Egnyte built Storage Sync on an open systems platform that goes through a periodic and thorough security review. Egnyte makes every effort to review the highest severity vulnerabilities that are required by organizations such as the Common Vulnerabilities and Exposures organization (CVE). If such remediations are deemed necessary by CVE, Storage Sync will patch the system at the next available patch release.
Other requirements that are more invasive to the core functionality of the product will go through updates determined by both internal and external stakeholders. Updates to the kernel, python, samba, and other libraries are often updated on a major release schedule. In the past, Storage Sync had been benchmarked against the Center for Internet Security (CIS) test suite.
In all cases, our internal and dedicated security teams review and perform pen-tests against all applications. The security teams validate, sign-off, and make recommendations to changes to all Egnyte products.