Corrata has announced a major expansion of its mobile endpoint security platform in response to the rapidly evolving AI-driven cybersecurity landscape. Revealed during Infosec Europe at ExCeL London, the announcement introduces new AI governance capabilities, enhanced mobile data loss prevention (DLP), and plans for a bespoke on-device large language model (LLM) designed for next-generation mobile threat detection.
The company said the updates are intended to address the growing risks posed by AI-powered phishing, accelerated exploit development, and unauthorized use of consumer AI tools within enterprise environments.
Quick Intel
Corrata stated that mobile devices have become central to modern AI-driven cyber risks, as organizations increasingly rely on smartphones and mobile applications for business operations.
“The device in your employee's pocket is simultaneously connected to AI tools, targeted by AI-powered attackers, and operating in an environment where the threat landscape is being rewritten in real time,” said Colm Healy, CEO of Corrata. “The controls deployed two or three years ago were not built for this world. We have rebuilt ours to match it.”
According to the company, mobile security teams now face three major AI-related challenges simultaneously: hyper-personalized social engineering, AI-accelerated exploit development, and shadow AI-related data loss.
Corrata cited research indicating that AI-generated phishing campaigns achieve click-through rates of 54%, compared to 12% for traditional phishing attacks. The company also noted that 85% of phishing attacks now occur outside email platforms, increasingly targeting mobile messaging applications such as SMS, WhatsApp, and Microsoft Teams.
To address these risks, Corrata introduced several new capabilities designed specifically for mobile enterprise environments.
One of the key announcements is the development of a custom on-device LLM engineered to analyze encrypted mobile traffic, behavioral patterns, and connection metadata directly on the device itself. Corrata said the approach is intended to improve real-time threat detection without routing sensitive traffic through external cloud services.
The company also launched AI Governance capabilities that allow organizations to define approved and unauthorized AI services within mobile workspaces. The feature can automatically identify, flag, or block unsanctioned AI tools, including consumer chatbots, AI coding assistants, and embedded LLM software development kits within third-party applications.
Corrata said the governance framework is designed to help organizations address emerging compliance requirements tied to standards such as ISO 42001 and the EU AI Act.
The company additionally expanded its mobile data loss prevention capabilities to address growing concerns around employees sharing sensitive corporate information with consumer AI platforms.
Corrata referenced industry research suggesting that 43% of employees share corporate data with large language models without authorization. The company said mobile devices present elevated risks because business and personal workflows are frequently intertwined.
Corrata’s enhanced DLP capabilities use detailed traffic analysis to identify sensitive enterprise data being transmitted to external services, enabling security teams to detect potential exfiltration attempts while reducing false-positive alerts.
“Corrata brings together the deepest visibility into mobile traffic of any solution on the market with a new generation of AI-native capabilities built for the threats that matter most right now,” said Colm Healy.
The company confirmed that its AI Governance and enhanced DLP capabilities are available immediately, while the on-device LLM remains in active development.
About Corrata
Corrata is a mobile endpoint security company headquartered in Dublin, Ireland. Its on-device technology delivers comprehensive threat detection and response for iOS and Android devices, combining advanced mobile threat defence with data loss prevention and AI governance. Corrata is a member of the Microsoft Intelligent Security Association (MISA), verified for use with FirstNet, and is accredited as 'Cybersecurity Made in Europe' by ECSO.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.