In line with its drive towards building trust in the cybersecurity industry, Kaspersky announced last August 15, the opening of its first Transparency Center in Asia Pacific, in partnership with CyberSecurity Malaysia – Malaysia’s national cybersecurity specialist agency. The company’s third code review facility will be located in Cyberjaya, alongside key cyber-related government agencies and companies in Malaysia.
Like its counterparts in Zurich and Madrid, the Transparency Center in Malaysia will serve as a trusted facility for the company’s partners and government stakeholders to come and check the source code of Kaspersky’s solutions. The new center will also function as a briefing center where guests will be able to learn more about Kaspersky’s engineering and data processing practices.
Government regulators and enterprise clients of Kaspersky can request to review the company’s solutions and services including threat analysis, secure review, and the application security testing process. They can also review the source code of Kaspersky’s flagship consumer and enterprise solutions – Kaspersky Internet Security (KIS); Kaspersky Endpoint Security (KES), and Kaspersky Security Center (KSC), which is a console for the company’s business products.
As well as these, stakeholders can also review all versions of Kaspersky’s builds and AV-database updates as well the information the company processes such as data feeds from Kaspersky products that are sent to the cloud-based Kaspersky Security Network (KSN). Access to the Transparency Center is available upon request.
The new center is being opened as part of the company’s Global Transparency Initiative – a brainchild of Kaspersky which aims to address the growing demand from partners and government stakeholders for more information on how its products and technologies work. The center will open for its first visitors early next year.
Since the company’s announcement in October 2017, Kaspersky’s Global Transparency Initiative has been demonstrating good progress. In particular, the company:
- Started relocating customer data storage and processing infrastructure for European users from Russia to Zurich, Switzerland, to be completed by the end of 2019.
- Opened two Transparency Centers in Europe – in Zurich (November 2018) and Madrid (June 2019). The Spanish Center also serves as a briefing center for key company stakeholders.
- Successfully completed the Service Organization Control for Service Organizations (SOC 2) Type 1 audit. The final report, issued by one of the Big Four accounting firms, confirms that the development and release of Kaspersky’s threat detection rules databases (AV databases) are protected from unauthorized changes by strong security controls. To learn more and to request the Kaspersky SOC 2 Type 1 Report, please visit the website.
- Has been developing its Bug Bounty program. Since the announcement of the program’s extension, the company resolved 66 bugs reported by security researchers and awarded almost $45,000 in bounty rewards. The company also supports the Disclose.io framework which provides Safe Harbor for vulnerability researchers concerned about potential negative legal consequences of their discoveries.
