Tyler Cross
Published on: March 1, 2023

NordVPN announced that it conducted and passed a series of audits in 2022 of its server infrastructure, Windows, Mac, and Linux apps, browser extensions, and its Threat Protection feature.

Berlin-based Cure53 ran tests that lasted several months long in 2022 and the results have concluded by showing that NordVPN lives up to its claims about having a strong security system and good infrastructure.

“NordVPN constantly strives to maintain and provide the highest quality of service to its trusted customers,” the VPN said in a blog post on its website. “We continuously improve the overall performance of our service and develop advanced VPN features, giving our users increased online security. Secure your internet traffic with just one click and browse with peace of mind.”

Cure53 has been running software tests and code audits for more than 15 years and has built up a solid reputation in the cybersecurity community. The app security audit and the infrastructure security audit have both been published and the full reports are available to read.

The app security audit found 1 potentially dangerous security vulnerability in the macOS app and a total of 21 other problems that ranged from minor to more moderate risks, but these issues have since been patched and the problems have been resolved completely.

The infrastructure security audit had pretty positive findings.

“Generally speaking, the overall yield of findings documented in this report is relatively moderate, which represents a positive indication of the perceived security state of the NordVPN servers and infrastructure,” Cure53 reported.

While finding and patching a few issues isn’t out of the ordinary for security audits, NordVPN was completely transparent about the findings and included them all in the report. Having public audits is a key part of a cybersecurity company maintaining trust with their user base that

The mobile apps were favorably talked about during the audit, especially the Android app.

“To provide a conclusory comment on mobile security in general, the NordVPN mobile applications garnered a robust impression and are observably effective in minimizing the attack surface,” says Cure53.

NordVPN’s server and infrastructure report yielded moderate findings that the company was able to quickly address. The mobile apps especially had very strong security and the more serious security vulnerability on macOS they found is gone.