EDR vendors: source code access (3), staged updates (8), SBoM rare
A recent independent study by the Tyrol Chamber of Commerce evaluates transparency and data practices among major cybersecurity vendors. The report highlights the importance of transparency in procurement decisions for enterprises and public institutions. Key findings indicate that while vendors comply with various regulations, public disclosure of security practices remains inconsistent.
- ▪The study assesses 14 widely used enterprise cybersecurity products for transparency and compliance measures.
- ▪All evaluated solutions are closed-source, with varying levels of disclosure regarding third-party components.
- ▪Vendors confirm compliance with EU GDPR and most with US CCPA, but none claim compliance with the upcoming EU Cyber Resilience Act.
Opening excerpt (first ~120 words) tap to expand
Independent Study Highlights Transparency and Data Practices in Leading Cybersecurity Products 4. December 2025 Press ReleasesSecurity News The Tyrol Chamber of Commerce (WKO), in collaboration with MCI | The Entrepreneurial School® and AV-Comparatives, has released the Transparency Review and Accountability in Cyber Security (TRACS) 2025, a comprehensive independent study examining how major cybersecurity vendors disclose data practices, implement compliance measures, and communicate transparency to their customers. The report aims to support enterprises, public institutions, and SMEs in making informed, evidence-based decisions when selecting cybersecurity solutions. The study evaluates 14 widely used enterprise cybersecurity products.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at AV-Comparatives.
Discussion
0 commentsMore from AV-Comparatives
