Case Study
Sandfly's Zero-Impact Agentless Linux EDR Secures Vay’s Remote Driving Fleet
Linux powers 63% of the world’s servers. Many of these servers are deployed within critical infrastructure, powering cloud computing, energy plants, communications systems, and embedded computers that control autonomous vehicles. When it comes to reliability and performance, any impact which negatively affects service could have significant financial or safety consequences. That’s why the question which weighs most on the minds of IT and security professionals is how does one secure these high-risk systems from cyber threats when most EDR products are built for low-risk desktops?
This is precisely the question that the technologists at Vay sought to address when they looked for solutions to protect their remote driving fleet. When your computers are responsible for controlling a 4 ton vehicle, an EDR agent with a mind of its own was too much risk to bear. That’s why Sandfly’s agentless EDR platform was the perfect solution. It provided three critical capabilities which addressed both functional and operational needs:
- Resource Efficiency: Zero impact, no agent, no syscall abuse
- Visibility: Insight into drift; created a feedback loop to R&D that didn’t exist prior
- End-User Control: Customer decides when, where and how EDR scans occur to ensure it never impacts performance
Background and Challenges
Vay pioneers commercial remote driving technology that enables Remote Drivers to drive vehicles on public roads from afar. Their safety-critical service demands absolute reliability, near-zero latency, and compliance with stringent automotive cybersecurity standards.
Vay's safety-critical technology required robust Linux security and system visibility across its rapidly scaling fleet. This highlighted a core industry challenge: securing high-risk Linux systems using EDR designed for desktops, where performance impacts are critical. Traditional agent-based tools would pose unacceptable latency, performance, and reliability risks on resource-constrained systems.
Technology Environment
Hybrid Linux infrastructure including NVIDIA-based embedded vehicle systems, on-premises servers, Remote Driving Stations, and cloud services. Sandfly integration via API; SIEM integration for alerts.
Key Risk Factors
- Safety & Operational Risk: Security tool performance hits could directly compromise vehicle control and safety
- Compliance & Business Risk: Failure to secure the fleet would jeopardize ISO 21434 compliance, brand reputation, and ability to scale
- Visibility Risk: Lack of monitoring created unknown vulnerabilities across an expanding attack surface
Requirements
Sandfly's agentless Linux security gives us visibility without impacting our remote-driving systems where performance directly affects public safety. We can't compromise on either security or stability when lives are at stake.
Solution: Sandfly Agentless Linux Security
Vay selected Sandfly Security's agentless Linux platform – the only approach meeting their stringent needs. Sandfly provided deep Linux visibility without endpoint agents, eliminating performance risks and giving 100% control to the Vay team for securing a time sensitive, mission critical environment. Extensive testing validated its compatibility, minimal impact, and operational safety. Vay leveraged Sandfly's API for controlled, non-disruptive scanning during vehicle idle times.
Results
From a high-level perspective, what Sandfly fundamentally brings us is visibility. For a growing company like ours, that's the first critical security issue that needs addressing - you can't secure what you can't see. Sandfly enabled us to have comprehensive monitoring and observability across our entire vehicle fleet, providing insights we simply couldn't get with other solutions.
We frequently face questions about our security posture, such as how we handle vulnerability management or potential network issues caused by attacks like LTE spoofing, mobile data jamming, or GPS jamming. Sandfly directly addresses a key part of this: how we monitor for attacks across our vehicle fleet.
Get Linux EDR that is fast and safe
Linux powers 90% of public cloud workloads, more than 44% of embedded systems, and 100% of the world’s supercomputers. Securing these critical infrastructure devices demands security without negative resource impacts. Sandfly protects Linux with zero impact EDR, extensive visibility, and 100% end–user control to protect key systems without compromise.