22 00:01:23,280 --> 00:01:28,890 So it's getting a little harder to actually do some of the bypasses nowadays, but definitely it is 23 00:01:28,890 --> 00:01:34,920 possible now, actually, not only looked at the infrastructure here, but what the devices are actually 24 00:01:34,920 --> 00:01:37,410 communicating outside of the company as well.