Welcome to Transparency in Cybersecurity

Security by obscurity doesn’t work. 42% of cybersecurity vendors restrict their customers’ ability to post product reviews and benchmarks

We should strive for an open discussion about security products.

Why Do We Need Transparency in Cybersecurity?

Transparency is an essential element of cybersecurity. Yet, many cybersecurity vendors’ end-user license agreements (EULAs) restrict what can be published and communicated about their products. Vendors with such restrictions actively promote positive product reviews on platforms such as IT Central Station, G2 Crowd, Capterra, and Gartner Peer Insights. We think this hypocrisy should stop.

Transparency in cybersecurity is good for customers and the industry. Customers should have access to as much information as possible, including benchmarks and test results, during their evaluation process. Transparency will also encourage vendors to improve and innovate their products. It is a win-win for all involved.

Our Manifesto

The world’s digital transformation is well underway. Consumers, enterprises, and government organizations now achieve unparalleled commerce, education, and entertainment experiences and capabilities.

But as we all know, there is a dark side to this prosperity. Bad actors, whether individuals or state-sponsored, pose daily threats to cybersecurity.

Cybersecurity is a critical anchor that keeps bad actors in check and allows the world’s economies to flourish. Our position on Transparency in Cybersecurity is clear:

  • Unrestricted dissemination and sharing of product benchmarks and real-world experiences are key to a safer digital world
  • Vendors need to incorporate openness, communication, and accountability into their business operations
  • Transparency is the great equalizer and should be embraced by all

The cybersecurity industry is massive. Yet, for all the claims of safety and protection, many vendors prefer to obfuscate the efficacy of their products. They don’t want you to know how well their product can protect your infrastructure. We all know that security by obscurity is no security at all.

The cybersecurity community deserves better than to kowtow to any vendor’s lack of transparency, especially while wielding dubious legal threats. No vendor is perfect, and no product is perfect. But digital commerce is vital to the free world, and the public should have free access to all of the facts.