Internxt Successfully Passes an Updated Security Audit
We are pleased to announce that Internxt has passed its second consecutive security audit for all its services from the leading independent European pentesting company, Securitum, which also works with firms as relevant as Proton.
Having become the first cloud storage with post-quantum, plus our zero-knowledge policies, when we say your data is private and secure from hackers, it’s not just a claim, but verifiable by external security professionals and experts in the field.
While all our apps our fully open source, we realise not everybody has the time and technical knowledge to inspect every single line to check for potential vulnerabilities.
After our first security audit verified Internxt is safe from hackers, we are happy to share the key findings of our second security report in this article to reflect our values of transparency with all our users.
The audit covered all our desktop apps, Windows, macOS, Linux, mobile, our backend infrastructure, and more. It's also important for us to run updated security audits as our suite of products expands and matures, in order to continuously guarantee that the maxmium levels of safety are met.
Table of contents
- Findings of the audit
- About Securitum
- What parts of Internxt were audited and tested?
- Why it’s important to verify the security of your cloud
- Our commitment to transparency
Findings of the audit
After successfully passing our first audit, Internxt was once again tested by Securitum this year.
After which, no severe vulnerabilities were found, using the following methodologies as stated in the report. Only non-relevant information points were shared, which were also tackled by Internxt
About Securitum
Securitum is a European penetration testing company founded in 2009 and based in Poland. It is recognized as one of the leading penetration testing providers in Central and Eastern Europe.
The company has carried out thousands of security audits and penetration tests, uncovering more than ten thousand vulnerabilities and producing thousands of reports for its clients.
Each year, Securitum works with key industries such as finance, telecom, public administration, education, and cloud storage, conducting hundreds of tests and working with over 300 clients.
The team consists of more than 35 to 50 full-time cybersecurity professionals who hold industry-recognized certifications such as CEH, CISSP, OSCP, OSWE, PenTest+, CySA+, Security+, and ISO 27001 Lead Auditor.
Aside from working with leading privacy providers such as Internxt, they have also published numerous CVEs and security research articles, including vulnerabilities in major software such as Chrome, Firefox, and OpenSSH.
Successfully passing our second security audit provides independent confirmation that Internxt’s infrastructure and services meet high standards of security and that no critical vulnerabilities are present.
By choosing Internxt, therefore, you can be safe in the knowledge that your files and personal data remain safe from external threats, backed by our open source code, which any security experts can verify at any time.
What parts of Internxt were audited and tested?
Internxt security audit was carried out on all our platforms, which consist of:
- Web
- Linux
- Windows
- macOS
- iOS
- Android
- Databases
- Log in and sign up process
- Backend infrastructure
Common tests of this security audit include:
- Vulnerabilities in the web client, such as injection flaws, XSS, and insecure session handling.
- Auditing for misconfigurations, privilege escalation paths, and outdated packages.
- Verifying that zero-knowledge encryption is implemented correctly, that encryption keys are generated and stored securely, and that files cannot be accessed in plain text either by insiders or through misconfigurations.
- Secure configuration, encryption, access restrictions, and protection in databases from injection attacks.
- Auditing the APIs that handle file uploads, downloads, and account management to ensure they enforce strong authentication, input validation, and rate limiting.
Why it’s important to verify the security of your cloud
With the cost of a data breach reaching $4.4 million according to IBM’s 2025 data breach report, verifying the security of your cloud provider is more important than ever for individuals and businesses.
Our secure cloud platform therefore ensures that your data is protected from unauthorized access, data breaches, and potential loss.
If you use any of our annual or lifetime cloud storage for personal use you can be confident that your personal information such as photos, documents, videos, and sensitive data, is stored safely and handled responsibly, backed by GDPR compliance.
For businesses, regular audits are crucial to maintain compliance with regulations, protect customer data, protect your company’s reputation, and avoid heavy fines for not meeting GDPR requirements.
Our commitment to transparency
Internxt is proud to pass its second audit, demonstrating our continued commitment to keeping your data private and secure for both individuals and businesses.
As we evolve our product suite to include Mail, Meet, Device Cleaner, and more in the future, we will continue our commitment to the security and transparency of our cloud storage so we can provide you with everything you need to make keeping your files private as simple as possible.
Choosing Internxt means you are choosing to take back control of your data from US corporations and other data-hungry businesses. Get started with our verified, secure cloud storage with antivirus, vpn, mail, meet, and more today from just €3 a month.
Remember, you can always check our source code to ensure there are no backdoors or vulnerabilities, or reach out to us at hello@internxt.com if you have any other questions regarding this report or for any other queries.