Companies in every sector, private and public, fall victim to cyberattacks which is why IT vendors who take proactive measures to protect data, systems, and endpoints are seen as responsible and trustworthy.
The Cyber Transparency Audit report is our opinion and analysis of telemetry data that is provided by developers of Endpoint Protection software.
As part of these analyses, we gain access to the developer infrastructure to independently audit anonymized information about files, threats, and secured devices by the developer software against cyberattacks.
We obtain data from the developer’s static infrastructure via API or graphical interface. The scope of this data and its details is discussed during the initial audit preparation. The auditor can verify developer’s data using test malware which should be included in telemetry.
In order to obtain the transparency certificate, it is necessary to meet all data compliance requirements in the audited period. During the audit, the developer must cooperate with the auditor, and answer all his questions.
The certificate is valid for one year from the date of its award. Historical telemetry data after such a long time may differ significantly from the initial state, so continued use of the certificate will require data validation to be performed again.
The Cyber Transparency Forum working group brings together leading security software developers who work together to increase transparency, and find ways to communicate telemetry data to the entire Internet community.
If you are a developer of security software, please contact the Cyber Transparency Forum group. Joining requires meeting certain conditions, including: 100 000 protected devices, and sharing telemetry data obtained from them.
Of course! Read the methodology on our website.
The audit is addressed to developers and vendors of IT solutions (mainly Endpoint Protection software) who want to make sure that their solution is properly designed, configured, and operates in accordance with the idea of transparency.
The management board will learn about the condition and quality of security measures offered to end customers, and know recommendations for increasing transparency which will have a positive impact on the company image.
The audit can provide independent confirmation that a developers adheres to certain safety standards, and sets new standards for transparency.
The audit can help identify security weaknesses and strengths that in a broader perspective allows for better protection of users against threats.
Independent evaluation of telemetry data can bring tangible benefits to your customers.
Disclosing certain data is a great way to show that as a developer, you are helping to minimize the risk of a cyberattack, and building trust in your company that is essential for long-term business relationships. In addition, such activities allow your employees to be sure that they work for a company that focuses on the quality of service.
The audit can help raise awareness of the solutions you offer.
The Cyber Transparency Audit Certified is valid for 12 months from its award. Historical telemetry data after such a long time may differ significantly from the initial state, so continued use of the certificate will require data validation to be performed again.
Setting priorities, presenting our capabilities, and terms of cooperation.
Determination of the technical data necessary to conduct the audit. Preliminary details are available in the methodology.
At this stage, we verify the authenticity of the data that we will analyze.
We audit the data, and actively cooperate to get the maximum benefit out of the analysis.
Provide detailed data from the analysis and discuss the results.
We have been dealing with testing and cybersecurity since 2012. During this time, we have performed hundreds of tests that have allowed us to improve the products of the largest developers on the market.
We are affiliated with the prestigious AMTSO (Anti-Malware Testing Standards Organization) which upholds the standards of conducting security tests. As part of our functions in the international community of experts, we work on improving the transparency, objectivity, and quality of security software tests.
View one of AMTSO’s latest compliance reports
We invite all interested developers and providers of security solutions for individual customers and for medium and large companies to work with us. We encourage you to get familiar with our offer and opportunities for cooperation.