Each of the Cybereason products is built and developed with security in mind. Cybereason follows application security best practices including OWASP guides and NIST standards.
The secure development lifecycle process ensures that security is taken into consideration in every new feature, from design to coding to testing. Cybereason also performs an annual penetration test by an external independent vendor.
Cybereason offers the flexibility to be deployed on-premises or in the cloud. In an on-prem deployment, the customer can apply their own infrastructure security standards in the deployed environment. Cybereason cloud deployments are done via AWS cloud, in the AWS secure data centers. The environments are built in accordance with AWS best practices. Every customer has their own dedicated set of servers, in their own segment. The servers are hardened according to CIS hardening standard and are patched regularly. Additionally, Cybereason uses our own system to monitor and secure our servers.
Access control in Cybereason is based on roles and is granted according to business need and the Principle of Least Privilege. Access control is enforced in several infrastructure layers as well as within the Cybereason application layer.
Administrative access for authorized personnel is done using unique named accounts and two-factor based authentication methods. Cybereason enforces separation of duties among the different teams involved in product development and deployment process.
Cybereason monitors our corporate and production environment using several tools. We use an external SIEM system that collects audit trails from various security and IT systems, then correlates, and alerts suspicious activity. Additionally, we perform periodic proactive hunts within our environment, in order to spot attack attempts.
Service Organization Control Type II
Cybereason is also periodically audited for Service Organization Control Type 2 (SOC2) standard for security, availability, confidentiality, and processing integrity. SOC2 is one of the most demanding and strict international standards for reflecting the security level of organizations.
Cybereason is ISO-27001:2013 certified, which includes certification of the company, its operations, product, and services. The ISO-27001:2013 audit evaluated the Cybereason information security management system, the security policies, and its implementation.
Anti-Malware Testing Standard Organization (AMTSO)
Cybereason is a member of the Anti-Malware Testing Standards Organization (AMTSO), and Cybereason Deep Prevent (NGAV) was tested and certified by AMTSO testing member SE Labs.
The AMTSO security software standards have been developed and agreed to by more than 40 security experts, product testers and members of the media from around the world.
Cybereason is a contributing member of VirusTotal and the Cybereason NGAV engine has been integrated into VirusTotal's threat scanning service. VirusTotal, a subsidiary of Google, is a free online service that analyzes files and URLs enabling the identification of viruses, worms, trojans and other kinds of malicious content detected by antivirus engines and website scanners. The group's mission is to help in improving the antivirus and security industry and make the internet a safer place through the development of free tools and services.