Despite careful examination by cybersecurity researchers, no significant vulnerabilities were found that could have been exploited to affect Atlas VPN users.
“The blackbox analysis during the Application Penetration Test of the Atlas VPN iOS client and its public backend components highlighted just a few Medium-to-Low risk issues, which proved fruitless to compromise the privacy of the users,” says the Head of Offensive Security at VerSprite. “I commend Atlas VPN for their transparency in sharing their findings with their customers.”
Auditors conducted an Application Penetration Test on the Atlas VPN iOS app, which was the focus of the audit. By simulating real-world cyber attack scenarios, they looked for any threats that could put data privacy, authenticity, integrity, and overall business reputation at risk.
The Atlas VPN team has already begun fixing the vulnerabilities discovered in the audit, however, decided to publish the test results immediately after ensuring that the identified vulnerabilities posed risks that would be managed and mitigated.
“We are very pleased with the results of the audit. Although this was our first independent security audit, very few vulnerabilities were found compared to similar products that have been on the market longer,” says Rachel Welch, the Chief Operating Officer of Atlas VPN. “We believe that regular product security testing should be an integral part of any product and service security strategy, and we plan to make it part of our regular practices.”
While few major VPN service providers are known to have undergone independent security testing, they are few and far between. By completing an independent security audit, Atlas VPN believes it can bring more transparency to the VPN market and encourage other providers to follow suit.
Read the latest edition of PCR’s monthly magazine below: