Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

Skip to main content

NordVPN has completed an application security audit

June 22, 2021

Advanced application penetration test affirms NordVPN’s security

NordVPN, the world’s leading VPN service provider, just completed a client security testing. A penetration testing was performed by VerSprite – a global leader in cybersecurity consulting and advisory services. NordVPN is pleased with the results. Meanwhile, users can review the attestation letter under the User Control Panel, with more detailed reports following later this week.

“During the test, VerSprite found no critical vulnerabilities. One vulnerability was given a high severity score, and the rest received a medium to low severity score. These vulnerabilities were mitigated for each platform in scope,” says Daniel Markuson from NordVPN. “This further proves NordVPN’s reliability and focus on user security, and addressing key security elements will help us keep the highest standards in the industry and improve even more.”

The basis of VerSprite’s penetration testing methodology is simulating real-world attack scenarios and threats by using PASTA (Process for Attack Simulation and Threat Analysis). The PASTA method consists of a seven-stage process for manufacturing attacks and analyzing threats to the NordVPN environment to minimize risk and the associated impact on the business. During the test, VerSprite auditors focused on breaching confidential user data, identifying high-impact vulnerabilities that could lead to IP leaks, and overall privilege escalation.

“Independent audits are one of the necessary elements to maintaining high-security standards and ensuring that our users’ trust in us is well-founded,” says Daniel Markuson, a digital privacy expert at NordVPN.

This is not the first third-party audit of NordVPN’s service. NordVPN routinely has its services evaluated by a third party. As an example, NordVPN holds claim to the industry’s first audit of its no-logs policy. It was performed by PricewaterhouseCoopers AG (Zurich, Switzerland), a Big 4 auditing firm and one of the most dependable and capable auditors in the world.

VerSprite is an operational risk management and security consulting firm that specializes in helping track high-profile threats, understand security risks and the related business impact, and improving cybersecurity postures.

NordVPN is a trusted online privacy and security solution used by over 14 million internet users worldwide. The Panama-based company offers strong encryption with advanced privacy features and is recognized by the most influential tech sites and IT security specialists. NordVPN is part of Nord Security. Nord Security is moving with confidence towards becoming an all-around cybersecurity solution. VPN service provider announced three tools: NordPass, a new-generation password manager; NordLocker, a powerful file encryption tool; and NordLayer, a new VPN solution for businesses, freelancers, and teams.



About NordVPN

NordVPN is the world’s most advanced VPN service provider used by over 14 million internet users worldwide. NordVPN provides double VPN encryption, malware blocking, and Onion Over VPN. The product is very user-friendly, offers one of the best prices on the market, has over 6,000 servers in 60 countries worldwide, and is P2P-friendly. One of the key features of NordVPN is the zero-log policy. For more information: nordvpn.com.