What you should know about Kaspersky 2 Building a safer world Technology now connects us across platforms and borders like never before. As the world has become more digitized and globalized, we at Kaspersky have become a technology leader with an advanced and comprehensive portfolio of security solutions and services, including innovative products and tech- nologies, cloud services and world-leading threat intelligence. Our mission is to build a safer world, and it emphasizes our commitment to a trusted and transparent future. We believe in a tomorrow where technology improves all of our lives. Which is why we secure it, so everyone everywhere benefits from the endless opportunities it brings. In the modern world, cybersecurity is about more than just protecting devices, but about developing an ecosystem where everything connected through technology is protected. That’s why we have moved beyond the anti-virus laboratory to provide cybersecurity technology that people can trust, and our business focus has evolved towards the wider concept of “cyber-immunity”. Our mission is simple – building a safer world. And in fulfilling that mission we aim to become ” the global leader in cybersecurity – by securing technology to make sure that the possibilities it brings become opportunities for each and every one of us. Bring on endless possibilities. Bring on a safer tomorrow. Eugene Kaspersky, CEO 1 About Kaspersky We are one of the world’s largest We operate in Our goal is to bring on the future for privately-owned cybersecurity 200 countries and our customers. Our advanced and companies that has been operating territories comprehensive portfolio encompasses in the market for over 23 years. solutions, including innovative products and technologies, cloud services and world-leading threat intelligence, to suit a wide range of customers. We enable and have consumers to use technologies and 34 offices services so they can enjoy their lives in 30 countries. without worrying about cybersecurity risks. We also enable corporate clients to build successful businesses by eliminating concerns about cyberthreats. Over 4,000 highly qualified specialists work for Kaspersky. We pride ourselves on developing world- leading security that keeps us, and over 400 million users across the globe, and 250,000 corporate clients, protected by our technology 2 Proven Transparent Independent Kaspersky routinely scores the We are totally transparent and make it As a private company, we are independent highest marks in independent ratings even easier to understand what we do via from short term business considerations and surveys. our Global Transparency Initiative: and institutional influence. • Measured alongside more than 100 • Independent review of the company’s We share our expertise, knowledge other well-known vendors in the source code, software updates and and technical findings with the world’s industry threat detection rules. security community, IT security vendors, • 64 first places in 86 tests in 2019 • Independent review of internal international organizations, and law • Top 3 ranking* in 81% of all processes to verify the integrity of our enforcement agencies. product tests solutions and processes. • Kaspersky has been recognized as a • Relocation to Switzerland of data Our research team is spread across the 2020 Customers’ Choice for Endpoint storage and processing for customers world and includes some of the most Detection & Response Solutions by in Europe, the United States, Canada renowned security experts in the world. Gartner Peer Insights** and several countries in Asia-Pacific We detect and neutralize all forms of • Kaspersky was named a Leader in the region. Advanced Persistent Threats (APT), Forrester Wave Endpoint Security Suites • The opening of transparency centers regardless of their origin or purpose. 2019 evaluation*** globally. • Increased bug bounty rewards up to Our Global Research and Analysis Team $100,000 per discovered vulnerability (GReAT) is well-known for the discovery * https://www.kaspersky.com/top3 in Kaspersky products. and dissemination of the most advanced ** Kaspersky recognized as the highest ranking vendor in the cyberthreats. 2020 Gartner Peer Insights Customers’ Choice for Endpoint Detection & Response. Gartner Peer Insights Customers’ Choice constitute the subjective opinions of individual end- user reviews, ratings, and data applied against a documented methodology; they neither represent the views of, nor constitute an endorsement by, Gartner or its affiliates. https://www.gartner.com/reviews/market/endpoint- detection-and-response-solutions *** The Forrester Wave™: Endpoint Security Suites, Q3 2019. The 15 Providers That Matter Most And How They Stack Up’ by Chris Sherman with Stephanie Balaouras, Merritt Maxim, Matthew Flug, and Peggy Dostie 3 Our Global Transparency Initiative In 2017, we launched the Global Trans- 2. We opened Transparency Centers in 4. We successfully completed the Ser- parency Initiative aimed at engaging the Zurich, Switzerland, in Madrid, Spain, in vice Organization Control for Service broader information security community Kuala Lumpur, Malaysia and in São Paulo, Organizations (SOC 2) Type 1 audit and other stakeholders in validating and Brazil. These are dedicated facilities to undertaken by one of the Big Four ac- verifying the trustworthiness of Kasper- review the company’s code, software counting firms. It confirmed that the sky products, internal processes, and updates, threat detection rules and development and release of Kasper- business operations. It also introduces other technical and business processes. sky’s threat detection rules databases additional accountability mechanisms by They also serve as briefing centers to (AV databases) are protected from which the company can further demon- learn more about Kaspersky’s engi- unauthorized changes by strong secu- strate that it addresses any security neering and data processing practic- rity controls. issues promptly and thoroughly. The fol- es. In early 2021, our North American lowing measures within the initiative have Transparency Center will open in New 5. In February 2020, Kaspersky achieved already been undertaken: Brunswick, Canada in partnership with ISO/IEC 27001:2013 certification; the CyberNB Association. international standard outlining best 1. We announced that we were adapting practices for information security our infrastructure to move a number 3. We strengthened our Vulnerability management systems. Issued by TÜV of core processes from Russia to Swit- Management Program by increasing AUSTRIA, the certification confirms that zerland. This includes customer detec- rewards to up to $100k for our Bug the company’s data security systems, tion data storage and processing for a Bounty Program and publishing Ethical including Kaspersky Security Network, number of regions. In November 2018, Principles for Responsible Vulnerability meet industry best practices. we started relocation of data process- Disclosure. The company also sup- ing for European customers. As the ports the Disclose.io framework which 6. We launched Cyber Capacity Building next step, the company is moving provides Safe Harbor for vulnerability Program – a dedicated training on prod- data from customers from the United researchers concerned about possible uct security evaluation which is aimed States and Canada. negative legal consequences of their at government organizations, academia discoveries. and companies to help them develop mechanisms and skills for security as- sessments of ICT products they use. 4 Kaspersky moved core infrastructure to Switzerland and opens Transparency Centers Customer data storage Transparency Independent and processing Centers review Malicious and suspicious files received from A facility for trusted partners and Third-party assessment of internal processes users of Kaspersky products in Europe, government stakeholders to review to verify the integrity of Kaspersky solutions the United States, Canada and several the company’s code, software and processes. countries in Asia-Pacific region* are updates and threat detection rules, In 2019 Kaspersky has achieved the SOC 2 Type 1 processed and stored on Swiss servers. along with other activities. report in accordance with the SSAE 18 standard (Security criteria) issued by one of the Big Four accounting firms. Madrid, Spain Transparency Center Zurich, Switzerland Kuala Lumpur, Transparency Center Malaysia Data centers Transparency Center Bug bounty program New Brunswick, Aimed to make Kaspersky more secure, Canada it encourages independent security researchers Transparency Center to supplement the company’s own work (to be open in 2021) in vulnerability detection and mitigation. São Paulo, Brazil Transparency Center The company also supports the Disclose.io framework which provides Safe Harbor for vulnerability researchers concerned about possible negative legal consequences of their discoveries. *Australia, New Zealand, Japan, Bangladesh, Brunei, Cambodia, India, Indonesia, South Korea, Laos, Malaysia, Nepal, Pakistan, Philippines, Singapore, Sri Lanka, Thailand, and Vietnam. 5 Kaspersky’s principles of fighting cyberthreats Kaspersky is determined to detect and The following list of threats, as reported neutralize all forms of malicious programs, by Kaspersky’s GReAT team, shows the regardless of their origin or purpose. different languages used in each threat: It does not matter which language the threat “speaks”: Russian, Chinese, Spanish, • Russian language: Moonlight