Why Trust Byos?
Security is in our DNA and engrained in everything we do. Our commitment to security is reflected in the products we build and the way we operate, all for the protection and integrity of the customer.
We do not read µGateway traffic data and we also never sell or rent personal information to third parties.
The communications between the µGateway and Management Console are encrypted end-to-end.
Our servers are compliant with Cloud Security Alliance standards, further protecting you against vulnerabilities.
All security processing is done locally within the µGateway, independent of cloud servers, reducing your exposure and protecting your data.
The µGateway has multiple layers of protection built in, including both Hardware and Software security mechanisms.
We perform testing at all product stages, including SSDLC, internal and 3rd-party pen tests, and offer an open bug bounty program.
Byos µGateway hardware runs a proprietary, hardened and customized Unix-based OS that has customized network services, signed hardware drivers, and a recompiled kernel to change its fingerprint.
Residing above the base OS, the Byos core has a proprietary attack knowledge base, decision-making algorithm, network health detection service and multi-layer API.
Input sanitization of communication requests between the layers occurs within the µGateway, as different layers cannot speak directly with each other – the front end cannot speak directly to the base OS, and the Byos core cannot communicate directly with the hardware, thereby increasing security.
Secure Software Procedures
Byos’ development team follows a Secure Software Development Lifecycle (SSDLC) with its internal security team performing continuous testing. For external security testing, the company goes through continuous third-party audits, ensuring the highest level of accountability. For more information, please visit the Resources section to read the white papers.
Our servers are compliant with Cloud Security Alliance standards:
Data in transit encryption is TLS 1.2/1.3
Data at rest encryption is AES 256
We do not retain or track DNS log information
We do not store personal customer information in our servers
Bug Bounty Program
As part of Byos’ commitment to security, we run an open Bug Bounty Program, rewarding researchers who share with us critical issues and the techniques used to exploit them. We make it a priority to resolve confirmed issues as quickly as possible in order to best protect customers. Vulnerabilities found in the following aspects of the Byos Endpoint Micro-Segmentation Solution are encouraged to be reported to Byos:
Interested in participating in the Bug Bounty Program? Buy a µGateway and begin testing for yourself.
Built in North America
The µGateway has a proprietary hardware board that is manufactured in Canada and the USA, with a certified supply chain of components and a certified chain of custody of software, assuring the product does not contain hidden backdoors.