Cyber Transparency Audit of Xcitium backend data – Q2 2024

10 October 2024

Transparency First
Then Trust

The world needs
more transparency
in the cybersecurity

One of the cornerstones of cybersecurity is to ensure that data and systems are protected from serious consequences. It is difficult to choose a product if a customer does not have the opportunity to check whether the software meets certain standards. Endpoint cybersecurity is a multibillion-dollar industry that lacks standardized policies, yet it impacts businesses around the world.

Endpoint security software is designed to minimize risk. A good way to make it clear for a user that a developer helps to mitigate that risk is to be transparent about how the application works and the processes in the developer’s infrastructure. By disclosing certain statistical information, it is possible to know and understand strengths of a product. This may lead to the resolution of the basic problem, that is the elimination of all remaining gaps. On the other hand, developers who are taking the difficult path of disclosing statistical data from end devices may face public criticism and control, but it is beneficial for all companies and institutions.

In an interpersonal relationship, clear rules are needed to build mutual trust. Transparency should be the cybersecurity industry’s motto to strengthen the end customer’s trust in the people who are responsible for the brand’s image. This is the only way to improve collective thinking about cybersecurity.

What is this audit?

Definition of "Cyber Transparency Audit"

As part of the “Cyber Transparency Audit”, the testing body as the Auditor checks data from a provider of a cybersecurity solution for historical compliance.

The audit is an independent assessment of a given system, organization, process, or entire project. The data is examined for compliance with specific guidelines that must be met. The main advantage of the audit is the participation of an external Auditor who is able to thoroughly check, and objectively indicate areas that need to be improved.

Obtaining the “Cyber Transparency Audit – Certified” certificate by a provider means that its effectiveness regarding historical data is confirmed.

The methodology and policy are available to anyone who meets the criteria, therefore anyone can join the project as the Auditor or Developer.

Security incidents in telemetry data

This report contains analyzed and anonymized telemetry data that originated from devices protected against malicious software by a product called Xcitium Advanced. The presented data show a correlation between potentially malicious activity on a Windows device, and actually confirmed malware. This is important because unknown files on employees’ computers that are not confirmed malware yet, can be a backdoor to serious threats such as ransomware or spyware.

Based on the analyzed historical data, we confirm that from 1 April 2024 to 30 June 2024, among 1 196 552 unknown 0-day files, no malware infection was recorded on systems that at this time were protected by Xcitium Advanced.

Key audit insights

The audit was prepared taking into account the following data set

  1. Devices with potentially malicious activity (virtualized files).
  2. Devices with confirmed malware status (virtualized files).
  3. The number of 0-day files classified as secure.
  4. Number of 0-day files classified as PUAs.
  5. Number of 0-day files classified as malware.
  6. Potential data leaks and active infections.

Audit Summary

This part of the report is a summary of the statistics collected from devices protected by Xcitium where potentially malicious activity has been detected in relation to confirmed malware as a result of uploading a file from a device for the analysis in the cloud.

The risk of unknown files on employees’ computers can lead to infections with ransomware, spyware, or other malicious software. Employees may accidentally download unknown files from the Internet, bring them to the company on their mobile devices, or download them from an email. These files can damage operating systems which consequently leads to loss of important data, and even encryption of infrastructure and deletion of backups.

From 1 April 2024 to 30 June 2024, out of 1 196 552 unknown 0-day files, not a single system infection with malware or potentially unwanted software (PUA) was detected that could contribute to data leakage.

Q2 2024 audit summary in numbers

Total
devices

46749

Number of files with malware status

(2.3%)
17570

Total
unknown files

1096550

Number of files with PUA/PUP status

(0.8%)
6632

Number of infected systems

infected
13

Number of data leaks

data leaks
13

Cyber Transparency Audit of Xcitium backend data

Newsletter

SIGN UP

Newsletter

SIGN UP FOR EMAIL NOTIFICATIONS FOR ENGLISH CONTENT ONLY!
SIGN UP