NordVPN, a leading cybersecurity company developed by Nord Security, has undergone independent infrastructure and app security evaluations. Germany-based cybersecurity company Cure53 examined the security concepts and maturity of NordVPN’s architecture and highlighted Nord Security’s eagerness to ensure transparent operations, advanced online security, and reliable user privacy.
“Dedication to product development and a happy customer always pay off. We continuously improve the overall performance of our service and develop advanced VPN features, giving our users increased online security. Our developers fixed all detected vulnerabilities, and they were approved by Cure53, ensuring that NordVPN implemented all mitigations correctly,” says Marijus Briedis, CTO at NordVPN.
The third-party auditors conducted penetration tests and source code audits on the NordVPN servers, infrastructure, and NordVPN desktop applications for Windows, Linux, and macOS as well as the mobile applications for Android and iOS.
It’s important to note that tests confirmed exceptionally good results regarding NordVPN’s mobile applications. The final report states that mobile applications “garnered a robust impression and are observably effective in minimizing the attack surface.”
In addition, Cure53 investigated and assessed the NordVPN websites, browser extensions, API, and Threat Protection API as well as the Pricing API, Nord Account, Nord Checkout, Nord UCP, VPN servers, and NordLynx server-side code.
“In summation, the relatively typical volume of vulnerabilities detected for a scope of this magnitude indicates that the entire client software complex has already made strong progress from a security perspective,” the Cure53 report states.
The server and infrastructure examination was performed in September and October 2022, while apps and add-ons were inspected in July and August 2022.
Complete reports of these assessments are accessible to all of our users via the user control panel on our website or simply by following one of the links: app security assessment report and infrastructure security assessment report.
In January, NordVPN also announced its third no-log policy assurance engagement. Deloitte, an industry-leading Big Four auditing firm, found that NordVPN’s customers are provided with a VPN service compliant with its no-logs policy.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!
