What type of data does ORION gather from my network?

ORION routinely gathers metadata about your system, which can include: drivers, processes, netstat, system binaries, registry settings, and file names in Windows auto execution paths. Other data that may be gathered to confirm evidence of intrusion include: potentially malicious binaries, fi le names of certain directories, live memory captures, and other system information. Date file contents (Word, Excel, etc) are not collected without approval from the client and only in the course of an intrusion investigation.

How is my Data stored?

The backend database is PostgreSQL. Access to the data is provided through the Core server REST API over HTTPS and all data access has fine-grained access controls associated at the user level.

Where is my data stored?

</strong class=”font-weight-bold”>Depending on the platform architecture selected by you during the onboarding process, your data may be stored: within R9B’s systems and data centers, on R9B platforms inside your network, or in a secured cloud infrastructure. The backend database is PostgreSQL and can be deployed on the same or a separate endpoint or virtual machine as the Core server.

Does ORION gather and/or store PII data from my network?

ORION gathers metadata, or data about data, from inside your network. The only exposure to any form of identifying information is: user name from your Domain or LDAP, company phone number stored within LDAP, and any other company included within LDAP. This data is not routinely collected. Authentication and access control are based on an LDAP model, and no usernames or passwords – either for the ORION platform or for Domain credentials – are stored by ORION.