- Jul 27, 2015
- 5,459
Kaspersky Achieves ISO 27001 Certification
- Thread starter upnorth
- Start date
- May 26, 2014
- 1,052
Innocent till proven guilty,Where the accusers now? Thanks upnorth
- Jun 6, 2017
- 473
I think the article above about SO/IEC 27001:2013 certification is more about Kaspersky's data practices. The accusations about Kaspersky being involved in espionage are entirely separate matters.
I don't think there was ever any technical evidence that Kaspersky software is used for state survelliance.
However, I think the concern is that as a Russian company, they would ultimately have to follow any instructions which their government would like them to carry out in the future. Plus they possibly have government agents amongst their staff- even if they don't realise this. To be fair, I expect most of the large security companies are spied on to a certain extent.
But I have no idea is the above is true. I use Kaspersky, which shows how concerned I am !
I don't think there was ever any technical evidence that Kaspersky software is used for state survelliance.
However, I think the concern is that as a Russian company, they would ultimately have to follow any instructions which their government would like them to carry out in the future. Plus they possibly have government agents amongst their staff- even if they don't realise this. To be fair, I expect most of the large security companies are spied on to a certain extent.
But I have no idea is the above is true. I use Kaspersky, which shows how concerned I am !
- Nov 26, 2016
- 699
What espionage? The last mega drama around Kaspersky was entirely manufactured by twisting facts in such a way that they looked guilty. Where in reality it was Kaspersky that caught NSA's contractors shuffling around hack tools. That's the only wrongdoing they did. Detecting hack tools they were not suppose to detect coz they were used by NSA and not meant to be found. As for hackings and other things, of course Kaspersky cooperates with local authorities which happen to be... RUSSIAN. Just like Symantec, McAfee or any other American security firm cooperates with FBI and the likes when they have something on it.
- Dec 29, 2014
- 1,711
Kaspersky deserves recognition. Others can earn it too. It's good for a company to make the world a better place 
Everyone should take a look at KSC free and see exactly what Kaspersky has done in the form of a free program. The investment in quality coding practices is evident, and the company makes good decisions too. How good must their paid be lol? Hello awards.
Everyone should take a look at KSC free and see exactly what Kaspersky has done in the form of a free program. The investment in quality coding practices is evident, and the company makes good decisions too. How good must their paid be lol? Hello awards.
- Jul 27, 2015
- 5,459
What ISO 27001 certification is, and why we need it
What exactly was certified and how the certification was performed
www.kaspersky.com
A previous day job involved being in a war room analyzing newly discovered compromised devices that I worked on.
The level of sophistication I've seen from such attacks (usually the personal devices of high value targets) was just astounding, ranging from well covered up zero-day exploits to hardware attacks.
If you are worried about a state sponsored actor targeting you, whether it's Russia or the NSA or China, I frankly do not expect ANY commercial product on the market to protect you. I really hope that's not why educated people are choosing an AV software.....
So that leaves what matters: Does the product deliver the level of protection that you want, and do you trust it?
The former, I would safely say yes, Kaspersky products have consistently tested near or at the top of the pack whether it's dynamic or static protection. The latter? That's a really hard question to answer for everyone. Honestly cloud-based AVs creep me out a little -- almost every engine has some cloud component and they all involve agreeing to submit samples automatically for things the cloud doesn't recognize. You are placing a lot of trust in a third party and basically only have your gut and their track record to make that decision on. Your control ends with "well my AV just uploaded this EXE to their servers, from my IP address". What they do with that, and how much of the upload transaction they log? I'm not sure you have anything to go on but your trust in them.
The level of sophistication I've seen from such attacks (usually the personal devices of high value targets) was just astounding, ranging from well covered up zero-day exploits to hardware attacks.
If you are worried about a state sponsored actor targeting you, whether it's Russia or the NSA or China, I frankly do not expect ANY commercial product on the market to protect you. I really hope that's not why educated people are choosing an AV software.....
So that leaves what matters: Does the product deliver the level of protection that you want, and do you trust it?
The former, I would safely say yes, Kaspersky products have consistently tested near or at the top of the pack whether it's dynamic or static protection. The latter? That's a really hard question to answer for everyone. Honestly cloud-based AVs creep me out a little -- almost every engine has some cloud component and they all involve agreeing to submit samples automatically for things the cloud doesn't recognize. You are placing a lot of trust in a third party and basically only have your gut and their track record to make that decision on. Your control ends with "well my AV just uploaded this EXE to their servers, from my IP address". What they do with that, and how much of the upload transaction they log? I'm not sure you have anything to go on but your trust in them.
- Dec 12, 2016
- 1,148
Similar threads
