Corellium supports mobile security research on iOS 16

Announcement: Corellium Supports iOS 16 Mobile Security Research

We provide the mobile security research community with the tools they need to test iOS – without jailbreaks. Now, Corellium Virtual Hardware platform supports iOS 16.

Corellium Support for iOS 16

At Corellium, we’re committed to providing the mobile security research and app developer communities the ability to comprehensively test and analyze Apple’s mobile operating systems without having to jailbreak physical devices. To that end, we’re very proud to announce that our Corellium Virtual Hardware platform now supports iOS 16, including fully jailbroken iOS 16.

&nbsp;
Jailbreaks are essential to iOS security work. Without jailbreaks, white-hat researchers wouldn’t be able to dynamically analyze mobile apps or discover security flaws in walled-off areas of the operating system. Researchers have relied on jailbreaks for significant, groundbreaking discoveries ranging from <a href="https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/">analyzing the Pegasus malware</a> to dissecting the <a href="https://twitter.com/patrickwardle/status/1210742545451323392">UAE-spy app ToTok</a> to uncovering how malware may be loaded onto an iPhone’s Bluetooth chip <a href="https://arxiv.org/pdf/2205.06114.pdf">even when the device is off</a>. Most of the bugs reported to Apple’s Bug Bounty program wouldn’t have been discovered without a jailbreak, and you would be hard-pressed to find a mobile pen-testing team that doesn’t have a pile of jailbroken iPhones for application analysis.
&nbsp;
Counterintuitively, while jailbreaks are essential for security research, achieving a jailbreak on a physical iOS device fundamentally requires the exploitation of security vulnerabilities. The purpose of jailbreaking is to enable users to do things that aren’t ordinarily permitted by the operating system – namely, to run their own code and to access lower levels of the system. Since iOS is not designed to enable this access by default, a user must find and leverage security flaws in the operating system to change the way it behaves. Typically, this is achieved by “patching” the iOS kernel.
&nbsp;
Put another way: to find bugs in iOS, the security community has to exploit bugs in iOS. This creates an uncomfortable incentive for researchers to withhold known bugs from Apple, in order to maintain their ability to do their work.&nbsp;
&nbsp;
Corellium’s approach is inherently different: it doesn’t rely on vulnerabilities at all. Instead, because the operating system is running in a virtualized environment, the OS can simply be configured to run with escalated privileges by default – the “patches” can simply be applied at the outset. Corellium’s virtual devices behave and function the same way a physical jailbroken device would, and they even come pre-loaded with common jailbreak tools like Cydia. In this way, Corellium is not only able to provide the security research community with immediate support for a jailbroken version of the latest OS, but it can do so without having to withhold any security vulnerabilities from Apple.&nbsp;
<h2>Public jailbreaks are increasingly rare</h2>
Apple invests considerable effort in continually improving the security of its operating system. As it hardens iOS with each new release, public jailbreaks are becoming more and more rare. Nearly a year after the release of iOS 15, a public jailbreak for this version has yet to be made available.&nbsp;
The reason for this is simple: it’s getting harder and harder to find bugs that can be used for a jailbreak. It used to be that a fully untethered jailbreak required just one or two vulnerabilities to achieve privilege escalation. Now, jailbreaks require a complex chain of exploits, and even then, they often don’t provide the same degree of access or persistence. From this perspective, Apple’s efforts to improve the security of iOS over time have arguably succeeded.
But this success has created something of a catch-22. As our CTO Chris Wade describes:&nbsp;
<blockquote>
The more Apple locks down their operating system to improve end user security, the harder it becomes for the independent security research community to investigate and identify security vulnerabilities, both in the operating system itself and in the apps that run on it. That doesn’t mean vulnerabilities aren’t still there; it just makes it harder for the community to help find them before bad actors do. And the harder they are to find, the more valuable they are, so the more incentive researchers have to hold them instead of report them, and the more incentive bad actors have to go looking for them.
</blockquote>
Indeed, as jailbreaks become harder to implement, they become increasingly valuable. This drives researchers, governments, and security companies to create their own private jailbreaks and hoard the bugs that enable them to protect their advantage for future security work.
<h2>&nbsp;</h2>
<h2>iOS 16 features focus on narrowing attack surfaces</h2>
iOS 16 includes two notable new features aimed at limiting attack vectors. One is called “Lockdown Mode,” which focuses on protecting a small but highly vulnerable set of users, such as activists and journalists. Lockdown Mode strictly limits or disables certain ‌iPhone‌ features, as well as access to certain apps and websites.
Interestingly, the specific features of Lockdown Mode suggest that, in Apple’s assessment, the most common attack vectors on an iPhone today are malicious websites, infected iMessages or FaceTime videos, MDM profiles, and wired connections to the phone. Notably, Lockdown Mode does not seem to impact a user’s access to third-party app store apps. As Apple increasingly limits the attack surface for native features, the attack focus may shift to apps from the App Store – particularly given the <a href="https://www.washingtonpost.com/technology/2021/06/06/apple-app-store-scams-fraud/">limited review</a> these apps undergo.
Another new feature, “Developer Mode,” aims to protect people from “inadvertently installing potentially harmful software on their devices” and to “reduce attack vectors exposed by developer-only functionality,” <a href="https://developer.apple.com/documentation/xcode/enabling-developer-mode-on-a-device">according to Apple</a>. As a byproduct, this feature also introduces additional friction to installing and running third-party code, including apps from alternative app stores. Apple is of course facing intense regulatory scrutiny over its monopoly of app distribution, and this wouldn’t be the first time it used security as a pretext for preserving control of the iOS ecosystem.
The addition of Lockdown Mode and Developer Mode in iOS 16 highlights an evolving and heightened focus on the security of iOS. High-profile stories – about malware like Pegasus or about a critical FaceTime bug discovered by a highschooler – have put increasing pressure on Apple to address even obscure attack vectors that are unlikely to affect an ordinary user.&nbsp;
This has resulted in a new iOS version that, for the first time, acknowledges and addresses the different threat profiles faced by different audiences, demonstrating an increasingly sophisticated and nuanced approach by Apple to user security. At the same time, this new iOS version continues the trend of tighter security controls, which will likely also mean a continuation of the trend of not seeing a public jailbreak for this new version anytime soon – if ever.&nbsp;
This is why we believe it’s as important as ever for Corellium to provide a place for white-hat developers to perform good-faith security research in a way that’s not possible on physical devices – a way that doesn’t require exploiting, withholding and retaining vulnerabilities. And given our platform’s widespread adoption by the world’s top security research and development teams, it seems the community would agree.
For more information about our latest code release, check out <a href="https://www.corellium.com/updates">https://www.corellium.com/updates</a>.&nbsp;

At Corellium, we’re committed to providing the mobile security research and app developer communities the ability to comprehensively test and analyze Apple’s mobile operating systems without having to jailbreak physical devices. To that end, we’re very proud to announce that our Corellium Virtual Hardware platform now supports iOS 16, including fully jailbroken iOS 16.

text

Attack Surface Mapping with Corellium: iOS Persistence

Attack surface mapping of files opened by processes is a useful tactic to thwart attacker persistence. Learn how to use Corellium for this strategy.

Mapping iOS Persistence Attack Surface using Corellium

Persistence is a <a href="https://attack.mitre.org/tactics/TA0003/" style="background-color: #ffffff;" rel="noopener" target="_blank">tactic</a> used by attackers and jailbreakers1 to maintain a foothold on a device after reboot, and can be a <a href="https://zerodium.com/program.html" rel="noopener" target="_blank">valuable</a>&nbsp;component of an exploit chain. Fundamentally, this requires attacker-controlled data to be processed at some point in the course of booting, so creating a mapping of files opened by various processes should provide a useful first approximation of the cyber attack surface.

Everything on our website, all in one place.

Find what you’re looking for

Our revolutionary cloud-based research environment combines high-fidelity virtual devices with powerful integrated tools.

Mobile Security Research

Test your apps at scale on Arm in a convenient, low-cost virtual environment.

Mobile App Testing

Our technology is limitless. Explore how Corellium can advance your work on Arm-based devices.

Let’s do something great together

There are now Go builders on http://build.golang.org for android/arm, android/arm64, darwin/arm64 (iOS) running on virtual @CorelliumHQ devices. Thanks to @steeve and @zenlyapp we might soon get rid of slow and unreliable physical test devices.

Go is now self hosted on iOS and Android. Meaning it doesn't need a host to compile and run programs on those platforms. What a fine job @eliasnaur and @CorelliumHQ.

Thank you @CorelliumHQ for supporting our training session with your iOS and Android virtual devices! It will be a huge help for our students at @typhooncon 10th June // Seoul "Offensive Mobile Reversing and Exploitation". For registration go to typhooncon.com/registration/

Just got my hands on @CorelliumHQ — saying that my mind is blown is an understatement. This is the future of iOS security research. (and my eternal fear of bootlooping my physical devices is gone!)  Huge thanks to @cmwdotme and @chronic!

@CorelliumHQ is easily one of the most impressive platforms I've seen. Happy to share that students attending the @BlackHatEvents @MDSecLabs Mobile Training will get to play with this first hand! blackhat.com/us-18/training... #BHUSA

Live kernel debugging on a virtualised iOS 12.0! Having the ability to do this sort of thing with whichever iPhone/version you want is gonna greatly assist developers & researchers with future iOS kernel security research.

So much this. Craziest thing for me was just having it show up as a run destination in Xcode (oh yeah and it has ssh and cycript). Real iOS virtualization in the cloud is /awesome/. Nice work @cmwdotme and team!

Watching an online virtual iPhone 8 Plus installing a copy of iOS 11.4 in a browser is *wild*. Then proxying it to USB so you can build & run directly from Xcode? @cmwdotme's @CorelliumHQ is so freaking cool.

Saying that my mind is blown is an understatement. This is the future of security research.

Discover how virtual devices can advance your development work on mobile, IOT, and beyond.

Virtual devices with real-world accuracy

Corellium for Mobile Security Professionals

Our virtual devices give you the convenience, efficiency, and scale of an emulator with the fidelity and performance of a real device. And with powerful controls and integrated tools, you can build, test, and explore in ways that were never possible before. Available on-site and in the cloud.

Physical devices are holding you back.

Thoughts, stories and ideas from the Corellium® team.

Latest Posts

CHARM™ is our custom type-1 hypervisor, purpose-built to run virtual models of Arm devices on cutting-edge Arm servers.

Powered by CHARM™

With usage-based pricing, you’re only billed for the time that you use or store your virtual devices.

Billing occurs every 7 days or when you reach a threshold of $100 (whichever is sooner).

With our monthly subscription model, you are allotted a certain number of CPU cores, and you can run as many virtual devices as that number of CPUs will permit at a time.

These CPU cores correspond to the number of CPU cores available on the Arm servers assigned to your account. Each virtual device requires a certain number of CPU cores in order to run. Most devices require two cores, but newer devices, such as the iPhone 8 and iPhone X, require six cores.

The magic of virtual Arm devices with shockingly lower pricing and better deployment flexibility than less powerful alternatives.

Simple, transparent pricing for cloud and on-site solutions

Transparent pricing for cloud and on-site

We believe Arm processors will power the next massive wave of mobile and IoT computing devices, exponentially expanding the cyber security attack surface.

Transformative technology

We believe Arm hypervisor virtualization is critical technology for developers and security teams to achieve needed levels of security research and testing, so we aim to we deliver carefully crafted, well-designed products to solve real problems.

Excellence with purpose

There are 13M Arm developers today and we believe this number will grow 3X over the next decade. We're dedicated to supporting our peers in the Arm community who seek to build more secure, performant, and accessible software and devices.

Committed to our community

A few key values we hold onto as we strive to break boundaries and set new standards through the power of virtualization.

What we believe in

We’re on the lookout for folks to help us deliver stellar experiences across our digital ecosystem. Join us and help create the future of Arm Virtualization.

Join us, from anywhere

Corellium® was founded to equip teams with the tools they need to push the ecosystem of Arm-based devices forward. We changed what's possible, so you can build what's next.

We create software that’s indistinguishable from magic

We team up with folks who believe in our long-term approach to building a great company and believe in our mission.

We're backed by incredible investors

We’ve been featured in quite a few places - have a read.

In the news

We’re a group of passionate people dedicated to the success of our team, partners and customers.

Leadership team

Unlike other hypervisors, CHARM™ wasn’t ported to Arm: it was built for Arm from the ground up. And Corellium's hypervisor wasn’t built to virtualize servers: it was specifically designed to handle the complex peripherals and chip architectures of mobile devices.

The only hypervisor designed specifically to virtualize mobile devices

Corellium's Arm2Arm feature provides transparent 32-bit translation for Android, so developers can run apps with 32-bit libraries on 64-bit server hardware without making any modifications to their code.

Transparent 32-bit translation for Android

To optimize user interaction with the virtual display, Corellium's hypervisor provides hardware-accelerated H.264 / H.265 compression and GPU support with OpenGL ES pass-through. Our proprietary WebRTC implementation re-encodes display for ultra-smooth rendering.

Realistic, highly performant interaction and visual display

Our hypervisor has the flexibility to run not only virtual devices but also containerized applications. Our container technology uniquely runs LXC-style Android containers on Android, sharing services to enable greater resource density for use cases like application streaming.

Sophisticated container technology

The Corellium hypervisor CoreHDL feature enables developers to plug their own simulated hardware into virtual devices for hardware design, verification and bringup.

Ability to plug simulated hardware into virtual devices

Corellium offers turnkey, out-of-the-box software, as well as a deeply customizable platform, resulting in rich native-like experiences, sophisticated rendering and smooth graphics.

Performance out of the box

From advanced security research to mobile app testing, our technology empowers critical development work across the Arm ecosystem.

Groundbreaking technology

CHARM™ is our custom type-1 hypervisor designed to run multiple complex devices, peripherals and chipsets on a single, cutting-edge Arm server, allowing us to virtualize devices on their native architecture.

Say hello to CHARM™

We ensure developers and engineers are well-equipped to research, work, and test on Arm-based technologies.

A groundbreaking platform to advance your work on Arm

Select from a variety of device models and OS versions for iOS and Android to accelerate your mobile testing and development.

Hundreds of models, ready to boot

Advanced integrated tools give you a level of insight and control that isn't possible with physical devices or emulators.

Ultimate mobile device security tools

Work with our team on modeling your custom IoT device to enable accurate, performant testing as you develop new hardware and firmware.

Bring your own custom IoT models

The accuracy, fidelity, and performance of real devices combined with the scale, efficiency, and convenience of the cloud.

The best of both worlds

Advice and answers from the Corellium team.

Support Center

Check out platform status and historical uptime.

Status

Check out the latest releases and updates.

Changelog

Documentation and reference for our platform API.

API Docs

Corellium's on-site appliances use the latest Ampere Altra Arm servers. On-site servers can be airgapped for use in high-security locations.

Corellium Appliances

Corellium's cloud service is hosted at AWS, using Amazon's Graviton Arm servers. Private AWS licenses are also supported.

Corellium Cloud

Solution Flexibility

Everything you need to know about devices and your data.

Frequently asked questions

Virtual devices in their native environment. Unlike other emulators, our virtual devices run on Arm-based servers, so you can test with confidence while still enjoying the convenience of the cloud.

A groundbreaking platform for Arm virtualization

See what others are saying and download our media kit.

Welcome to the Pressroom

Built on what it claims is massive demand for its tool that creates virtual Android and iPhone devices for security testing, it announced a Series A funding round on Thursday at $25 million, led by Paladin Capital Group, with participation from Cisco Investments.

Corellium Scores $25 Million Funding To Build Android And iPhone Cyber Research Juggernaut

Corellium had caused a stir in the security community in 2018 when Forbes revealed its plans to allow researchers to spin up iPhones on their laptops to start probing iOS for security weaknesses or usability flaws.

Apple Drops iPhone Copyright Lawsuit Against Cyber Startup Corellium

Previously, Corellium restricted iOS-based device virtualization to enterprise accounts through its CORSEC platform, with Android tools available to both enterprise and individual users.

Corellium opens iOS device virtualization support to individual accounts

There are some champions trying to make the online world a safer place. Our inaugural Forbes Cybersecurity Awards celebrate their achievements.

Forbes Cybersecurity Awards 2020: Corellium, The Tiny Startup Driving Apple Crazy

Every benevolent hacker dreams of a space replete with software they can manipulate to make it do things it shouldn't. But oftentimes it's neither cheap nor easy to acquire and maintain all that tech, especially when you're trying to break it, risking its very usefulness.

This Super Stealth Startup Has Built An Apple Hacker's Paradise

The latest news, technologies, and resources from our team.

Recent features

"Emulating Androids and iPhones inside a computer turns out to be incredibly useful to anyone testing the security of the devices and to app developers making sure their tools work properly before putting them out into the world."

Cybersecurity Product of the Year 2020

We’ve assembed a small kit of assets, available to download for editorial use. We're also happy to answer additional questions or provide further information, such as a product demo or executive interview.

Press Kit

We’re proud sponsors of the open source projects we work with every day.

Not part of our tech stack obviously, but a great addition to this initiative. Contributing here any way we can is an investment in the future diversity and equality of our teams.

WWCode is a global non-profit organization dedicated to helping women excel in technology careers.

Sponsoring Open Source

Babel underpins our entire frontend stack — we use it to write bleeding-edge ES6 / ES7 and get browser-compatible ES5 JS back. It's crucial to both our development speed and developer experience.

A JavaScript compiler - put in next-gen JavaScript, get browser-compatible JavaScript out.

We use Prettier and ESLint together to create a rigid, shareable editor configuration for our whole team. It ensures that we're all writing and formatting our code in the same way, resulting in much cleaner, scalable and understandable code.

An opinionated code formatter that supports many languages and integrates with most editors.

Storybook allows us to build and test our components in isolation, with great add-ons to help with accessibility, showcasing features and test actions. It's what powers our design system.

An open source tool for developing UI components in isolation for React, Vue, and Angular.

We have a love-hate relationship with ESLint. Our custom 600-line config has made our codebase incredible robust by enforcing the absolute best practices in JS development across the entire team, which is essential in remote work era. But, in order to do this, it tells us what we're doing wrong every key we type. But hey, it makes us better developers in the long run!

Find and fix problems in your JavaScript code.

Webpack powers every modern JS build system. It allows us to create independent components, libraries and assets that connect and work with each other, by building them into a single (or chunked) JS files for browsers.

A static module bundler for modern JavaScript applications.

We use Jest to write component-level tests in our design system, so we can reduce the probability of things unintentionally breaking in new releases.

A delightful JavaScript Testing Framework with a focus on simplicity.

PostCSS allows us to write regular CSS with "enhancements" — utilities and functions that are crucial to creating a scalable design system. It also comes with Autoprefixer, a library that automatically adds browser-specific rules during build time so we don't need to think about it!

A tool for transforming CSS with JavaScript.

Stylelint, in combination with ESLint, maintains and cleans up our design system and styles in general by providing rules and conventions on how to write good CSS.

A mighty, modern linter that helps you avoid errors and enforce conventions in your styles.

SWC is the new compiler for Next.js, replacing Babel and Terser. While we can't support Next.js directly as it's by Vercel, sponsoring the underlying compiler is the next best thing!

A super-fast compiler written in rust; producing widely-supported javascript from modern standards and typescript.

Rollup powers the package build process of our design system. Every time we commit new code, Rollup pulls our components together and builds them into a finalised, importable bundle for consumer apps.

A module bundler for JavaScript which compiles small pieces of code into something larger and more complex, such as a library or application.

Axios is a fantastic little library for making HTTP requests — uploads, downloads, etc. from inside Javascript. Because it's polymorphic (works on the front-end and the back-end), we're using it across all our codebases. It also comes with a great utility for running multiple concurrent requests.

An isomorphic, promise-based HTTP client for Javascript.

Yarn is a brilliant enhancement for the NPM Package Management system. It's much faster and the CLI commands are terser and smarter, meaning we're able to start projects and manage dependencies a lot quicker.

A package manager that doubles down as project manager.

I'm not sure if we've ever met a developer that doesn't use ZSH. It's a framework for your terminal that helps you be more productive with a huge range of helpers, utilities and formatting changes.

A delightful, open source, community-driven framework for managing your Zsh configuration.

The bridge between our ESLint and Prettier configurations and our use of Typescript as a language.

The tooling which powers TypeScript usage with ESLint, and TypeScript usage with Prettier.

Amanda Gorton

Anthony Ricco

Chris Williams

David Backer

Events

Hayden Bleasel

Jasmine Singleton

News

Noah Eriksen

The latest industry news, interviews, technologies, and resources.

Resources and insights

Using the Safari Web Inspector with Corellium

Where does Mobile App Security Testing fit into the latest NIST SSDF and CISA Zero Trust publications?

$25M to Accelerate Arm Testing, Research, and Development

Announcing the 2021 COSI Award Winner

Corellium Open Security Initiative

Armv9 and Corellium: Why we chose Arm vs X86

Upcoming Training Opportunities with Corellium

Announcing Support for iOS on Individual Cloud Accounts

How We Ported Linux to the M1

Usage-Based Billing

Mobile Physical Memory Security

Corellium Workshop at Arm DevSummit 2020

Announcement

Demo

Media Room

Technical Writeups

Workshops

We’re on the lookout for folks to help us deliver stellar experiences across our digital ecosystem. Here are some specific roles we are looking to fill!

Build the future of research, testing and development on Arm

A few things to make your work life and personal life work better together.

Perks, benefits and remuneration

Build the future of Arm research and development

&lt;p&gt;The Customer Success Engineer will partner with our highly technical on-site customer base to provide in-depth support. This individual will play an essential role in building and strengthening the relationships with Corellium on-site customers and managing the delivery of excellent Support services. This role aims to ensure that Corellium customers have a positive experience with our product, are committed to continuing to use our product, and are able to integrate our product quickly into their daily workflows.&lt;/p&gt;
&lt;p&gt;&lt;strong&gt;Responsibilities:&lt;/strong&gt;&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Communicate with the Customer Success team, the Corellium Engineering department, and Corellium customers to deliver solutions.&lt;/li&gt;
&lt;li&gt;Act as the “named representative” for customers who purchase premier support.&lt;/li&gt;
&lt;li&gt;Lead the initial product support setup and configuration while providing &quot;Getting Started with Corellium&quot; training on the platform.&lt;/li&gt;
&lt;li&gt;Provide technical support and troubleshooting problems for customers having difficulty using a new or existing product.&lt;/li&gt;
&lt;li&gt;Field all support tickets from on-site customers, address tickets promptly, monitor progress, and proactively communicate progress to the customer until resolution.&lt;/li&gt;
&lt;li&gt;Escalate support requests to the development team for especially complex issues.&lt;/li&gt;
&lt;li&gt;Track ongoing issues and advocate for customers&#39; intent, workflows, and requirements.&lt;/li&gt;
&lt;li&gt;Partner with the product team to drive enhancements and new features based on customer engagement.&lt;/li&gt;
&lt;li&gt;Provide customer trainings.&lt;/li&gt;
&lt;li&gt;Regularly check in with customers to ensure they are able to use the platform effectively; foster strong relationships with customers; help customers implement quick solutions for the problems they are trying to solve to ensure the product is sticky and useful.&lt;/li&gt;
&lt;li&gt;Attend and assist with sales calls for on-site customers.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;&lt;strong&gt;Requirements:&lt;/strong&gt;&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Outstanding ability to communicate with highly technical customers.&lt;/li&gt;
&lt;li&gt;Experience with mobile device security testing and analysis (for example, Sans 575 certification) and/or with mobile vulnerability research&lt;/li&gt;
&lt;li&gt;At least three years of customer support and/or sales experience&lt;/li&gt;
&lt;li&gt;Computer Science degree or equivalent experience&lt;/li&gt;
&lt;/ul&gt;

Customer Success Engineer 

Engineering

Remote 

&lt;p&gt;The Director of Education Sales will be responsible for both expanding sales within existing accounts and for new pipeline generation within Education accounts. Our customer acquisition motion in Education is via marketing, online product trials and direct outreach to these customers. Our education targets are higher ed, particularly those institutions with a strong Computer Science/Engineering curriculum with an emphasis on cybersecurity as well as online professional education providers such as SANS, Udemy, Codecademy, etc.&lt;/p&gt;
&lt;h2&gt;Responsibilities&lt;/h2&gt;
&lt;p&gt;The main responsibilities of this role revolve around the ability to help potential customers understand how we can address their needs. There is a wide range of duties in this position including:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Lead and shape our efforts in Education&lt;/li&gt;
&lt;li&gt;Build long-term relationships with customers’ top decision makers as well as the users, meaning the professors and teachers, of Corellium’s offerings&lt;/li&gt;
&lt;li&gt;Develop a deep understanding of customers’ current/future technology needs&lt;/li&gt;
&lt;li&gt;Define and execute account sales strategies&lt;/li&gt;
&lt;li&gt;Develop and maintain action plans for how the account will achieve targets, coordinating action planning across functions&lt;/li&gt;
&lt;li&gt;Coordinate Corellium resources (e.g., executives, product team, engineering) to ensure effective deliverable creation&lt;/li&gt;
&lt;li&gt;Define/oversee customer solution structure and negotiate financial terms&lt;/li&gt;
&lt;li&gt;Follow up on warm leads to explore needs, progress online trials, and convert to successful customers.&lt;/li&gt;
&lt;li&gt;Emphasize the features of products to highlight how they solve customer problems, answer questions, and leverage company resources as needed.&lt;/li&gt;
&lt;li&gt;Engaged in good CRM hygiene and execute effective campaigns in email and over the phone.&lt;/li&gt;
&lt;li&gt;Maintain contact lists and follow up with customers to continue relationships.&lt;/li&gt;
&lt;li&gt;Exceed sales goals.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;Requirements&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;5 years of experience in areas such as:
&lt;ul&gt;
&lt;li&gt;SaaS and/or Security sales to higher education,&lt;/li&gt;
&lt;li&gt;Selling into the security/developer landscape.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;Proven sales background with a track record of success, with an orientation on goal over-achievement.&lt;/li&gt;
&lt;li&gt;Self-motivated as a remote worker to effectively manage time and efforts to achieve performance goals.&lt;/li&gt;
&lt;li&gt;Working knowledge of CRM and customer messaging tools.&lt;/li&gt;
&lt;li&gt;Foundational understanding of software cybersecurity technology and experience in selling software tools.&lt;/li&gt;
&lt;li&gt;Ability to develop targeted offerings and close deals by leveraging Corellium and partner sales teams.&lt;/li&gt;
&lt;li&gt;Understanding of higher education purchasing processes and contract vehicles.&lt;/li&gt;
&lt;li&gt;Bachelor&#39;s degree preferred.&lt;/li&gt;
&lt;/ul&gt;

Director of Education Sales

Sales

Delray Beach, Florida 

&lt;p&gt;We’re looking for a senior engineer to help create highly accurate virtual models of Arm-based mobile and IoT devices. This role includes static and dynamic reverse engineering, as well as the creation of tools to assist in the efforts. This is a full-time, remote role based in the US. You can read more about our approach to device modeling on &lt;a href=&quot;https://www.corellium.com/device-modeling&quot;&gt;our website&lt;/a&gt;.&lt;/p&gt;
&lt;h2&gt;Requirements&lt;/h2&gt;
&lt;p&gt;An understanding of general computer engineering concepts is required, plus:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Knowledge of Arm instruction and system level architecture&lt;/li&gt;
&lt;li&gt;Proficient in C, C++, Verilog and/or Assembly&lt;/li&gt;
&lt;li&gt;Comfortable with hardware design and bringup of embedded systems&lt;/li&gt;
&lt;li&gt;Experience with reverse engineering tools like IDA, Ghidra, Hopper&lt;/li&gt;
&lt;li&gt;Familiarity with simulators, e.g. Fast Models, Virtualizer, Virtual System Platform, QEMU&lt;/li&gt;
&lt;li&gt;Familiarity with industry standard technologies like PCIe, AXI, DDR, I2C, SPI, TrustZone&lt;/li&gt;
&lt;/ul&gt;

Senior Device Modeling Engineer

&lt;p&gt;The VP/Director of Enterprise Sales will be responsible for both expanding sales within existing accounts and for new pipeline generation within enterprise accounts. Our customer acquisition motion in the enterprise is via marketing, online product trials and direct outreach to these customers. We believe the highest concentration of enterprise customers will be in the Financial Services and Telco industries; however, any enterprise who highly values mobile cybersecurity and mobile application testing either internally or for their customers is an appropriate target.&lt;/p&gt;
&lt;h2&gt;&lt;strong&gt;Responsibilities&lt;/strong&gt;&lt;/h2&gt;
&lt;p&gt;The main responsibilities of this role revolve around the ability to help potential customers understand how we can address their needs. There is a wide range of duties in this position including:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Lead our efforts in Enterprise sales, and possibly as a “player-coach” responsible for their own accounts as well as driving a small team (TBD based on experience).&lt;/li&gt;
&lt;li&gt;Build long-term relationships with enterprise C-suite and executives&lt;/li&gt;
&lt;li&gt;Develop a deep understanding of customers’ current/future technology needs&lt;/li&gt;
&lt;li&gt;Define and execute the strategy for each account&lt;/li&gt;
&lt;li&gt;Develop and maintain an action plan for how each account will achieve targets, coordinating action planning across functions&lt;/li&gt;
&lt;li&gt;Coordinating Corellium resources (e.g., product team, engineering) and Alliance partners (e.g., Accenture, KPMG, etc) to ensure effective execution&lt;/li&gt;
&lt;li&gt;Define/oversee customer solution structure and negotiating financial terms&lt;/li&gt;
&lt;li&gt;Be knowledgeable about our solutions for security and developer teams.&lt;/li&gt;
&lt;li&gt;Follow up on warm leads to explore needs, progress online trials, and convert to successful customers.&lt;/li&gt;
&lt;li&gt;Emphasize the features of products to highlight how they solve customer problems, answer questions, and leverage company resources as needed.&lt;/li&gt;
&lt;li&gt;Engaged in good CRM hygiene and execute effective campaigns in email and over the phone.&lt;/li&gt;
&lt;li&gt;Maintain contact lists and follow up with customers to continue relationships.&lt;/li&gt;
&lt;li&gt;Exceed sales goals.&lt;/li&gt;
&lt;/ul&gt;
&lt;h2&gt;&lt;strong&gt;Requirements&lt;/strong&gt;&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;5 years of experience in areas such as:
&lt;ul&gt;
&lt;li&gt;SaaS and/or cybersecurity sales to Fortune 500 customers.&lt;/li&gt;
&lt;li&gt;Selling into the security/developer landscape.&lt;/li&gt;
&lt;/ul&gt;
&lt;/li&gt;
&lt;li&gt;Proven sales background with a track record of success, with an orientation on goal over-achievement.&lt;/li&gt;
&lt;li&gt;Self-motivated as a remote worker to effectively manage time and efforts to achieve performance goals.&lt;/li&gt;
&lt;li&gt;Working knowledge of CRM and customer messaging tools.&lt;/li&gt;
&lt;li&gt;Foundational understanding of software security technology and experience in selling software development tools are a plus.&lt;/li&gt;
&lt;li&gt;Ability to develop targeted offerings and close deals by leveraging Corellium and partner sales teams&lt;/li&gt;
&lt;li&gt;Strong understanding of enterprise customer buying processes that enable effective management of opportunity pipeline for each account.&lt;/li&gt;
&lt;li&gt;Proven track record for negotiating and closing large enterprise deals.&lt;/li&gt;
&lt;li&gt;Bachelor&#39;s degree preferred.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;
&lt;h2&gt;&lt;strong&gt;Benefits&lt;/strong&gt;&lt;/h2&gt;
&lt;ul&gt;
&lt;li&gt;Full-time role with competitive salary.&lt;/li&gt;
&lt;li&gt;50% base and 50% variable compensation based on quota achievement.&lt;/li&gt;
&lt;li&gt;Unlimited paid time off and sick days.&lt;/li&gt;
&lt;li&gt;Health care benefits (location of employment dependent).&lt;/li&gt;
&lt;li&gt;Working from home with little business travel.&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;&amp;nbsp;&lt;/p&gt;