Cybereason is a cybersecurity technology company that provides a SaaS-based security platform and services. The security of our assets and customers is of the highest importance. We invest tremendous efforts in the security and protection of our information and product, and we comply with the highest standards of security and privacy.
Both data in transit and data at rest are encrypted using common encryption mechanisms such as AES 256, TLS 1.2 and above.
Cybereason has a BCP (Business Continuity Program) including disaster recovery and backups to all customers’ environments. The BCP is tested annually. Backups are checked on a daily basis.
Cybereason’s SDLC process includes the Cybereason Security Team as a stakeholder. Our Security Team is involved in all R&D processes: setting security requirements, designing, code reviews and penetration tests based on OWASP guidelines
Cybereason’s Security Team performs monitoring on customers’ environments using an SIEM platform and Cybereason platform (EPP and EDR) to detect cyber threats. The Security Team manages security incidents according to best-in-class incident response processes.
Cybereason is audited on a yearly basis by external auditors:
Cybereason complies with the CSA - Cloud Security Alliance standard and meets cloud security controls.
Cybereason is certified to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks as administered by the U.S. Department of Commerce. To learn more about the Privacy Shield Frameworks, please visit https://www.privacyshield.gov/.