Tool Overview:
Quokka
Overview
Based: United States
Contact: https://www.quokka.io/contact-us
About Quokka
Quokka is a mobile security platform that specializes in protecting enterprise and personal devices from mobile threats. Founded with grants from DARPA and NIST, the company (formerly known as Kryptowire) has provided mobile security solutions to the US Federal Government for over a decade. The platform consists of multiple products including Q-scout for enterprise mobile security, Q-messenger for secure communications, and Q-mast for mobile application security testing.
What does Quokka do?
Quokka provides comprehensive mobile security through app scanning, device monitoring, and threat detection. The platform scans applications from both public and private app stores without requiring source code access, integrates with Mobile Device Management (MDM) systems, and enables custom security policy creation. Its scanning capabilities include static, dynamic, and interactive analysis to identify vulnerabilities, malicious behaviors, and potential privacy risks.
A key aspect of Quokka's functionality is its Personal Device Management (PDM) system, which allows organizations to implement security measures on employee devices while maintaining user privacy. The platform explicitly does not collect or share personal information with enterprise IT, making it suitable for organizations implementing Bring Your Own Device (BYOD) policies. The system can detect and block zero-day threats in both managed and personal apps while supporting compliance with privacy standards such as HIPAA, GDPR, and NIAP.
What makes Quokka different?
Quokka's approach to mobile security emphasizes both comprehensive threat detection and user privacy. The platform employs proprietary app scanning engines powered by research that has uncovered hundreds of new zero-day vulnerabilities. Unlike traditional MDM solutions that may have broad access to device data, Quokka maintains a separation between personal and enterprise data while still providing security controls.
The platform's research foundation sets it apart from other mobile security tools. Led by researchers who regularly present at security conferences such as DEF CON and Black Hat, Quokka has contributed to the development of NIST guidelines for both BYOD and COPE (Corporate-Owned Personally-Enabled) device management. Their academic papers have been cited over 350 times, indicating significant influence in the mobile security field.
Use cases and industries
Quokka addresses several specific mobile security challenges. The platform has identified supply chain threats in pre-installed apps, evaluated security issues in prepaid Android carrier devices, and discovered vulnerabilities in major mobile platforms. For example, their analysis found that certain social media apps request significantly more data access than industry averages.
The tool serves organizations implementing BYOD policies, enterprises requiring mobile app vetting, and development teams integrating security into their CI/CD pipelines. It can be deployed with or without existing MDM infrastructure, making it adaptable to various organizational needs. Network filtering capabilities allow organizations to block access to specific domains or geographical locations, though all enforcement happens on the end-user device to maintain privacy.
Quokka includes features for blocking phishing attempts and malicious network traffic, analyzing app behavior patterns, and managing enterprise app stores. The platform generates Software Bills of Materials (SBOM) and provides vulnerability reporting down to specific library versions, including embedded libraries. These capabilities make it particularly relevant for organizations in regulated industries or those handling sensitive data.
Pricing
Pricing information not available.