🛡ThreatRated
Best VPNs →

How we work

Our Methodology

ThreatRated reviews are written by a CISSP-certified security architect with 13+ years of enterprise security experience. Every product is evaluated against a consistent framework — not marketing claims.

Who writes the reviews

All reviews are authored by a single security architect with hands-on experience across financial services, law enforcement, and Fortune 500 environments. Prior roles include threat intelligence at Palo Alto Networks Unit 42 and SOC operations supporting the NYPD. Certifications held: CISSP, Security+, AWS Cloud Practitioner.

No content is outsourced. No AI-generated reviews. Every Security Architect Take is a genuine assessment based on real-world deployment experience and architecture-level analysis.

Scoring criteria

Each product is scored on four dimensions rated 1–10:

Security

Encryption implementation, key derivation, audit history, vulnerability disclosure practices, and trust chain integrity.

Privacy

Jurisdiction risk, logging policy, telemetry collection, data selling practices, and third-party data sharing.

Performance

Real-world speed impact, resource usage, and reliability under normal operating conditions.

Value

Price relative to security posture, feature set, and competitive alternatives at the same price point.

How affiliate relationships work

ThreatRated earns commissions when readers purchase products through affiliate links on this site. These commissions fund independent research and keep the site ad-free.

Affiliate relationships have zero influence on rankings or scores. Products are ranked purely on their security merits. Several top-ranked products (including Windows Defender and Bitwarden Free) pay no affiliate commission at all.

If a product's affiliate commission rate changed tomorrow, its score and ranking would not change. The scoring is completed before affiliate arrangements are considered.

Update cadence

All comparison pages are reviewed and updated monthly. Individual scores are revised when a product releases a significant update, completes a new audit, experiences a breach, or materially changes its pricing or privacy practices.

Each page displays the month and year it was last reviewed. If you notice outdated information, contact us and we will prioritize a review.

What we do not do

  • Accept payment for placement or favorable reviews
  • Allow vendors to review or edit content before publication
  • Rank products based on affiliate commission rates
  • Publish AI-generated or outsourced review content
  • Accept free product licenses in exchange for coverage