ndependent security audit verifies Surfshark’s network security
May 2021 by Marc Jacob
Cybersecurity company Surfshark has undergone a third-party security audit of its VPN server infrastructure. The investigation performed by Cure53 confirmed a solid security premise of Surfshark. The report points out that despite extensive research and wide coverage of a plethora of possible risks, no serious issues were detected.
The scope of the evaluation included a server configuration audit and a broader security assessment. The final audit report highlights that all of the security-related findings resided in the realm of general weaknesses while subsequently implemented fixes were verified as appropriate.
The audit report states that the Surfshark network relies on sound defaults while the configuration of constructs and cipher-suites show engineers’ diligence and attention to details. Researchers made only four security-relevant discoveries, and Surfshark engineers handled those before the publication of the results.
“The overall outcome should be regarded as very good, and the testing team has no doubt that the Surfshark maintainers have a clear understanding of security and privacy challenges associated with being a VPN provider,” concludes the report published by the Cure53 research team.