A Profitable Penetration Take a look at by White Knight Labs – sUAS Information – The Enterprise of Drones
At Aloft, we take nice pleasure within the safety of our merchandise and group. In partnership with Anzu Robotics, we’ve launched Air Management for the Raptor. This product has been constructed during the last twelve months to safeguard your knowledge and allow safe flight. We engaged White Knight Labs, a famend third-party cybersecurity agency, to conduct a complete penetration take a look at to make sure that the Anzu Raptor meets the very best safety requirements. Because the previous saying goes, “With nice energy comes nice accountability,” so we additionally needed to make sure that buyer knowledge was at all times encrypted with communications solely to Aloft servers.
In constructing and designing the Raptor flight expertise, we needed to deliver ahead one of the best components of the {hardware} and firmware supplied within the licensed expertise whereas making a essentially higher and extra empowered flight expertise. For instance, we eliminated the geofencing so there is no such thing as a spurious geofencing or blocking of your flights with Raptor drones.
White Knight Labs examined and validated these core knowledge components of their evaluation. With the default setup with Aloft working out of the field, your knowledge is safe and stays solely within the Aloft Air Management platform.
What’s Static and Dynamic Evaluation of Visitors?
White Knight Labs utilized static and dynamic evaluation methodologies to evaluate the safety of the Anzu Raptor and Air Management utility. These methodologies contain inspecting the system’s code and habits in a managed surroundings to establish vulnerabilities or weaknesses.
Static Evaluation entails reviewing the supply code, configuration information, and system structure with out executing the code. By meticulously analyzing the static parts of the Anzu Raptor, White Knight Labs can establish any potential safety flaws within the design and implementation levels.
Dynamic Evaluation entails observing the system in operation, analyzing the information site visitors, and monitoring the drone’s habits in real-time. By executing the system in a reside surroundings, White Knight Labs can establish vulnerabilities that solely turn out to be obvious throughout precise use. Particularly, we needed to check your complete lifecycle of the Raptor, from preliminary registration to takeoff, touchdown, photographs, and flight logs.
The White Knight Labs Evaluation
White Knight Labs is extremely regarded within the cybersecurity business for its static and dynamic site visitors evaluation experience. Their group of seasoned professionals employed trendy data safety instruments and methods to scrutinize the information movement of Anzu Raptor, coming from the Anzu Raptor, and talk with the Aloft Air Management utility and servers.
1. Knowledge Transmission Targets: One of many main considerations for this expertise is the safety/vacation spot of information transmission. White Knight Labs meticulously analyzed the information movement from the Anzu Raptor and confirmed that each one knowledge was completely being despatched to Aloft servers. This verification ensures that no delicate data was noticed being leaked or intercepted by unauthorized events.
2. References to Chinese language Domains: Throughout their evaluation, White Knight Labs recognized a number of references to Chinese language domains throughout the system, though no knowledge was flowing to them. Aloft promptly remediated these findings by eradicating the references, additional enhancing the safety of our platform. This proactive measure underscores our dedication to sustaining a safe and reliable product.
The Significance of Third-Occasion Attestation
Partaking a good third get together like White Knight Labs gives a further layer of assurance for our clients. Their thorough and unbiased analysis of the Anzu Raptor validates our dedication to knowledge safety. By remediating findings and guaranteeing that each one knowledge is securely transmitted to encrypted Aloft servers, we have now strengthened the integrity and reliability of the Raptor+Aloft platform. We consider that safety wants transparency and bringing in outdoors events for evaluation is one of the best ways to believe in our platform.
Whereas Aloft undergoes annual SOC 2 Sort II and ISO 27001 safety certifications, together with FAA audits as an accepted UAS Service Provider for LAANC, we often endure third-party analyses and penetration assessments. Working with suppliers like White Knight Labs will proceed to be a core a part of our course of for our airspace, UTM, fleet administration, and {hardware} integrations.
Conclusion
The profitable penetration take a look at carried out by White Knight Labs is a major milestone for the Anzu Raptor. It demonstrates our unwavering dedication to delivering a safe and dependable product. At Aloft, we perceive the significance of belief and safety in right now’s digital panorama. By partnering with main cybersecurity consultants and constantly enhancing our safety measures, we purpose to offer our clients with peace of thoughts, realizing that their knowledge goes precisely the place they intend it to.
Our vigilance doesn’t cease with this report. As with something in safety, it’s an iterative and ongoing course of. We’ll proceed to enhance the platform’s posture within the coming weeks, months, and years. For any firmware updates or product expansions with Anzu, we’ll be conducting related and ongoing analyses to make sure that your knowledge stays safe, encrypted, and solely on US-based Aloft servers always.
If you want a duplicate of the attestation letter or wish to focus on the Anzu+Aloft product in additional element, please e mail infosec@aloft.ai.
