|
KEY TAKEAWAYS
|
DJI was recently added to the FCC’s Covered List. It’s a decision with real consequences, not just for our company, but for the people and industries across the United States that rely on our technology every day.
What’s notable is how we got here. It is because of a missed statutory deadline, and not the result of a completed technical investigation or the identification of a specific security vulnerability - as the FY25 National Defense Authorization Act (NDAA) intended. To date, no U.S. agency has publicly identified a specific, documented security threat associated with DJI products.
We have consistently asked for the opportunity to engage in a transparent, technical review of our products. We continue to believe that decisions of this importance should be grounded in evidence. In the absence of that process, we chose to take a step forward ourselves.
We engaged OnDefend, an independent U.S.-based cybersecurity firm, to conduct a rigorous assessment of two DJI drone systems: the DJI Air 3S paired with the RC 2 controller, and the DJI Matrice 4E paired with the RC Plus 2 Enterprise controller.
This is the most comprehensive independent security assessment ever undertaken on our products.
Devices were sourced through standard retail channels, with no special preparation from DJI, and tested under conditions designed to reflect real-world threat scenarios. Two units of each system were evaluated across multiple environments, with testing repeated to validate results. The scope included network behavior, radio frequency emissions, software security, and hardware integrity.
The bottom line is OnDefend's assessment of the scoped drones identified no hidden backdoors, data transmission outside the United States, or viable pathways for hijacking or weaponization. No Critical or High-risk findings were observed.
On the issues most central to the national security discussion, the conclusions were equally direct:
As with any complex, connected technology, the assessment did identify a number of low and very low risk findings, but none represent a realistic risk to safe operation or widespread data exposure, and mitigations are already underway.
OnDefend's audit is one in a long line of audits that show DJI is not a security risk. This means that U.S. businesses, law enforcement, farmers, hobbyists and more are being asked to forgo a product that has been proven safe again and again.
These are practical, real-world consequences. And they sit alongside a simple reality: the independent assessment we commissioned found no evidence of the risks that are often cited in this debate.
American drone users deserve access to safe, reliable, and innovative tools that meet their needs. We will continue to engage openly, improve our products, and advocate for decisions grounded in transparency, evidence, and real-world impact.
To learn more about DJI security and privacy, visit the DJI Trust Center.