NordVPN passes major security test

By Anthony Spadafora
published

VPN provider gets a clean bill of health from VerSprite

NordVPN Windows
(Image credit: NordVPN)

NordVPN (opens in new tab) has completed an application security audit conducted by the cyber-risk consulting firm VerSprite to confirm the security of its VPN (opens in new tab) clients.

The VPN provider is pleased with the results and customers can now review VerSprite's attestation letter by heading to the service's User Control Panel though more detailed reports will soon be available as well.

  • We've built a list of the best VPN (opens in new tab) services available
  • These are the best Windows 10 VPN (opens in new tab) services for your PC
  • Also check out our list of the best Mac VPN (opens in new tab)

Digital privacy expert at NordVPN Daniel Makruson (opens in new tab) provided further insight on the results of the security audit in a press release, saying:

“During the test, VerSprite found no critical vulnerabilities. One vulnerability was given a high severity score, and the rest received a medium to low severity score. These vulnerabilities were mitigated for each platform in scope. This further proves NordVPN’s reliability and focus on user security, and addressing key security elements will help us keep the highest standards in the industry and improve even more.”

Penetration testing

In order to simulate real-world attack scenarios and threats, VerSprite (opens in new tab) uses the Pasta (Process for Attack Simulation and Threat Analysis) method which consists of a seven-stage process for manufacturing attacks and analyzing threats to NordVPN's environment.

During the security audit, auditors from the cyber-risk consulting firm focused on breaching confidential user data, identifying high-impact vulnerabilities that could lead to IP leaks and privilege escalation.

While NordVPN has received a clean bill of health after this latest security audit from VerSprite, this isn't the first time the service has been audited by a third-party. For instance, back in 2018, the company became the first VPN provider to have its no-logs policy (opens in new tab) audited by PricewaterhouseCoopersAG from Zurich, Switzerland. The Big 4 auditing firm performed a second audit last year and once again NordVPN's no-logs policy lived up to its name.

Regardless of whether you're using NordVPN to stay safe on public Wi-Fi (opens in new tab) or while working from home (opens in new tab), you can rest easy knowing the company places your security front and center.

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

See more VPN news