Application risk exposure grading provides an additional risk indicator to Lookout Administrators, to help sort and filter their applications for review, and to focus on those that may fall below a threshold and raise concern.

You can use risk grading with other search criteria to find additional data risks. For example, an administrator might filter for all applications with critical risk exposure, but in addition look for those applications that use OpenSSL and have indicators suggesting the application is communicating to a country of concern. Then you can review details for apps meeting this criteria and place the entire application family or a specific app version in the Application Denylist.

Lookout provides a Denylisted App application policy classification that can trigger a Security alert for any device where the app is installed.

Alternatively, you may choose to accept that an application provides functionality that justifies the risk posed by its capabilities and permissions. For example, the Lookout for Work application requests higher permissions for the protective functionality it provides and thus can qualify for a higher risk exposure.