In-Depth Application Penetration Test Confirms Security of NordVPN’s Apps
This October, NordVPN has completed an application security audit. The in-depth application penetration test was conducted by an independent auditor VerSprite, one of the leading cybersecurity consulting firms, which specializes in finding threats, risks, and vulnerabilities in application software.
“This audit made our apps even stronger. After the initial test, our developers followed the auditor’s recommendations and implemented a few changes,” explains Ruby Gonzalez, NordVPN’s Head of Communications. “We intend to regularly audit our service in the future.”
NordVPN’s application penetration test covered NordVPN’s API endpoint and Clients Panel, mobile apps for iOS and Android, and desktop applications for Windows and macOS.
The VerSpirte’s penetration testing methodology is based on real-world attack simulations by a malicious actor. Auditors focused on identifying high-impact vulnerabilities that could lead to IP leaks, breaching confidential user data, and overall privilege escalation.
Just recently NordVPN received another good evaluation during the extensive VPN test by the AV-TEST GmbH. The independent research institute for IT security from Germany distinguished NordVPN for its speed, security, and bypassing censorship.
A year ago, NordVPN completed another third-party audit. Then PricewaterhouseCoopers AG (Switzerland) performed an industry-first audit of NordVPN’s no-logs policy.
At the moment NordVPN is used by over 12 million users worldwide and has over 5,000 servers in 60 countries. This year, Panama-based company announced three new tools: a new-generation password manager NordPass, a powerful file encryption tool NordLocker, and a VPN solution for businesses and teams NordVPN Teams.