{"id":83283,"date":"2026-05-28T14:02:49","date_gmt":"2026-05-28T14:02:49","guid":{"rendered":"https:\/\/ciaoup.it\/?p=83283"},"modified":"2026-05-28T14:02:49","modified_gmt":"2026-05-28T14:02:49","slug":"dji-releases-findings-of-the-most-comprehensive-independent-security-assessment-of-its-drone-systems-to-date","status":"publish","type":"post","link":"https:\/\/ciaoup.it\/?p=83283","title":{"rendered":"DJI Releases Findings of the Most Comprehensive Independent Security Assessment of Its Drone Systems to Date"},"content":{"rendered":"

COMUNICATO STAMPA – CONTENUTO PROMOZIONALE<\/p>\n

Zero Critical, High, or Medium-Risk Findings Identified Across Five Months of Adversarial Testing by U.S. Cybersecurity Firm OnDefend of the DJI Air 3S and Matrice 4E\u00a0<\/p>\n

SHENZHEN, China, May 28, 2026 \/PRNewswire\/ —\u00a0DJI, the world’s leading drone manufacturer, today released the findings of an independent security assessment conducted by\u00a0
\nOnDefend, a U.S.-based cybersecurity firm trusted by national security stakeholders and enterprise leaders. The assessment covered the DJI Air 3S with RC 2 controller and the DJI Matrice 4E with RC Plus 2 Enterprise controller, subjecting both systems to advanced adversarial testing across software, hardware, and radio frequency domains.\u00a0<\/p>\n

The assessment was authorized by DJI but conducted independently. To preserve the integrity of the evaluation, consumer units were procured directly from retail outlets without pre-notification to DJI, and enterprise units were sourced from existing dealer stock. All tested devices reflect standard U.S. market distribution.\u00a0<\/p>\n

Key Findings\u00a0<\/p>\n

The assessment produced zero critical, high, and medium-risk findings. Specifically:\u00a0<\/p>\n

Low-Risk Findings and Remediation\u00a0<\/p>\n

Ten low-risk findings and thirteen observations were identified, consistent with industry norms for complex mobile and embedded systems. They were primarily related to application security configurations, session handling, and wireless hardening. None presented a realistic risk to safe drone operation or to widespread exposure of confidential information. DJI collaborated with OnDefend on potential remediation during the engagement and is working to address remaining items in subsequent software releases.\u00a0<\/p>\n

“During the window of testing, OnDefend’s assessment of the Air 3S and Matrice 4E drone systems identified no clear evidence of hidden backdoors, no data transmissions outside the United States, and no viable pathways for hijacking or weaponization. No critical or high-risk findings were observed. To maintain national security assurance, ongoing testing of firmware, software updates, and verification of hardware and chip integrity are recommended for continuous and ongoing validation.” \u2014 OnDefend 2026 DJI Security Assessment\u00a0<\/p>\n

“This is the most comprehensive independent security assessment ever undertaken on our products,” said Adam Welsh, Head of Global Policy at DJI. “These findings confirm what DJI has consistently maintained: our products are secure, our data practices are transparent, and the concerns underlying our FCC Covered List designation are not supported by technical evidence. We commissioned this independent assessment because we believe facts should inform policy decisions. We are calling on the FCC to consider these findings carefully as part of our ongoing appeal, and we remain committed to engaging constructively with relevant authorities.”\u00a0<\/p>\n

What Was Tested and How\u00a0<\/p>\n

The engagement ran from October 2025 through March 2026 and was structured around three national security concerns: data sovereignty, hardware vulnerabilities, and drone manipulation risks.\u00a0<\/p>\n

As part of the independent assessment, OnDefend conducted hardware and firmware testing that extended far beyond conventional cybersecurity validation. Leveraging its proprietary hardware testing technology and capabilities to perform advanced teardown, RF, and silicon-level analysis designed to identify unauthorized transmission pathways, covert RF channels, counterfeit components, undocumented modifications, hidden antennas, and broader supply chain integrity risks.\u00a0<\/p>\n

On the software side, OnDefend conducted static and dynamic application security testing of the DJI Fly and Pilot 2 applications, full network traffic analysis across standard and local data mode operation, and adversary simulation including meddler-in-the-middle attacks, certificate bypass, privilege escalation, and jailbreak attempts.\u00a0<\/p>\n

On the hardware side, the OnDefend team, enabled by their proprietary hardware testing technology, performed full-spectrum radio frequency scanning from 1 MHz to 6 GHz, PCB-level hardware teardown and component analysis, supply chain integrity verification, and RF exploitation testing including replay, jamming, and injection attacks.\u00a0<\/p>\n

Why OnDefend Was Selected as the Independent Security Inspector\u00a0<\/p>\n

OnDefend’s offensive security team includes U.S. military and government professionals with deep operational experience in national security. The firm specializes in\u00a0
\nadvanced adversarial testing designed to identify national security, supply chain, and technology integrity risks across software, hardware, and supply chain environments. Its proprietary testing technology uses AI-driven imaging and silicon-level analysis to identify unauthorized transmission pathways, counterfeit components, and undocumented hardware modifications, testing capabilities typically not part of standard hardware security assessments.\u00a0<\/p>\n

Testing Engagement\u00a0<\/p>\n

The findings reflect a defined window of testing. As with any point-in-time assessment, findings are specific to the software, firmware, and hardware versions evaluated during the engagement period. OnDefend has recommended that continuous independent validation be conducted as updates are released.\u00a0<\/p>\n

Context: FCC Covered List Designation\u00a0<\/p>\n

DJI’s inclusion on the FCC Covered List in December 2025 was not accompanied by the identification of a specific, documented security vulnerability. DJI has appealed this designation and has consistently requested a transparent, evidence-based technical review.\u00a0<\/p>\n

DJI drones are widely used across public safety, agriculture, infrastructure, and creative industries in the United States. Restrictions on access to its technology would have downstream impacts on operational capability, business continuity, and cost structures for users across these sectors:\u00a0<\/p>\n

For more information on this audit, read the executive summary and visit the\u00a0
\nDJI Trust Center to learn more about DJI’s continued investments in product security and independent validation.\u00a0<\/p>\n

View original content:https:\/\/www.prnewswire.co.uk\/news-releases\/dji-releases-findings-of-the-most-comprehensive-independent-security-assessment-of-its-drone-systems-to-date-302784397.html
\n\u00a0<\/p>\n

Copyright 2026 PR Newswire. All Rights Reserved.\u00a0<\/p>\n

COMUNICATO STAMPA – CONTENUTO PROMOZIONALE: Immediapress è un servizio di diffusione di comunicati stampa in testo originale redatto direttamente dall’ente che lo emette. L’Adnkronos e Immediapress non sono responsabili per i contenuti dei comunicati trasmessi<\/p>\n

—<\/p>\n

immediapress\/pr-newswire<\/p><\/p>\n

\n\t\t<\/a>\n\t\t<\/div>","protected":false},"excerpt":{"rendered":"

COMUNICATO STAMPA – CONTENUTO PROMOZIONALE Zero Critical, High, or Medium-Risk Findings Identified Across Five Months…<\/p>\n","protected":false},"author":3,"featured_media":83284,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[23],"class_list":["post-83283","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-comunicati","tag-immediapress"],"_links":{"self":[{"href":"https:\/\/ciaoup.it\/index.php?rest_route=\/wp\/v2\/posts\/83283","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ciaoup.it\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ciaoup.it\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ciaoup.it\/index.php?rest_route=\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/ciaoup.it\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=83283"}],"version-history":[{"count":1,"href":"https:\/\/ciaoup.it\/index.php?rest_route=\/wp\/v2\/posts\/83283\/revisions"}],"predecessor-version":[{"id":83344,"href":"https:\/\/ciaoup.it\/index.php?rest_route=\/wp\/v2\/posts\/83283\/revisions\/83344"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ciaoup.it\/index.php?rest_route=\/wp\/v2\/media\/83284"}],"wp:attachment":[{"href":"https:\/\/ciaoup.it\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=83283"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ciaoup.it\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=83283"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ciaoup.it\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=83283"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}