KASPERSKY LAB TRANSPARENCY CENTER

No other cybersecurity provider has done anything as far reaching as this.
In opening the Center, Kaspersky Lab takes a significant step towards becoming completely transparent about its protection technologies, infrastructure and data processing practices.


Transparency Center

What is Transparency Center?

A dedicated facility to review the company's code, software updates, threat detection rules and other technical and business processes.

We provide the security information and infrastructure in the Transparency Center for consultation purposes only.

Any actions to modify the company’s source code, software updates, or threat detection rules are forbidden, and will be prevented by Kaspersky Lab; any abuse will be reported to the local law enforcement agency.

Software Assembler

Who can check the source code?

We welcome:

  • State agencies and regulators responsible for national cybersecurity and the protection of information systems (decreed as such by the respective local legislation);
  • Enterprise partners and customers of Kaspersky Lab anywhere in the world.

Academia, media and information security community experts are being considered as potential invitees to the Transparency Center in the future.

How to get access

How to get access?

To request access to the Transparency Center, please contact TransparencyCenter@kaspersky.com

Our Transparency Centers are located in Zurich (Switzerland) and Madrid (Spain).

Kaspersky Lab Transparency Center

We invite government experts and enterprise clients to review the company's source code, software updates, and threat detection rules, and other technical and business processes

Kaspersky Lab's experts will assist and provide any technical consultations on the company's source code and technologies

Conveyor


At the Transparency Center there are three options for independent assessment of Kaspersky Lab products:

Transparency Center

‘Blue Piste’ - An overview of (i) Kaspersky Lab’s security and transparency best practices, (ii) its products and services, and (iii) its data center. The company’s security experts will answer any questions regarding the company’s data processing practices and the functioning of Kaspersky Lab’s solutions, together with a live demonstration of a source-code review. This is the best option for getting acquainted with both the company’s engineering practices and unparalleled data protection standards.

Software Assembler

‘Red Piste’ - A review of the most critical parts of the source code by a client or regulatory stakeholder, assisted by the company’s experts. This option permits a more targeted, less time-consuming analysis of particular functionality, yet still enables one to become fully assured of the code’s safety.

How to get access

‘Black piste’ - The deepest and most comprehensive review of the most critical parts of Kaspersky Lab’s source code, assisted by the company’s experts. This option is provided to both regulatory stakeholders and clients who want to conduct a comprehensive code review and get the highest possible assurance of both the quality and security of Kaspersky Lab products. For experts only.


Government regulators and enterprise clients might request to:

  • Review our secure software development documentation, including threat analysis, secure review, and application security testing processes;
  • Review the source code of: Kaspersky Internet Security (KIS), our flagship consumer product; Kaspersky Endpoint Security (KES), our flagship enterprise product; and Kaspersky Security Center (KSC), a control console for our enterprise products;
  • Review all versions of our builds and AV-database updates;
  • Review types of information which, in general, Kaspersky Lab products send to the our cloud-based Kaspersky Security Network (KSN);
  • Rebuild the source code to make sure it corresponds to publicly available modules;
  • Review the results of an external audit of the company’s engineering practices conducted by one of the Big Four accounting firms.

SECURITY OF OUR CUSTOMERS IS A TOP PRIORITY FOR US

We follow the strictest access-policy practices and reserve the right to turn down a request if it could potentially cause a security breach.

Under no circumstances whatsoever will Kaspersky Lab provide intelligence or law enforcement agencies that have a mandate and/or capability for cyber-offensive operations with access to the Transparency Center.