EDR Protection Without Compromising Privacy

You may have seen recent reports about a potential data leakage affecting another Endpoint Detection and Response (EDR) product. Unfortunately, some of the reports made it seem like EDR as a product category is to blame. These reports suggest that EDR inherently sends potentially sensitive data out of the customer's environment. This is not true for Cybereason.

It’s important to keep the following points in mind:

• EDR can be done in many ways and has no inherent vulnerability as a product category.
• Cybereason was designed with our customer privacy in mind: we never send sensitive data and files outside of the customer's environment.
• Architecturally the Cybereason EDR was built in a way that prevents this sort of leak: we leverage a behavioral detection technology that does not rely on the transmission of files out of a customer environment to assess risk.

In short, all Cybereason transmits to our single-tenant cloud is metadata. For example, the information about a file such as its title, author, and length will be sent for analysis, but the file or its content will never leave a customer’s environment.