Sandfly 5.5 - AI-Powered Analysis and BPFDoor Detection. Learn more
PartnersSupportContact Us
Get Sandfly

Case Study

Sandfly's Zero-Impact Agentless Linux EDR Secures Vay’s Remote Driving Fleet

Innovative remote-driving technology company implements Sandfly's agentless security to maintain critical performance standards while ensuring fleet-wide safety and performance

Linux powers 63% of the world’s servers. Many of these servers are deployed within critical infrastructure, powering cloud computing, energy plants, communications systems, and embedded computers that control autonomous vehicles. When it comes to reliability and performance, any impact which negatively affects service could have significant financial or safety consequences. That’s why the question which weighs most on the minds of IT and security professionals is how does one secure these high-risk systems from cyber threats when most EDR products are built for low-risk desktops?

This is precisely the question that the technologists at Vay sought to address when they looked for solutions to protect their remote driving fleet. When your computers are responsible for controlling a 4 ton vehicle, an EDR agent with a mind of its own was too much risk to bear. That’s why Sandfly’s agentless EDR platform was the perfect solution. It provided three critical capabilities which addressed both functional and operational needs:

  1. Resource Efficiency: Zero impact, no agent, no syscall abuse
  2. Visibility: Insight into drift; created a feedback loop to R&D that didn’t exist prior
  3. End-User Control: Customer decides when, where and how EDR scans occur to ensure it never impacts performance

Background and Challenges

Vay pioneers commercial remote driving technology that enables Remote Drivers to drive vehicles on public roads from afar. Their safety-critical service demands absolute reliability, near-zero latency, and compliance with stringent automotive cybersecurity standards.

Vay's safety-critical technology required robust Linux security and system visibility across its rapidly scaling fleet. This highlighted a core industry challenge: securing high-risk Linux systems using EDR designed for desktops, where performance impacts are critical. Traditional agent-based tools would pose unacceptable latency, performance, and reliability risks on resource-constrained systems.

Technology Environment

Hybrid Linux infrastructure including NVIDIA-based embedded vehicle systems, on-premises servers, Remote Driving Stations, and cloud services. Sandfly integration via API; SIEM integration for alerts.

Remote Driving Station

Key Risk Factors

  • Safety & Operational Risk: Security tool performance hits could directly compromise vehicle control and safety
  • Compliance & Business Risk: Failure to secure the fleet would jeopardize ISO 21434 compliance, brand reputation, and ability to scale
  • Visibility Risk: Lack of monitoring created unknown vulnerabilities across an expanding attack surface

Requirements

01.
Absolute Performance
No resource impact (latency, CPU/RAM) to ensure public safety and service reliability
02.
Agentless Control
Full command over security scan timing to prevent operational interference during active remote driving
03.
Robust Linux Security
Deep protection tailored for Linux to address unique threats and visibility gaps inherent in their environment
04.
Compliance & Scalability
Features and visibility supporting compliance requirements and safe fleet expansion
Sandfly's agentless Linux security gives us visibility without impacting our remote-driving systems where performance directly affects public safety. We can't compromise on either security or stability when lives are at stake.

Solution: Sandfly Agentless Linux Security

Vay selected Sandfly Security's agentless Linux platform – the only approach meeting their stringent needs. Sandfly provided deep Linux visibility without endpoint agents, eliminating performance risks and giving 100% control to the Vay team for securing a time sensitive, mission critical environment. Extensive testing validated its compatibility, minimal impact, and operational safety. Vay leveraged Sandfly's API for controlled, non-disruptive scanning during vehicle idle times.

Results

01.
Security Without Compromise
Fleet-wide Linux security achieved with verified zero impact on remote driving performance
02.
Complete Fleet Visibility
Essential monitoring and observability across vehicles and infrastructure:
03.
Baseline Enforcement & Risk Reduction
Established and maintained a "Golden Baseline," detecting drift and risks
04.
Operational Efficiency Without Drama
Eliminated agent management overhead, saving valuable security team time and resources
05.
Business Enablement
Supported ISO 21434 compliance needs, reduced endpoint security risk, and enabled safe operational scaling

Linux Secured

Learn how Vay secured their remotely driven vehicles with Sandfly.

From a high-level perspective, what Sandfly fundamentally brings us is visibility. For a growing company like ours, that's the first critical security issue that needs addressing - you can't secure what you can't see. Sandfly enabled us to have comprehensive monitoring and observability across our entire vehicle fleet, providing insights we simply couldn't get with other solutions.
We frequently face questions about our security posture, such as how we handle vulnerability management or potential network issues caused by attacks like LTE spoofing, mobile data jamming, or GPS jamming. Sandfly directly addresses a key part of this: how we monitor for attacks across our vehicle fleet.

Linux powers 90% of public cloud workloads, more than 44% of embedded systems, and 100% of the world’s supercomputers. Securing these critical infrastructure devices demands security without negative resource impacts. Sandfly protects Linux with zero impact EDR, extensive visibility, and 100% end–user control to protect key systems without compromise.

Protect Hosts Now

Case Study Tags:

AutomotiveLinux Security

Share this case study:

← Return to Case Studies