Member’s Login

Forgot Password  |  Create an account

Kaspersky Lab Launches its Global Transparency Initiative; Will Provide Source Code

Posted By - DynamicCISO,

Kaspersky Lab last week announced the launch of its Global Transparency Initiative as part of its ongoing commitment to protecting customers from cyberthreats, regardless of their origin or purpose. With this Initiative, the company will engage the broader information security community and other stakeholders in validating and verifying the trustworthiness of its products, internal processes, and business operations, as well as introducing additional accountability mechanisms by which the company can further demonstrate that it addresses any security issues promptly and thoroughly. As part of the Initiative, Kaspersky Lab intends to provide the source code of its software – including software updates and threat-detection rules updates – for independent review and assessment.

As society today depends ever more on information and communications technologies (ICT), cyberthreats continue to proliferate and evolve. Because of the frenetic pace of both ICT deployment and the expansion of the threat landscape, Kaspersky Lab believes that increased cooperation to protect cyberspace is more crucial than ever. Trust is essential in cybersecurity, and therefore trust should be the foundation of any collaboration among those seeking to secure individuals, organizations and enterprises from cyberthreats. However, the company also recognizes that trust is not a given; it must be repeatedly earned through an ongoing commitment to transparency and accountability.

Kaspersky Lab’s Global Transparency Initiative is a reaffirmation of the company’s commitment to earning and maintaining the trust of the company’s customers and partners every day. The company has never taken this trust for granted, but it wants to strive for continuous improvement in every way it can.

The initial phase of Kaspersky Lab’s Global Transparency Initiative will include:

  1. The start of an independent review of the company’s source code by Q1 2018, with similar reviews of the company’s software updates and threat detection rules to follow;
  2. The commencement of an independent assessment of (i) the company’s secure development lifecycle processes, and (ii) its software and supply chain risk mitigation strategies by Q1 2018;
  3. The development of additional controls to govern the company’s data processing practices in coordination with an independent party that can attest to the company’s compliance with said controls by Q1 2018;
  4. The formation of three Transparency Centers globally, with plans to establish the first one in 2018, to address any security issues together with customers, trusted partners and government stakeholders; the centers will serve as a facility for trusted partners to access reviews on the company’s code, software updates, and threat detection rules, along with other activities. The Transparency Centers will open in Asia, Europe and the U.S. by 2020.
  5. The increase of bug bounty awards up to $100,000 for the most severe vulnerabilities found under the company’s Coordinated Vulnerability Disclosure program, to further incentivize independent security researchers to supplement our vulnerability detection and mitigation efforts, by the end of 2017.

In addition to launching this initial phase of its Global Transparency Initiative, Kaspersky Lab looks forward to engaging with its stakeholders and the information security community to determine what the next phase of the initiative – commencing in H2 2018 – should include. Suggestions for further steps, and requests by third parties interested in collaborating with the company, are welcome at:

Related Tags - kaspersky lab

Subscribe to our newsletter for all the latest updates and special offers.

Click Here To view archive additions

Older Entries

Monday, April 14th, 2014 02:55:00 PM Heartbleed - Bruce Schneier, CTO
Sunday, April 27th, 2014 09:10:00 AM Heartbleed FAQs - Richard Henderson, Security Strategist FortiGuard Labs
View All