Bottom Line

Kaspersky posts some of the highest AV-TEST detection rates in the industry, but the US government sales ban and ongoing Russia-related security concerns make it hard to recommend for US users despite its excellent engine.

Kaspersky Antivirus is, by every objective technical measure, one of the best antivirus products on the market. AV-TEST consistently awards it perfect scores. Real-world detection rates rival Bitdefender. System performance impact is minimal. The product is genuinely excellent.

And yet: the US government banned it from sale in the United States in 2024. Germany’s cybersecurity agency warned citizens against using it. The UK’s National Cyber Security Centre has raised concerns. Multiple EU governments have issued warnings to government employees.

This review covers both sides honestly — because you deserve an accurate picture before you decide. We’ll go deep on the technical product (it’s excellent), deep on the geopolitical controversy (it’s serious), and tell you clearly who should and shouldn’t use Kaspersky in 2026.

[sc_tool_rating_box rating=”3.5″ name=”Kaspersky Antivirus” tagline=”Technically outstanding, geopolitically fraught — read before you buy.”]

Quick Verdict

Technical security	⭐⭐⭐⭐⭐ Outstanding (AV-TEST 6/6 protection, top AV-Comparatives)
Performance	⭐⭐⭐⭐⭐ Minimal system impact, AV-TEST 6/6 performance
Value	⭐⭐⭐⭐ Competitive pricing for features offered
Geopolitical risk	🚫 US sales ban in effect; EU government warnings issued
For US residents	❌ Do not buy — formal sales ban; legal gray area
For EU government/compliance	❌ Avoid — multiple government warnings
For personal users in other jurisdictions	⚠️ Technically excellent, accept the risk knowingly

Bottom line: If you’re in the US, don’t buy it — the formal Commerce Department sales ban makes this a non-starter regardless of the technical quality. If you’re in Western Europe with any government or regulated-industry connection, avoid it. If you’re elsewhere and accept the political risk, you’re getting one of the best security products available.

What Is Kaspersky? Company Background

Kaspersky Lab was founded in 1997 in Moscow by Eugene Kaspersky, a Russian cybersecurity researcher who had previously worked at the KGB-affiliated Institute of Cryptography, Telecommunications and Computer Science (though Kaspersky himself has played down that association). The company grew rapidly through the 2000s and 2010s into one of the world’s largest dedicated cybersecurity vendors.

Users: Over 400 million users worldwide across consumer and enterprise products
Employees: Approximately 4,000, with offices across Europe, Asia, and the Americas
Revenue: Estimated $750M+ annually (private company, not publicly disclosed)
Products: Consumer antivirus, enterprise endpoint security, threat intelligence, industrial security, VPN
Reputation (pre-controversy): Routinely praised by independent labs; was a top-3 consumer AV product globally

The company’s technical credentials are not in doubt. Kaspersky researchers have discovered and documented some of the most sophisticated cyberattacks ever found, including Stuxnet (the US/Israel cyberweapon targeting Iranian nuclear centrifuges), the Equation Group tools (later attributed to the NSA), and numerous advanced persistent threat (APT) campaigns. Kaspersky has been, in many ways, the most technically capable threat intelligence operation in the private sector.

That technical capability is both its selling point and the heart of the controversy: a company with this level of deep access to global computer systems and intelligence about cyberattacks is an enormous asset — or an enormous risk — depending entirely on whose interests it serves.

The Geopolitical Controversy: What Actually Happened

The concerns about Kaspersky are not rumors or speculation. They have resulted in formal government actions across multiple Western democracies. Here is a factual account of what has happened:

2017: US DHS Government Ban (Binding Operational Directive 17-01)

In September 2017, the US Department of Homeland Security issued Binding Operational Directive 17-01, ordering all federal agencies to remove Kaspersky software from government systems within 90 days. The directive cited concern that Kaspersky’s close ties to the Russian government posed a security risk to US federal systems.

At the time, this affected only US government networks — private citizens and businesses were not affected. Kaspersky denied any wrongdoing and protested the decision.

2017–2018: The NSA Contractor Incident

Reports emerged — first in the Wall Street Journal and later in other outlets — that Russian intelligence had used Kaspersky antivirus software installed on a US NSA contractor’s home computer to identify and exfiltrate classified NSA hacking tools. The claim was that Kaspersky’s cloud-based threat detection, which routinely uploads suspicious files for analysis, had been leveraged (or actively exploited) to search for and retrieve classified US government code.

Kaspersky conducted its own investigation, acknowledged that its software had detected and uploaded files from the contractor’s machine, and stated this happened because the contractor had disabled real-time protection and later re-enabled it while classified files were present. Kaspersky stated it deleted the files when it realized what they were and found no evidence that Russian intelligence had accessed its systems.

The US government and security community remained unconvinced. The episode illustrated the core structural concern: antivirus software, by design, has deep OS access and sends files to cloud servers. Whether or not Kaspersky was complicit, its infrastructure had been in the path of a significant intelligence breach.

2022: Russia’s Invasion of Ukraine — The Turning Point

Russia’s full-scale invasion of Ukraine in February 2022 changed the risk calculus for Western governments. In March 2022:

Germany’s BSI (Federal Office for Information Security) issued a formal warning against using Kaspersky, stating that “a Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on without its knowledge as a victim of a cyber operation, or be misused as a tool for attacks against its own customers.” The BSI recommended replacing Kaspersky with alternative products.
Italy’s National Cybersecurity Agency (ACN) urged Italian public administrations and operators of critical infrastructure to diversify away from Russian software, specifically citing Kaspersky.
The UK’s National Cyber Security Centre (NCSC) issued an alert warning UK organizations — particularly those in sectors sensitive to Russia-Ukraine conflict or supporting Ukraine — to consider the risk of using Russian-controlled products in their supply chains, naming Kaspersky explicitly in guidance to the cybersecurity community.

These warnings did not amount to formal bans for private citizens in those countries, but they represented a serious escalation: multiple NATO-aligned national cybersecurity agencies were officially recommending against Kaspersky use.

2024: The US Commerce Department Sales Ban — The Most Significant Action

In June 2024, the Biden administration’s Commerce Department announced that Kaspersky Lab would be banned from selling its software in the United States, effective September 29, 2024. This was a historic first — the first time the US government had ever used its export control authorities to ban a specific company’s software on national security grounds.

Key details of the 2024 ban:

Scope: Kaspersky is prohibited from selling its software, providing software updates, and licensing its products to US persons and US-based companies.
Effective date: September 29, 2024. After this date, Kaspersky could no longer legally distribute or update its software for US customers.
Existing installations: The ban did not require existing users to immediately remove Kaspersky. However, without updates, any existing installation would become increasingly less effective as its threat database aged and eventually become a security liability in its own right.
Rationale: The Commerce Department cited “the unacceptable risk to US national security or the security and safety of US persons.” Commerce Secretary Gina Raimondo stated: “Russia has shown it has the capacity — and even more than that, the intent — to weaponize Russian companies like Kaspersky to collect and weaponize the personal information of Americans.”
Kaspersky’s response: Kaspersky announced it was shutting down its US operations and laid off US-based employees. The company denied any wrongdoing and stated the decision was politically motivated.

For US residents, this ban settles the question: Kaspersky is not a legal purchase through official channels in the United States as of late 2024. Any installer you find may be an outdated version without current threat updates. Don’t use it if you’re in the US.

What the Structural Risk Actually Is

To be precise about the nature of the risk, because there is a difference between demonstrated malicious behavior and structural/regulatory risk:

What antivirus software does on your machine: Modern antivirus operates at a very deep level — kernel-level drivers, access to all files and processes, interception of network traffic, and continuous cloud connectivity. When Kaspersky (or any antivirus) scans your machine, it has access to everything: your documents, passwords stored in browsers, encryption keys, communication content, and behavioral data about how you use your computer.

What cloud connectivity means: Kaspersky, like most modern AV products, uses cloud-based threat intelligence. Suspicious files and behavioral patterns are uploaded to Kaspersky’s servers for analysis. This is a legitimate and important security function — it enables rapid detection of zero-day threats. But it also means Kaspersky’s servers routinely receive copies of files and behavioral data from your machine.

The Russian legal environment: Russia’s Federal Security Service (FSB) can, under Russian law, compel Russian companies to provide access to their infrastructure, data, and systems. Unlike in democratic countries where such orders require judicial oversight and can be legally challenged, Russian companies have very limited ability to resist FSB demands. This is the structural concern: even if Kaspersky’s leadership has no intention of cooperating with Russian intelligence operations, the legal framework in Russia could compel them to do so, and they might not be legally permitted to tell users about it.

What Kaspersky says: Kaspersky has consistently and strongly denied any government cooperation or backdoors. The company launched a “Global Transparency Initiative” in 2017, which includes:

Moving its core data processing infrastructure for European, North American, and Asia-Pacific users to data centers in Zurich, Switzerland
Establishing Transparency Centers in Zurich, Madrid, São Paulo, and Kuala Lumpur where qualified cybersecurity professionals can review Kaspersky’s source code, threat detection rules, and software updates
Subjecting its software builds to third-party independent verification by TÜV Austria
Bug bounty programs and engagement with the cybersecurity research community

These are substantive steps that demonstrate genuine commitment to transparency. The question of whether they are sufficient is ultimately one of risk tolerance rather than a purely technical question.

The core rebuttal to Kaspersky’s transparency efforts is that moving servers to Switzerland doesn’t remove Russian legal jurisdiction over the company itself. FSB can compel Kaspersky’s engineers in Moscow to push a malicious update; the Zurich data center location doesn’t change that vector. No amount of code audits can guarantee future behavior if the company can be legally compelled to behave differently.

Kaspersky’s Technical Performance: Where the Product Excels

Setting aside the geopolitical dimension entirely — which is difficult but necessary to evaluate the product fairly — Kaspersky is a genuinely excellent security product. The independent lab data is consistent and unambiguous.

AV-TEST Results

AV-TEST is one of the most respected independent antivirus testing laboratories, testing products against tens of thousands of malware samples across three categories: Protection, Performance, and Usability. Scores are awarded out of 6.0.

Kaspersky’s consistent AV-TEST performance:

Protection: 6.0/6.0 — consistently scores in the highest tier. Detection rates against both widespread malware and zero-day attacks are at or near 100%.
Performance: 6.0/6.0 — minimal system impact across testing scenarios including web browsing, software installation, file operations, and application launches. One of the lightest-footprint full-featured AV products tested.
Usability: 6.0/6.0 — very low false positive rates. Kaspersky rarely flags legitimate software or websites as threats, which is important for daily usability.

Kaspersky has achieved AV-TEST’s coveted “TOP PRODUCT” designation repeatedly, placing it in the same tier as Bitdefender and ESET as the most consistently top-rated products.

AV-Comparatives Real-World Protection Test

AV-Comparatives conducts a Real-World Protection Test that simulates actual user encounters with malicious content — visiting infected websites, downloading malware from real URLs, and executing potentially dangerous files. This is arguably the most practically relevant test.

Kaspersky consistently places in the top 3 products in this test. In recent rounds, Kaspersky’s block rate has been 99.9%+ with very few missed threats. Competitors like Bitdefender, F-Secure, and ESET occupy similar positions at the top of the rankings.

SE Labs Testing

SE Labs uses a somewhat different methodology, testing products against targeted attack chains rather than just individual malware samples. Kaspersky consistently achieves “AAA” ratings in SE Labs consumer testing — the highest classification. This further validates Kaspersky’s detection capability against sophisticated, multi-stage attacks.

Ransomware Protection

Kaspersky includes a dedicated anti-ransomware component that monitors for ransomware-like behavior (mass file encryption) and can automatically roll back changes using local backup copies of affected files. This behavioral component adds a layer of protection beyond signature-based detection. In testing by independent labs and security journalists, Kaspersky’s ransomware rollback has worked reliably.

Anti-Phishing

Kaspersky’s anti-phishing engine — delivered through a browser extension — is highly rated. In phishing-specific testing, Kaspersky detects phishing pages at rates competitive with the best in the industry. The Safe Money browser extension (available on paid plans) provides a hardened browser environment for financial transactions.

Zero-Day Detection

Kaspersky’s threat intelligence capabilities — built on decades of research and 400 million endpoints providing telemetry — give it exceptional zero-day detection. The company’s Global Research and Analysis Team (GReAT) is one of the most respected threat research teams in cybersecurity. Their cloud-based threat intelligence network provides near-real-time protection against emerging threats. In AV-TEST zero-day detection testing, Kaspersky regularly achieves 99–100% detection rates.

Kaspersky Product Lineup and Pricing (2026)

Note: Kaspersky products are not available for purchase by US residents following the September 2024 sales ban. Pricing below applies to jurisdictions where Kaspersky remains available. Prices may vary by region and are approximate.

Kaspersky Standard

Price: ~$29.99/year (3 devices), ~$39.99/year (5 devices)
Platforms: Windows, Mac, Android, iOS
Core features: Real-time malware protection, anti-phishing, Safe Kids (parental controls basic), limited VPN (300MB/day)
Best for: Single-person households wanting solid baseline protection

The Standard tier is essentially an updated version of what was historically called “Kaspersky Anti-Virus” for Windows plus mobile coverage. The 300MB/day VPN limit is sufficient for light privacy use but not streaming or heavy browsing.

Kaspersky Plus

Price: ~$49.99/year (3 devices), ~$59.99/year (5 devices)
Everything in Standard, plus: Unlimited VPN, Password Manager (premium), Performance Optimizer, backup features
Best for: Users who also want VPN coverage and a password manager

The Plus plan represents good value if you’d otherwise purchase a VPN separately. The bundled VPN (Kaspersky VPN Secure Connection) is capable — fast, no-logs policy claimed, covers 80+ countries. The same structural concerns about Kaspersky apply to the VPN as to the antivirus: traffic passes through Kaspersky’s infrastructure.

Kaspersky Premium

Price: ~$74.99/year (5 devices), ~$99.99/year (10 devices)
Everything in Plus, plus: Identity protection, dark web monitoring, data leak checker, priority support, premium parental controls
Best for: Families, or individuals who want comprehensive identity monitoring alongside security

The Premium tier competes with Norton 360 Premium. The identity protection features (dark web monitoring, identity theft alerts) are meaningful additions. However, if identity monitoring is your primary concern, consider whether you want that data flowing through Kaspersky’s infrastructure given the broader concerns outlined in this review.

Kaspersky VPN: What You Need to Know

Kaspersky VPN Secure Connection is bundled with Kaspersky Plus and Premium plans. On the Standard plan, you receive a limited 300MB/day of VPN data. The VPN is a separate application built on AES-256 encryption and uses the OpenVPN and WireGuard protocols.

Technical Specs

Encryption: AES-256
Protocols: OpenVPN (TCP/UDP), WireGuard, Hydra (proprietary Hotspot Shield protocol on some platforms)
Servers: 80+ countries, hundreds of servers
Logging policy: Claims no-logs policy (no browsing history, no traffic data)
Kill switch: Yes, available on Windows and Android
Speed: Good — competitive with mid-tier standalone VPNs in speed tests
Streaming: Can unblock Netflix and other streaming services in testing (results vary)

The VPN Caveat

The same structural concern that applies to Kaspersky’s antivirus applies to its VPN. A VPN routes all your internet traffic through the provider’s servers. If you’re using Kaspersky VPN because you have privacy concerns about your ISP or government, routing that traffic through Kaspersky’s infrastructure exposes you to the same structural risk you may be trying to avoid.

For privacy-focused users in the US or EU, standalone VPN providers with clearer jurisdictional independence (Mullvad in Sweden, ProtonVPN in Switzerland, ExpressVPN in the British Virgin Islands) are worth considering as separate products rather than bundling with Kaspersky.

System Performance: Does Kaspersky Slow Down Your Computer?

This is one area where Kaspersky earns nothing but praise. AV-TEST’s performance scoring measures the real-world impact of security software on tasks including:

Downloading files from the internet
Visiting websites
Launching frequently used applications
Installing and removing software
Copying files locally and across networks
Archiving and unarchiving files

Kaspersky consistently scores 6.0/6.0 on performance — it causes less slowdown than the industry average across all of these categories. On modern hardware (Intel/AMD quad-core or better, 8GB+ RAM), Kaspersky is essentially invisible in normal use.

Kaspersky has invested heavily in making its scanning engine efficient. The company uses a combination of lightweight local signatures, behavioral heuristics, and cloud-based analysis to minimize what needs to happen on-device. Files it hasn’t seen before get cloud-checked; files it recognizes as safe get fast-pathed through without deep scanning.

The installer is clean — no bundled browser toolbars, no attempts to change your default search engine, no crapware. The software simply installs, runs, and gets out of your way.

Kaspersky vs. Competitors

Kaspersky vs. Bitdefender

The most direct technical comparison is with Bitdefender, which consistently matches Kaspersky at the top of independent lab rankings.

Feature	Kaspersky	Bitdefender
AV-TEST Protection	6.0/6.0	6.0/6.0
AV-TEST Performance	6.0/6.0	6.0/6.0
Real-world detection	Top 3	Top 3
False positive rate	Very low	Very low
Geopolitical concerns	Significant (US ban, EU warnings)	None (Romania-based, EU company)
VPN included	Yes (Plus+)	Yes (200MB/day free; paid premium)
Entry price (3 devices)	~$29.99/yr	~$29.99/yr
Jurisdiction	Russia	Romania (EU)

Verdict: For US and EU users, Bitdefender offers nearly identical technical protection with zero geopolitical concerns and is the clear choice. There is no meaningful technical reason to prefer Kaspersky over Bitdefender for Western users.

Kaspersky vs. Norton 360

Feature	Kaspersky Premium	Norton 360 Deluxe
Detection rates	Excellent (6/6)	Excellent (6/6)
Identity protection	Good	Industry-leading (LifeLock integration)
VPN	Unlimited (Plus+)	Unlimited
Price (~5 devices)	~$74.99/yr	~$99.99/yr (with LifeLock)
Geopolitical risk	Significant	None (US-based Gen Digital)
Performance impact	Very light	Light

Verdict: For identity protection as the priority, Norton’s LifeLock integration is industry-leading and Kaspersky can’t match it. For US users in particular, Norton is the premium-tier recommendation.

Kaspersky vs. Windows Defender

Windows Defender (Microsoft Defender Antivirus), built into Windows 10 and 11, has improved dramatically over the past decade. AV-TEST consistently rates it highly, though it doesn’t quite match Kaspersky’s peak detection rates.

Feature	Kaspersky Standard	Windows Defender
AV-TEST Protection	6.0/6.0	5.5–6.0/6.0 (varies)
False positives	Very low	Low-moderate (slightly higher)
System impact	Very light	Very light
Cost	~$29.99/yr	Free (built in)
VPN	300MB/day	No
Geopolitical risk	Significant	None (Microsoft, US company)

Verdict: For US users who don’t want to pay for antivirus, Windows Defender has become genuinely good. It won’t match Kaspersky’s peak detection numbers, but the gap is smaller than it once was, and Windows Defender has no geopolitical concerns whatsoever. If you’re not in a high-risk threat environment, Windows Defender is a reasonable choice.

Kaspersky vs. Malwarebytes

Malwarebytes occupies a different niche — it’s primarily a malware removal and remediation tool rather than a full real-time AV suite, though its Premium tier includes real-time protection. Malwarebytes is particularly useful for cleaning up infected machines and for targeted threat removal that traditional AV might miss.

In AV-TEST’s independent testing, Malwarebytes doesn’t match Kaspersky for detection rates. It’s not a direct replacement. However, many security professionals recommend running Malwarebytes alongside Windows Defender as a complementary second layer — it catches different threat types and its on-demand scanning is excellent. No geopolitical concerns; Malwarebytes is a US company based in California.

Installation and User Experience

Installation Process

Kaspersky’s installer is straightforward. The download is around 200MB, and installation completes in 3–5 minutes on a modern machine. The installer does not attempt to install browser toolbars, change your default search engine, or bundle unrelated software — a refreshingly clean approach compared to some competitors.

During installation, you’re asked to accept the End User License Agreement and Privacy Policy, which includes detailed information about what data Kaspersky collects and transmits. Worth reading, particularly the sections about cloud-based file scanning — it explains exactly what gets uploaded for analysis.

Main Interface

Kaspersky’s main dashboard is clean and intuitive. The home screen shows your protection status with a clear color indicator (green = protected, red = action required). Key functions are accessible from the main panel without needing to dig through menus:

Quick scan, full scan, custom scan
Update threat database manually
VPN toggle (on Plus and above)
Password Manager access
Performance optimization tools

The interface is available in multiple languages and feels modern without being cluttered. Advanced settings are accessible for power users who want to customize scan schedules, exclusions, or network settings.

Mobile Apps

Kaspersky’s mobile apps for Android and iOS are polished and functional:

Android: Full real-time malware scanning, app scanning, anti-theft features, VPN, call filter. Android is genuinely vulnerable to malware (unlike iOS), so a real security app matters here.
iOS: Safari protection against phishing and malicious websites, VPN, private browsing monitoring, identity theft alerts. iOS’s sandbox architecture prevents deep AV scanning, so the iOS app is more of a privacy/phishing guard than a traditional antivirus.

Customer Support

Kaspersky offers 24/7 live chat, phone support, and a comprehensive knowledge base. In our experience and based on user reviews, response times are generally good and support agents are knowledgeable. Premium plan subscribers get priority support.

One note: with the company’s retreat from the US market in 2024 and workforce reductions, the quality of English-language support for users outside the US may have changed. Verify support availability in your region before purchasing.

Who Should Use Kaspersky in 2026?

People Who Should Not Use Kaspersky

This is a long list, and it’s important:

US residents: The formal Commerce Department sales ban makes this a non-starter. You cannot legally purchase new Kaspersky licenses through official channels in the US. Any existing installation will eventually go stale without updates, becoming a security risk itself. Switch to Bitdefender, Norton, or Windows Defender.
US government contractors or security clearance holders: The 2017 DHS ban on government systems, and the general security culture around cleared work, makes Kaspersky incompatible with this work environment regardless of your personal opinion on the controversy.
EU government employees or those in regulated industries: Germany’s BSI, Italy’s ACN, and the UK’s NCSC have all issued formal warnings. If you work for a government agency, a regulated financial institution, critical infrastructure, or a defense contractor in any EU country, your employer’s security policies almost certainly prohibit Kaspersky — and if they don’t, they should.
Journalists, activists, dissidents, or NGO workers: If your work involves information that could be of interest to Russian intelligence — investigations into Russian entities, human rights work, political opposition, pro-Ukraine activities — do not install Kaspersky. The potential downside is too severe.
Anyone who wants zero uncertainty: If you’re not comfortable with even a theoretical risk of your security software having some connection to a foreign government, Kaspersky is not for you — and that’s a completely reasonable position.

Who Might Reasonably Consider Kaspersky

Personal users outside the US/EU in low-risk jurisdictions: If you’re in Southeast Asia, Latin America, or parts of the Middle East where the US government ban doesn’t apply and your data isn’t sensitive from a Russian intelligence perspective, you’re looking at a technically excellent product at a fair price.
Security researchers: Understanding how Kaspersky works, testing it in isolated environments, or evaluating it for professional purposes is legitimate. The product’s technical quality makes it worth studying.
Users in countries with complex geopolitical alignments: The risk calculus looks very different from, say, Budapest or Belgrade than it does from Brussels or Boston. If your local threat environment includes adversaries that Kaspersky’s intelligence capabilities specifically help defend against, the trade-off calculus changes.

Alternatives to Kaspersky for US and EU Users

If you’re in the US or EU and were considering Kaspersky, here are the strongest alternatives, each with no geopolitical concerns:

Bitdefender Total Security — Best Overall

Price: ~$39.99/yr (5 devices)
Why: Matches Kaspersky in independent lab scores, very light system impact, includes VPN, Romanian company (EU jurisdiction), no government concerns
Best for: Most users who want the closest technical equivalent to Kaspersky with zero geopolitical risk

Norton 360 with LifeLock — Best Identity Protection

Price: ~$99.99/yr (5 devices with LifeLock)
Why: Best identity theft protection in the industry, excellent AV detection, US-based company, unlimited VPN included
Best for: US users who want comprehensive identity monitoring alongside security

ESET NOD32 — Best for Power Users

Price: ~$39.99/yr (3 devices)
Why: Slovak company (EU jurisdiction), highly configurable, very low false positive rate, excellent detection against targeted attacks
Best for: Tech-savvy users who want fine-grained control over their security software

Malwarebytes Premium — Best for Remediation

Price: ~$44.99/yr (5 devices)
Why: Particularly strong at cleaning up existing infections, low false positive rate, US company
Best for: Complementary second-layer protection alongside Windows Defender, or users who want excellent malware removal capability

Windows Defender — Best Free Option

Price: Free (built into Windows 10/11)
Why: Genuinely good protection in recent years, zero additional cost, zero geopolitical concerns, Microsoft-managed
Best for: Budget-conscious users, users who don’t want to manage additional software, those in lower-risk threat environments

Kaspersky’s Global Transparency Initiative: Does It Help?

Kaspersky launched its Global Transparency Initiative (GTI) in 2017 in direct response to US government concerns. The GTI is the most substantive thing Kaspersky has done to address trust concerns, and it deserves a fair evaluation.

What the GTI Includes

Data processing relocation: Kaspersky has moved core data processing for European, North American, and Asia-Pacific users to data centers operated by TÜV SÜD in Zurich, Switzerland. User data and threat statistics from these regions are stored and processed in Switzerland, not Russia.
Transparency Centers: Physical facilities in Zurich, Madrid, São Paulo, and Kuala Lumpur where qualified security professionals can review Kaspersky source code, threat detection rules, and the software update process under controlled conditions.
Third-party audits: TÜV Austria conducts regular audits of Kaspersky’s software build chain, verifying that what ships to users matches what’s in the Transparency Centers. The audits check that updates are signed correctly and that the build process hasn’t been tampered with.
Bug bounty program: Kaspersky runs an active bug bounty that pays security researchers for discovering vulnerabilities, with payouts up to $100,000 for critical findings.

What the GTI Doesn’t Address

The GTI is a genuine and substantive effort. But it has a fundamental limitation that Kaspersky’s critics point to:

Moving data centers to Switzerland means data at rest is governed by Swiss law, not Russian law. This is meaningful — Swiss data protection law is among the strongest in the world, and Switzerland has a track record of resisting US government data requests (unlike, say, cloud providers operating under US jurisdiction).

However, it does not change Russian legal jurisdiction over Kaspersky’s engineers in Moscow. If the FSB compels Kaspersky to push a malicious software update — through either legal coercion or by inserting itself into Kaspersky’s development pipeline — the fact that the resulting data ends up processed in Zurich doesn’t prevent the attack from succeeding. The build process would need to be compromised at the source, before it reaches the infrastructure covered by the Swiss data center and TÜV audit.

This isn’t a criticism of Kaspersky’s transparency efforts, which are meaningful and go further than most companies. It’s simply a statement of the limits of what technical and legal measures can accomplish when the underlying concern is about government compulsion in a country without rule of law protections comparable to Western democracies.

Frequently Asked Questions

Is Kaspersky Antivirus safe to use?

For users in the US: no, you should not use it — the formal sales ban makes it legally problematic to purchase, and without updates the software will become ineffective. For users in EU countries with government or compliance connections: avoid it based on formal government warnings from Germany’s BSI, Italy’s ACN, and the UK’s NCSC. For personal users in other jurisdictions who understand and accept the structural risk: the technical security product is excellent and functions as advertised.

Can I still use Kaspersky if I already have it installed in the US?

After September 2024, Kaspersky has been unable to provide software updates or new license renewals to US customers. This means any existing Kaspersky installation in the US is gradually becoming less effective as its malware database ages. We strongly recommend transitioning to an alternative — Bitdefender or Norton being the closest technical equivalents — as soon as possible. An outdated antivirus is actively worse than Windows Defender, which continues to receive updates from Microsoft.

Has Kaspersky actually been caught spying on users?

The technical evidence of deliberate malicious behavior by Kaspersky is disputed. The 2017 NSA contractor incident involved Kaspersky’s cloud scanning functionality uploading files that turned out to be classified — Kaspersky acknowledged this happened and stated it deleted the files, but denied any deliberate cooperation with Russian intelligence. Independent cybersecurity researchers have not found conclusive evidence of backdoors or deliberate data exfiltration. The concern is structural (what Kaspersky could be compelled to do) rather than a documented case of what Kaspersky has done.

Is Kaspersky Free still available?

Kaspersky offered a free antivirus tier in some markets. Following the 2024 US sales ban, this is no longer available to US residents. In other regions, availability varies. All the same structural concerns apply to the free version as to paid tiers — the free version still communicates with Kaspersky’s servers and has the same level of system access.

What should I use instead of Kaspersky?

For US users: Bitdefender Total Security (closest technical match, EU-based), Norton 360 (best identity protection, US-based), or Windows Defender (free, built in, genuinely good). For EU users in regulated industries: Bitdefender or ESET. For budget-conscious users anywhere: Windows Defender has become genuinely capable and is free.

Does the US sales ban mean Kaspersky is definitively proved to be malicious?

No. The US government’s actions are precautionary based on structural risk assessment, not a finding of specific malicious acts. The Commerce Department cited the capacity and potential intent to weaponize Kaspersky, not documented proof that it has been used as a weapon. That said, precautionary government bans from multiple Western democracies are significant signals that shouldn’t be dismissed as purely political.

Final Verdict

Kaspersky Antivirus sits in an unusual and uncomfortable position: it is one of the technically best security products available, built by some of the most capable cybersecurity researchers in the world, and it is also genuinely inadvisable for a large portion of the global market because of where that company is headquartered and what that means in the current geopolitical environment.

This review doesn’t resolve that tension — it documents it. If you’re in the US, the decision is made for you: the sales ban means you can’t legally buy it and your existing install will stop receiving updates. If you’re in Western Europe with any connection to government or regulated industries, the consistent advice from your own country’s cybersecurity agencies is to avoid it. If you’re a personal user in another part of the world, you’re looking at an excellent security product at fair prices — make the call knowing the structural risk.

The overall rating of 3.5/5 reflects this tension. Technically, as a pure security product, this would be a 4.6–4.8 out of 5 — one of the best available. As a recommendation accounting for the realistic universe of users who will read this review, most of whom are in the US or Western Europe, the geopolitical risk reduces it to something we can’t recommend broadly.

For the majority of readers: use Bitdefender. It’s the closest you’ll get to Kaspersky’s technical quality with none of the complications.

[sc_affiliate_disclosure]