TRANSPARENCY CENTERS

Transparency Centers serve as facilities for trusted partners to access reviews of the company’s code, software updates and threat detection rules, along with other activities. Through them, we provide governments and partners with information on our products and their security, including essential and important technical documentation, for external evaluation in a secure environment.

Kaspersky’s first Transparency Center was open in November 2018 in Zurich, Switzerland. In June 2019 another Transparency Center was opened in Madrid that also serves as a briefing center where trusted stakeholders can learn more about the company’s portfolio, engineering and data processing practices.

Kaspersky plans to open additional centers in Kuala Lumpur and São Paulo with the same functionality. At all of Kaspersky’s Transparency Centers, the company provides the opportunity to compile the company’s software from its source code and compare it with the publicly available one.

No other cybersecurity provider has done anything as far reaching as this. In opening its Transparency Centers, Kaspersky makes a significant step towards becoming completely transparent about its protection technologies, infrastructure and data processing practices.

To request access to the Transparency Center, please contact TransparencyCenter@kaspersky.com or visit the website.





Access policy The security and protection of our customers is our top priority; therefore, we follow the strictest access-policy practices and reserve the right to turn down a request if it could potentially cause a security breach. The Transparency Center welcomes: ⚬ State agencies and regulators responsible for national cybersecurity and the protection of information systems (decreed as such by the respective local legislation); ⚬ Prospective and existing enterprise partners and customers of Kaspersky anywhere in the world. Academia, media and information security community experts are being considered as potential invitees to the Transparency Center in the future Under no circumstances whatsoever will Kaspersky provide intelligence or law enforcement agencies that have a mandate and/or capability for cyber-offensive operations with access to the Transparency Center. The security information and infrastructure in the Transparency Center are provided by Kaspersky strictly for consultation purposes only. Any actions to modify the company’s source code, software updates, or threat detection rules are forbidden and will be prevented by the TC Steering team; any abuse will be reported to the local law enforcement agency.







INDEPENDENT AUDIT

Kaspersky has successfully completed the Service Organization Control for Service Organizations (SOC 2) Type 1 audit conducted by one of the Big Four accounting firms.

The Service Organization Controls (SOC) Reporting Framework is a globally recognized report for cybersecurity risk management controls, developed by the American Institute of Certified Public Accountants (AICPA) to inform customers about effective design and implementation of security controls. Being a responsible and transparent company for its customers, Kaspersky has chosen this standard to demonstrate the trustworthiness of its product and the company’s commitment to the AICPA Trust Service Principles and Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy.

The final report confirms that the development and release of Kaspersky’s threat detection rules databases (AV databases) are protected from unauthorized changes by strong security controls. To learn more and to request the Kaspersky SOC 2 Type 1 Report, please visit the website.



