Security experts declare all Proton apps secure after they pass their pen tests
At Proton, transparency is one of our core principles. Simply put, people cannot make informed decisions without knowing how their data is secured, which is why we have made all our apps open source. This “security through transparency” approach means our apps consistently face rigorous scrutiny, and it also means that any potential vulnerabilities are swiftly found and resolved.
However, raw code is not understandable for everyone, so we also commission independent security experts to audit our code and share their results. Even if you do not understand how to run a penetration test yourself, you can see what experts in the field discovered.
Security experts try — and fail — to hack Proton apps
In September 2021, Securitum ran penetration tests (also known as a pentest) on all Proton apps. A penetration test is when security experts conduct an authorized simulated cyberattack on a system or app. We are happy to announce that their tests uncovered no major issues or security vulnerabilities.
You can read their letters of attestation by service below:
- Penetration test results for ProtonMail
- Penetration test results for ProtonVPN
- Penetration test results for Proton Calendar beta
- Penetration test results for Proton Drive beta
Securitum is a leading European IT security company, handling security audits and tests for many of Europe’s largest companies. They also handled the security audit of the new ProtonMail and Proton Calendar in early 2021.
Transparency is the key to trust
As an organization founded by former scientists and physicists who met at the European Organization for Nuclear Research (CERN), we believe peer review is essential to ensure your result is sound. We apply the same approach to Proton. We want you to be able to examine our work for yourselves and read experts’ audits before you entrust us with your data.