Kaspersky
is announcing the opening of its latest Transparency Center in Seoul, South
Korea, reaffirming its commitment to delivering the best security assurance for
its products and services. Located in the Kaspersky office, the new facility will
provide the company’s stakeholders with services ranging from an overview of
Kaspersky’s practices, to a review of product source codes.
Kaspersky served as a pioneer in advancing digital trust by launching the Global
Transparency Initiative (GTI) and becoming the first cybersecurity company to
open its source code for external review. Advocating for a verifiable approach
to the trustworthiness of cybersecurity products, Kaspersky has been providing
the company’s stakeholders with the opportunity to conduct independent reviews
of its threat detection rules, software updates, and even the source code of
its solutions at Transparency Centers across the globe.
The Kaspersky Transparency Center in Seoul – the fourth
in the APAC region – will welcome the company’s customers and business partners,
as well as local regulators responsible for cybersecurity. Guests will be able
to choose one of three review options for their visit, depending on the depth
of security assessment needed:
- “Blue piste” offers a general overview of the security
development processes of Kaspersky products and services, as well as its data
management practices;
- “Red piste” allows for a review of the most critical
aspects of source code, assisted by the company’s specialists, and provides a
targeted analysis of a particular functionality;
- “Black piste” enables visitors to conduct the most
comprehensive and thorough source code review, with the help of Kaspersky’s
experts.
The company’s secure software development
documentation, including threat analysis, secure review, and application
security testing processes, as well as the Software Bill of Materials can also
be examined in the course of a Transparency Center visit.
“Kaspersky
Transparency Centers are a testament to our commitment to building a more
accountable cybersecurity ecosystem. By opening our new Seoul Center, we
believe that, by sharing our practices with the broader community, we can
foster greater trust in ICT solutions, while also contributing to the
collective effort to combat global cyberthreats.”
In addition to Transparency Centers, since its launch Kaspersky’s
GTI also introduced additional mechanisms to enhance digital trust and promote
greater accountability in the cybersecurity field. These include the relocation
of cyberthreat-related data storage and processing to Zurich, Switzerland; independent
third-party reviews of internal processes and engineering practices; the launch of a
security training Cyber Capacity Building Program; increasing of bug bounty rewards
up to US$100k per the most critical vulnerabilities found in Kaspersky
products,
and releasing Transparency Reports, consisting of two parts and revealing
information on requests received from government and law enforcement agencies,
and users for their personal data.
New edition of Kaspersky’s Transparency report
Kaspersky publicly shares its approach to responding to requests from
government and law enforcement agencies in two categories — user data and
technical expertise. The company’s latest “Law Enforcement and Government Requests”
report, covering the first half of 2024, reveals it received a total of
61 requests from nine countries during the reporting period, with all requests
asking for technical expertise. This constitutes a 10.3 percent decrease in the
number of requests compared to the same period in 2023. Along with the data on
law enforcement and government requests, the report on user requests for provision or removal of stored
information has been published.
The measures introduced as part of the GTI constitute
a comprehensive framework that can help external parties assess the security
and trustworthiness of our cybersecurity products. Additionally, these measures
constitute an industry best practice increasing resilience against digital
risks. To learn more about the GTI or request access to the Transparency Center,
please visit the website. About Kaspersky
Kaspersky is a global cybersecurity and
digital privacy company founded in 1997. With over a billion devices protected
to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep
threat intelligence and security expertise is constantly transforming into
innovative solutions and services to protect businesses, critical
infrastructure, governments and consumers around the globe. The company’s
comprehensive security portfolio includes leading endpoint protection,
specialized security products and services, as well as Cyber Immune solutions
to fight sophisticated and evolving digital threats. We help over 200,000
corporate clients protect what matters most to them. Learn more
at www.kaspersky.com.