The BSI has just issued a warning when using Kaspersky software. Here is the official Kaspersky statement on this warning from the Federal Office for Information Security - BSI for short.
We believe that this decision is not based on a technical evaluation of Kaspersky products - which we have campaigned for time and time again at the BSI and across Europe - but that it was made for political reasons. We will continue to convince our partners and customers of the quality and integrity of our products and will work with the BSI to clarify the decision and address the concerns of the BSI and other regulators.
Kaspersky relies on transparency
At Kaspersky, we believe that transparency and the continued implementation of concrete actions that demonstrate our ongoing commitment to integrity and trustworthiness to our customers are of the utmost importance.
Kaspersky is a privately held global cybersecurity company, and as a private company, Kaspersky has no ties to the Russian or any other government. We believe that peaceful dialogue is the only possible tool to resolve conflicts. War is good for nobody.
We have relocated our data processing infrastructure to Switzerland: since 2018, malicious and suspicious files voluntarily passed on by users of Kaspersky products in Germany have been processed in two data centers in Zurich. These data centers meet best-in-class industry standards and ensure the highest level of security. In addition to our data processing facilities in Switzerland, the statistics submitted by users to Kaspersky may be processed via the Kaspersky Security Network in various countries around the world, including Canada and Germany. The security and integrity of our data services and technical practices have been confirmed by independent third-party assessments: by the SOC 2 audit by a “Big Four” auditor and by ISO 27001 certification and recent re-certification by TÜV Austria.
ISO 27001 certification by TÜV Austria
Kaspersky has set the industry benchmark for digital trust and transparency. Our customers have the opportunity to carry out a free technical and comprehensive review of our solutions:
- Review our secure software development documentation, including threat analysis, security review, and application security testing procedures;
- Insight into the source code of our leading solutions, including: Kaspersky Internet Security (KIS), our leading consumer product; Kaspersky Endpoint Security (KES), our leading enterprise solution; and Kaspersky Security Center (KSC), a control console for our enterprise products;
- Reviewing all versions of our builds and AV database updates, and the types of information that Kaspersky products send to the cloud-based Kaspersky Security Network (KSN) in general;
- Rebuild source code to ensure it is consistent with publicly available modules;
- reviewing the results of an external audit of the company's technical practices conducted by one of the Big Four accounting firms;
- Software Bill of Materials (SBOM) review for Kaspersky Internet Security (KIS), our flagship consumer product, Kaspersky Endpoint Security (KES), our leading enterprise solution, and Kaspersky Security Center (KSC), a control panel for our enterprise products.
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/