A List Of VPN Providers With Public Audits 2024

Quick Answer

These VPN providers have undergone third-party, public audits:

  • SurfShark (Recommended) – conducted a full white-box infrastructure audit
  • Mullvad (Recommended) – conducts annual audits
  • TunnelBear – multiple recent security audits
  • NordVPN – has undergone a series of third-party audits
  • IPVanish – audited by Leviathan Security Group
  • VyprVPN – No-logs claims verified by a third-party audit
  • OVPN – Verified to be no-logs in a court case
  • Perfect Privacy – Verified to be no-logs with a server seizure
  • ProtonVPN
  • ExpressVPN

More Details on VPNs With Public Audits

Surfshark: White-Box Instructure Audit

Surfshark kept details of its leadership private but then made them public in 2021. Surfshark also recently conducted a white-box infrastructure audit conducted by Germany-based Cure53. Surfshark’s price includes the ability to use Surfshark on an unlimited number of devices.

Mullvad: Annual Public Audits

Mullvad is consistent in conducting annual audits. In May 2022, Mullvad underwent a comprehensive security audit. Assured, a cybersecurity consulting firm, conducted it. The most recent infrastructure audit took three testers a total of 19 days to complete. The auditors spotted 20 vulnerabilities, implementation issues, and other findings: 11 of medium severity and nine of low severity.

Located in Sweden, Amagicom is the company behind Mullvad’s service. Amagicom is directly owned by founders Fredrik Strömber and Daniel Berntsson.

TunnelBear: Multple Security Audits

TunnelBear publishes the results of multiple recent security audits, and the company posts occasional transparency reports. Supports unlimited devices.

NordVPN: Audits Of Apps Only

NordVPN has undergone a series of third-party audits for its apps by VerSprite (a cybersecurity consulting firm). These audits did not include NordVPN’s infrastructure. NordVPN makes these audit reports available only to existing subscribers.

VPN With No Public Audits

These VPNs had no recent public audits:

AirVPN, Astrill, AzireVPN, blackVPN, BTGuard, CactusVPN, Cryptostorm, CyberGhost, Disconnect, Faceless.me, FrootVPN, F-Secure Freedome VPN, Goose VPN, Hide.me, InvinciBull, IPredator, IPVanish, KeepSolid, nVpn, OVPN, Perfect Privacy, personalVPN, PrivateVPN, Private Tunnel, Private Internet Access, PureVPN, SurfEasy, TorGuard, TorrentPrivacy, Trust.Zone, VPN.AC, VPN.ht, VPNTunnel, Windscribe, ZenGuard/ZenMate, and ZorroVPN.

Other VPN Trust Issues

PureVPN appears to have lied about its logging practices.

ProxySH was discovered to be spying on customer traffic in 2013.

HideMyAss has handed customer information over to the police.

The Center for Democracy & Technology filed a 14-page complaint about Hotspot Shield with the FTC, alleging unfair and deceptive trade practices.

1 thought on “A List Of VPN Providers With Public Audits 2024”

  1. Curious what the actual status for the “public audit” for vpn.ac is. Just checked the whole site, and see not many updated recently for the last 1-2 years… especially regarding the security status.

    Any chance you can check this from your side (you got a lot of knowhow about this)

Leave a Comment

Your email address will not be published. Required fields are marked *