Proton

Security experts declare all Proton apps secure after they pass their security audit

At Proton, transparency is one of our core principles. Simply put, people cannot make informed decisions without knowing how their data is secured, which is why we have made all our apps open source. This “security through transparency” approach means our apps consistently face rigorous scrutiny, and it also means that any potential vulnerabilities are swiftly found and resolved.

However, raw code is not understandable for everyone, so we also commission independent security experts to audit our code and share their results. Even if you do not understand how to run a security audit yourself, you can see what experts in the field discovered.

Security experts inspect Proton apps

In September 2021, Securitum inspected all Proton apps as part of their security audit. We are happy to announce that their tests uncovered no major issues or security vulnerabilities.

You can read their letters of attestation by service below:

Securitum(nowe okno) is a leading European IT security company, handling security audits and tests for many of Europe’s largest companies. They also handled the security audit of the new Proton Mail and Proton Calendar(nowe okno) in early 2021.

Read our most recent security audit reports

Transparency is the key to trust

As an organization founded by former scientists and physicists who met at the European Organization for Nuclear Research (CERN), we believe peer review is essential to ensure your result is sound. We apply the same approach to Proton. We want you to be able to examine our work for yourselves and read experts’ audits before you entrust us with your data.  

You can find the code for all of Proton’s apps on the Proton Mail GitHub(nowe okno) and Proton VPN GitHub(nowe okno).

If you have questions or comments about the latest security audits, share them with us! Join the conversation on Twitter(nowe okno) and Reddit(nowe okno).

Update 29 March 2022: This article was republished using the term “security audit” instead of “penetration test” to stay consistent with past practice.

Powiązane artykuły

Email etiquette: What it is and why it matters |
en
Find out what email etiquette is with key rules and examples, why it is important, and how Proton Mail can help.
A cover image for a blog about how to create an incident response plan that shows a desktop computer and a laptop with warning signs on their screens
en
Do you have an incident response plan to protect your business from financial and reputational damage? Find out how Proton Pass for Business can help you stay safe.
Shared with me in Proton Drive for desktop user interface
en
  • Dla firm
  • Aktualizacje produktów
  • Proton Drive
We've improved Proton Drive for Windows to make it easier to securely collaborate with others from your desktop.
Smart glasses that have been modified for facial surveillance and dox you in real time, finding your personal information after seeing your face.
en
  • Co nowego w obszarze ochrony prywatności
Students modified smart glasses to find someone’s personal data after just looking at them. This is why we must minimize data collection.
The cover image for a blog explaining what password encryption is and how Proton Pass helps users with no tech experience benefit from it
en
Password encryption sounds complicated, but anyone can benefit from it. We explain what it is and how it’s built into Proton Pass for everyone to use.
How Proton can help with DORA compliance
en
We look at how DORA will affect your organization and how Proton’s services can help you meet its compliance requirements.