Cure53 has endorsed a top VPN provider as a safe choice to secure your sensitive data and login information on mobile devices.
After confirming yes pass three independent security audits just about a month ago, ExpressVPN just announced the results of further testing on its software.
Again, the provider seems to have passed these latest tests with a full score.
This time, cybersecurity experts from Healing53 was called to evaluate the ExpressVPN mobile app. Its own password manager ExpressVPN key – at no extra charge with both iOS and Android apps – was also tested for any vulnerabilities.
While there were a few minor bugs that the vendor said had been resolved, Cure53 was pleased with the results and the ExpressVPN team’s commitment to combating “many modern problems”. VPN applications tend to face.”
‘Intensive efforts in mitigating any potential threats’
All in all, the development team deserves all the credit for their diligent efforts in mitigating any potential threats to the iOS app, with only the minor tweaks needed to make it easier. further elevate the platform to an exemplary standard from a security perspective,” the audit firm concluded on it iOS test report (opens in a new tab).
A similar result ended Android test report (opens in a new tab), also. At the same time, Cure53 is satisfied with access and collaboration from the provider throughout the entire process.
Teams of three and five senior testers performed white box testing and tested the source code on ExpressVPN’s iOS and Android apps from August 2022 to September 2022. These activities are intended to determine if ExpressVPN’s mobile applications can successfully resist attacks. from the outside or not.
For the first time, ExpressVPN Key has also been tested to ensure that it correctly secures user login details.
Both audits revealed only a few minor vulnerabilities but presented little risk to users’ data.
Specifically, iOS testing identified a total of nine issues. Of these, only four are classified as low- and medium-risk vulnerabilities. The remaining five are known as “general weaknesses with lower mining potential.”
While Android testing shows a total of 13 vulnerabilities. Again, only three of the findings were considered low or medium severity security flaws.
However, as Cure53 reported: “The majority of the findings are variations of common misconfigurations that often occur in Android applications. This positive view is also corroborated by the fact that there is no vulnerability. Any of the above can be directly abused to carry out successful attacks.”
ExpressVPN’s very own password manager also received rave reviews, achieving “a solid impression overall.”
These latest tests bring ExpressVPN’s published independent tests total VPN test up to 13 as of 2018. Furthermore, a security review on the ExpressVPN Keys browser extension is also underway.
“We see a growing global need for privacy protection and digital security,” said Brian Schirmacher, penetration testing director at ExpressVPN. Reputable networks like Cure53 are one of our many trust and transparency initiatives. We want to continue to set the bar high for the industry.
