One of the best VPN services available, NordVPN, called in an independent cybersecurity company to test the security of its software.
Cure53’s experts examined both Nord’s server infrastructure and the security of all its applications, with an overall “solid impression.”
These results once again confirmed the provider’s commitment to transparency, advanced online security and reliable user privacy.
Not long ago, Nord also passed its third no-logs audit with flying colors.
Transparency and security are at the heart of NordVPN
“Commitment to product development and a satisfied customer always pays off. We are constantly improving the overall performance of our services and developing advanced VPN features, ensuring our users are more secure online,” said Marijus Briedis, CTO at NordVPN.
Strong online security is indeed a key feature of a VPN service. Something that the biggest name on the market decided to analyze.
Third-party auditors conducted a series of white-box penetration tests and source code audits to evaluate NordVPN’s servers, infrastructure, as well as desktop applications (Windows, Linux, macOS), and Android and iOS VPN VPN apps.
The tests were carried out in September/October and July/August 2022, respectively.
Nord’s server and infrastructure audit found a total of eleven issues, of which only one was classified as a vulnerability.
Experts were happy to confirm that NordVPN is safe, leaving a “relatively strong impression” overall.
Nord’s VPN app test, however, left a mixed impression, with a total of 22 amidst some vulnerabilities and general weakness.
Despite finding a number of areas for improvement, Cure53 confirmed that “the entire client software complex has already made significant progress from a security standpoint.”
Moreover, many of these issues no longer exist or are planned to be fixed soon in upcoming updates.
“Our developers fixed all vulnerabilities found and they were approved by Cure53, ensuring that NordVPN properly implemented all mitigations,” said Briedis.
Full reports are available for viewing via the user panel. Alternatively, follow application security assessment report (opens in a new tab) AND infrastructure security assessment report (opens in a new tab) cufflinks.