Proton
Subscribe by RSS

Security experts declare all Proton apps secure after they pass their security audit

Richie Koch

Share this page

At Proton, transparency is one of our core principles. Simply put, people cannot make informed decisions without knowing how their data is secured, which is why we have made all our apps open source. This “security through transparency” approach means our apps consistently face rigorous scrutiny, and it also means that any potential vulnerabilities are swiftly found and resolved.

However, raw code is not understandable for everyone, so we also commission independent security experts to audit our code and share their results. Even if you do not understand how to run a security audit yourself, you can see what experts in the field discovered.

Security experts inspect Proton apps

In September 2021, Securitum inspected all Proton apps as part of their security audit. We are happy to announce that their tests uncovered no major issues or security vulnerabilities.

You can read their letters of attestation by service below:

Securitum(new window) is a leading European IT security company, handling security audits and tests for many of Europe’s largest companies. They also handled the security audit of the new Proton Mail and Proton Calendar in early 2021.

Read our most recent security audit reports

Transparency is the key to trust

As an organization founded by former scientists and physicists who met at the European Organization for Nuclear Research (CERN), we believe peer review is essential to ensure your result is sound. We apply the same approach to Proton. We want you to be able to examine our work for yourselves and read experts’ audits before you entrust us with your data.  

You can find the code for all of Proton’s apps on the Proton Mail GitHub(new window) and Proton VPN GitHub(new window).

If you have questions or comments about the latest security audits, share them with us! Join the conversation on Twitter(new window) and Reddit(new window).

Update 29 March 2022: This article was republished using the term “security audit” instead of “penetration test” to stay consistent with past practice.

Protect your privacy with Proton
Create a free account

Related articles

Proton Wallet offers a safe, easy way to hold and transact with Bitcoin. Now there’s no reason to let third parties hold your BTC.
Business documents representing digital data and sensitive information to secure
Find out what digital data is, how it has become the backbone of modern businesses, and how Proton can help secure it.
Learn what you're exposing yourself to when you use temporary email services like 10-Minute Mail
Learn what you're exposing yourself to when you use temporary email services like 10-Minute Mail — and why an alias is a better way to protect your privacy.
Is deepseek safe
  • Privacy news
DeepSeek? More like DeepSneak
Not only does DeepSeek collect extensive personal information, but it cannot legally resist government demands for access to that data.
The cover image for a Proton Pass blog explaining how a family password manager can save parents time - the image shows three password fields on top of each other with a security shield shape containing two adult figures and one child figure
Tired of resetting passwords for your family? Find out how a family password manager can help you save time on password admin.
what does bcc mean in email
What is BCC in email language? Here's what BCC means, how it works, and when and why you might want to use it.