Posted on : June 3, 2025 By Tech World Times Technology  Rate this post This article walks you through five practical steps to implement network segmentation effectively, backed by real-world use cases that showcase its value in different industries. Networks are constantly expanding across offices, cloud services, remote users, and connected devices. With so many moving parts, security gaps can easily form. Once attackers breach a weak point, they often move freely across the network, targeting critical systems and sensitive data. That’s where network segmentation comes in. It’s a practical approach to divide your network into smaller, manageable zones to control access, limit exposure, and isolate threats before they spread. But simply deploying VLANs or access rules isn’t enough. True segmentation needs planning, alignment with your business, and the right mix of technology. Step 1: Assess and Map Your Current Network Start by figuring out what’s on your network and how it communicates. Inventory Devices and Applications: List all system servers, user machines, IoT devices, cloud assets. Map Data Flows: Understand how applications and services interact. Which systems talk to each other? What ports and protocols are used? Identify Critical Assets: Highlight the systems that handle sensitive data, such as payment processing, health records, or intellectual property. Tip: Network discovery tools or NAC solutions can automate asset inventory and reveal communication paths you might miss. Step 2: Define Segmentation Goals and Policies Once you understand your environment, it’s time to set your objectives. Security Objectives: Do you want to reduce lateral movement, isolate sensitive systems, or meet a compliance mandate? Business Alignment: Segment by business unit, sensitivity of data, or risk profile-whatever makes the most operational sense. Compliance Requirements: PCI DSS, HIPAA, and other standards often require network segmentation. Example: A healthcare provider might create separate zones for patient records, lab equipment, guest Wi-Fi, and billing systems. Step 3: Choose the Right Segmentation Method Segmentation can be done in several ways. The right approach depends on your infrastructure goals and types: a. Physical Segmentation Use separate routers, switches, and cables. This offers strong isolation but can be costly and harder to scale. b. Logical Segmentation (VLANs/Subnets) Group devices into virtual segments based on function or department. It’s efficient and easier to manage in most environments. c. Micro segmentation Control access at the workload or application level using software-defined policies. Ideal for cloud or virtualized environments where you need granular control. d. Cloud Segmentation In the cloud, segmentation happens using security groups, VPCs, and IAM roles to isolate workloads and define access rules. Use a combination- VLANs for broader segmentation and micro segmentation for finer control where it matters. Step 4: Implement Controls and Monitor Traffic Time to put those policies into action. Firewalls and ACLs: Use access controls to manage what can move between zones. Block anything that isn’t explicitly allowed. Zero Trust Principles: Never assume trust between segments. Always validate identity and permissions. Monitoring and Alerts: Use your SIEM, flow monitoring tools, or NDR platform to watch for unusual traffic or policy violations. Common Pitfall: Avoid “allow all” rules between segments, it defeats the purpose. Step 5: Test, Validate, and Fine-Tune Even a well-designed segmentation plan can have gaps. Regular validation helps ensure it works as expected. Penetration Testing: Simulate attacks to check if boundaries hold. Review Policies: Business needs to change your segmentation strategy too. Performance Monitoring: Make sure segmentation doesn’t impact legitimate operations or application performance. Automation tools can help simplify this process and ensure consistency. Real-World Use Cases of Network Segmentation 1. Healthcare – Protecting Patient Data and Devices Hospitals use segmentation to keep medical devices, patient records, and visitor Wi-Fi on separate zones. This prevents an infected guest device from interfering with critical systems. Result: Reduced attack surface and HIPAA compliance. 2. Manufacturing – Isolating Industrial Systems Production environments often have fragile legacy systems. Segmenting OT (Operational Technology) from IT ensures ransomware or malware doesn’t disrupt manufacturing lines. Result: More uptime and fewer operational risks. 3. Finance – Securing Payment Systems Banks and payment providers use segmentation to isolate cardholder data environments (CDE) from the rest of the corporate network. This helps meet PCI DSS and keeps sensitive data protected. Result: Easier audits and stronger data security. 4. Education – Managing High-Volume BYOD Traffic Universities segment student Wi-Fi, research labs, and administrative systems. This keeps a vulnerable student device from spreading malware to faculty or internal systems. Result: Safer environment for open access campuses. 5. Cloud – Segmenting Apps and Microservices In the cloud, developers use security groups, VPCs, and IAM roles to isolate applications and limit who can access what. This reduces risk if one workload is compromised. Result: Controlled access and better cloud hygiene. Common Challenges Legacy Tech: Older devices may not support modern segmentation. Lack of Visibility: Hard to secure what you don’t know exists. Operational Hiccups: Poorly planned segmentation can block business workflows. Policy Complexity: Keeping access rules up to date across dynamic environments takes effort. Best Practices Start with High-Risk Areas: Prioritize zones handling sensitive data or vulnerable systems. Keep Documentation Updated: Maintain clear diagrams and policy records. Align Teams: Get buy-in from IT, security, and business units. Automate Where You Can: Especially for monitoring and policy enforcement. Review Regularly: Networks evolve- so should your segmentation. Final Thoughts Segmentation isn’t about creating walls it’s about building smart pathways. Done right, it helps you take control of your network, reduce risk, and respond faster when something goes wrong. It’s a foundational layer of cybersecurity that pays off in resilience, compliance, and peace of mind. About the Author: Prajwal Gowda is a cybersecurity expert with 10+ years of experience. He has built businesses and was a Business Unit Head for Compliance and Testing services. Currently, he is the Chief Technology Officer at Ampcus Cyber, leading the company’s technology strategy and innovation efforts. He has also been involved in the Payment Card Industry, Software Security Framework, ISO 27001 Controls Gap Analysis, ISMS, Risk Analysis, OCTAVE, ISO 27005, Information Security Audit and Network Security. Prajwal is a Master Trainer who has conducted 100+ cybersecurity training sessions worldwide. Tech World TimesTech World Times (TWT), a global collective focusing on the latest tech news and trends in blockchain, Fintech, Development & Testing, AI and Startups. If you are looking for the guest post then contact at techworldtimes@gmail.com

F1 25 is a near-perfect mix of realism and playability that offers much of the drama from the real-life sport and a sprinkling of fiction and, uh, Brad Pitt just becauseTech18:11, 02 Jun 2025This year's game looks better than everIn many ways, writing an F1 25 review should be the easiest of this year’s critical assessments. Codemasters is legendary for its commitment to digital recreations of automotive competition (I’ve been playing its games since TOCA on the PS1 ), and having the F1 licence means it’ll always be cutting-edge in terms of racers, tracks, and more.If you’re an F1 fan, you’ve almost certainly already bought it, and while non-fans of sports games will baulk at paying for a “roster update” each year, Codemasters simply refuses to coast, keeping its foot firmly on the gas and moving from last year’s podium finish to Championship-winning form with this year’s entry.‌Conditions can be treacherous‌Last year’s F1 24 was easily one of the most impressive games to look at on PS5 Pro, and while Codemasters had talked a good game about visual fidelity , I wasn’t sure it would be able to take much of a realistic step beyond.And yet, F1 25 is frequently stunning. In motion, it’s hard to see anything wholly new, but that’s more down to the speed at which you’ll be taking corners of meticulously detailed tracks. Slow things down a tad, though, and you’ll find things a little less sterile than they had been.Whereas F1 24 circuits felt a little too clean at times, there’s a little more dirt here and there, more wear on the track, and even correctly identified tree species in tracks that have been scanned via LiDAR.Article continues belowIt’s likely an ongoing process, with Bahrain, Miami, Melbourne, Suzuka and Imola getting the scanned treatment so far, but it’s an impressive taste of what’s to come and could mean upcoming games look even better.On track, the handling model feels much breezier. You can still crank up the difficulty by leaving the assists in the pits, but cars feel more responsive than ever.You’ll need that, too, because some tracks can be driven in reverse (complete with mirrored pit lanes).‌You can still race, but you'll pick one of your stars to "follow" for the weekendThe crown jewel of this year’s entry, however, is My Team. The mode has always been solid, but lacking in ambition, but this year sees Codemasters really go to town on its underlying machinery.While you’ll no longer be some team owner/driver hybrid superstar like Tony Stark in Iron Man 2, that adds an interesting new flavour to the mode. You’ll start as boss of an existing team or form your own, and then hire drivers, work to improve your car, and try to woo sponsors.‌Because you’re no longer racing yourself, there are more magnanimous decisions to be made about car parts. Research costs time, manufacturing costs money, and then you’re left to decide which of your racers gets the added boost.Consistently upsetting one can see them look elsewhere, while you can plan for next season’s drivers right from the off, making a Lewis Hamilton-esque switch to a rival a pressing concern throughout the year.While much of My Team takes place in menus, they all feel dynamic enough to feel much more enjoyable than you might expect, and while it doesn’t get quite as deep as F1 Manager, it’s still full of potential.‌You can even sneak some star power onto the grid, too, taking the reins of Brad Pitt’s racing team from the upcoming F1 movie , or signing iconic former drivers to build a dream lineup.As an aside, I love that EA is experimenting with things like this in its career modes, especially since EA FC added Icons to its own version. Long may it continue.Konnersport are now vying for titles(Image: EA)‌Another big return this year comes from Braking Point , marking its third instalment. The mode that essentially condenses a season’s worth of drama into playable chunks with a healthy dose of inspiration from Netflix ’s Drive to Survive is back as part of its “one season off, one season on” cadence.It’s packed with sporting cliches and no small amount of cheese, but it humanises a sport that can sometimes feel more focuses on cutting seconds off a lap than it can the drivers doing that work.After years of building a team, Konnersport is finally competing for the Championship, and players can switch between their driver roster to achieve different objectives, and there’s an alternative ending for those willing to commit.Article continues belowF1 25 is the best entry in years, with changes big and small piling up to offer a truly immersive and feature-packed title.My Team will get the plaudits (and rightfully so), but Braking Point’s return and Codemasters’ continued commitment to realism shouldn’t be forgotten.Reviewed on PS5 Pro. Review copy provided by the publisher.‌‌‌

The answer is more complicated than a simple yes or no, but there's some needed context first.

We may earn a commission from links on this page. Deal pricing and availability subject to change after time of publication.If you’ve been eyeing a lightweight, all-purpose Chromebook for casual work, school, or everyday browsing, this open-box ASUS Chromebook CM30 might be worth a closer look. Currently priced at $179.99 (down from $329.99), it’s one of those mid-range 2-in-1s that doesn’t try to be everything, but nails the basics with enough flair to feel premium. The 10.5-inch WUXGA touchscreen is responsive and sharp, and thanks to the Kompanio 520 processor and 8GB of RAM, general multitasking is smooth, whether you’re juggling docs, Google Meet, or your Spotify tab. ChromeOS keeps things lean and fast, and you also get stylus support for quick notes or digital doodles.It helps that the whole device is wrapped in a sturdy aluminum shell (made with 30% recycled materials), giving it that slightly rugged, school-bag-ready feel without adding bulk. The detachable magnetic keyboard is full-sized and easy to type on, and the included stand cover lets you switch between laptop and tablet mode without a fuss. The battery claims up to 12 hours of life, and while real-world usage may land a bit under that, you’ll still comfortably get through a school or work day without hunting for an outlet (which is really all you can ask from a sub-two-pound machine). Wi-Fi 6 and Bluetooth 5.3 keep connectivity solid, and the Titan C security chip adds a layer of peace of mind.The Chromebook is an “Open Box” model, meaning that the units aren’t brand new—they’re returns or unsold inventory that may show minor signs of handling. You may find stickers or shelf wear on the packaging, but the product itself should be clean and fully functional, with a one-year warranty included. If you’re looking for a 2-in-1 Chromebook that’s not underpowered like budget models but still doesn’t stretch your wallet, this deal should hit that balance. That said, the 128GB eMMC storage isn’t expandable, and there’s only one USB-C port, so those who need lots of peripherals or file space might want to look elsewhere. For everyone else, especially students or remote workers, it’s a solid, sustainable pick.

The 12-year campaign to free Ross Ulbricht — the criminal mastermind behind the Silk Road, the original crypto-enabled dark web mail-order-drug emporium — finally ended in January, when newly-minted second term president Donald Trump officially pardoned the bitcoin criminal.Now, Ulbricht is picking up where he left off, getting his first taste of a world he left behind in 2013 when a federal judge sentenced him to two counts of life in prison, plus 40 years without parole.In sum, Ulbricht's feeling some culture shock. Taking the stage at the Bitcoin 2025 conference in Las Vegas this week, the drug kingpin was agog at the piles of kitschy tech products that had passed him by."When I walked out of prison a few months ago, I’d never seen a drone, used AI, or tried VR. I hadn’t even chatted with AI," Ulbricht marveled. "Now it's all hitting me at once — the freedom, the technology, the fact that I have a future again."He also basked in the glow of the crypto community's love — a parasocial following that lavished his clemency petition with over 600,000 signatures and an astonishing number of right-libertarian micro-celebrity endorsements."You didn't abandon me. You didn't forget me. You wrote me letters. You raised money for my defense. When I was silenced, you spoke up against the slander and the smears," the former dope baron lauded.Keep in mind, this wasn't a political activist jailed for protesting an unjust war, or a whistleblower whose life was destroyed after revealing a massive corporate fraud scheme.This is a guy who made millions selling drugs to teenagers and communities ravaged by the opioid crisis, resulting in at least six overdose deaths that we know of. (Not to mention the hitmen he tried to hire to take out his enemies, though he was unsuccessful.)At its peak in 2013, Ulbricht's Silk Road saw an estimated daily connected user base of 5.5 million. In just two years, it processed some $1.2 billion in illicit sales, according to the Department of Homeland Security.Through transaction fees, the service generated over $80 million worth of Bitcoin. Authorities in 2014 called it the "most sophisticated and extensive criminal marketplace on the internet."Of course, Ulbricht's saving grace isn't some ethical dilemma Trump has over incarceration or judicial mishandling, but the fact that he built Silk Road off the then-nascent blockchain. That single fact has cemented his status as a crypto superstar.For context, out of the 1.2 million citizens incarcerated in the US, over 360,000 of them face charges of nonviolent drug possession.In 2023, there were roughly 870,000 arrests for drug-related charges, the vast majority, or 87.8 percent of which were for drug possession — in other words, for carrying an impossibly tiny fraction of the volume that passed through Ulbricht's drug empire every minute.With his new lease on life, Ulbricht plans on paying it forward — not as an advocate for carceral reform or prison abolition, but to the crypto community of get-rich-quick schemers and granny scammers."With so much speed and chaos, it’s more important than ever to stay true to our principles," he told the crowd of cryptobros. "If we agree that we deserve freedom and that [crypto] decentralization secures it, we can stand together. Have each other’s backs, as you had mine. Freedom, decentralization, unity — stay true to these, and the future is ours."More on crypto: Visitors At This Bitcoin-Heated Spa Are Complaining About Mold and UTIsShare This Article

Swifties have plenty to celebrate on Friday as Taylor Swift announced that she now owns the master recordings of her first six albums after years of trying and failing to buy them. Swift posted the news to her website, explaining that she was able to purchase the original versions of the albums from Shamrock Capital, the private equity firm that bought the recordings from music manager Scooter Braun in 2020 for at least $300 million.  In an emotional letter, Swift called securing her masters a dream come true, describing herself as “endlessly thankful” to Shamrock Capital for handling the deal fairly and offering her the first chance she’s ever been given to buy back her own music. “This was a business deal to them, but I really felt like they saw it for what it was to me: My memories and my sweat and my handwriting and my decades of dreams,” Swift wrote. An uphill battle, even for a billionaire titan of the music industry After two decades “of having the carrot dangled and then yanked away,” Swift admitted that she almost stopped believing that she would ever own the original recordings. “But that’s all in the past now,” Swift wrote. “I’ve been bursting into tears of joy at random intervals ever since I found out that this is really happening. I really get to say these words: All of the music I’ve ever made . . . now belongs . . . to me.” In 2019, Braun acquired Nashville indie record label Big Machine, along with the rights to the albums Swift had recorded there. After Braun’s purchase, Swift stated that she was in no way consulted on the deal and had suffered from “incessant, manipulative bullying” by the industry executive.  “It’s a shame to know that I will now be unable to help grow the future of these past works and it pains me very deeply to be separated from the music I spent over a decade creating,” Swift said after the deal went public. An update on the status of Reputation In light of her struggle to regain control of her own music, Swift set out to rerecord the albums she didn’t own. She began issuing Taylor’s Version updates to her missing catalog albums in 2021, putting out rerecordings of Fearless, Red, Speak Now, and 1989 accompanied by previously unreleased songs. Fans eager for news that Swift had finished rerecording her sixth studio album, Reputation, have plenty to cheer but are still in for a wait. In her announcement, Swift divulged that, “full transparency,” she’s less than a quarter of the way through the process. “To be perfectly honest, it’s the one album in the first 6 that I thought couldn’t be improved upon by redoing it. Not the music, or photos, or videos. So I kept putting it off,” Swift wrote, adding that she’s happy with a now-finished rerecording of her self-titled debut album.  “Those 2 albums can still have their moments to re-emerge when the time is right . . . But if it happens, it won’t be from a place of sadness and longing for what I wish I could have,” Swift wrote. “It will just be a celebration now.”

ExpressVPN is good at its job. It's easy to be skeptical of any service with a knack for self-promotion, but don't let ExpressVPN's hype distract you from the fact that it keeps its front-page promise of "just working." Outside of solid security, the two best things ExpressVPN offers are fast speeds and a simple interface. Our tests showed only a 7% average drop in download speed and a 2% loss of upload speed, worldwide. And while the lack of extra features may frustrate experienced users, it makes for a true set-and-forget VPN on any platform. This isn't to say ExpressVPN is without flaws — it's nearly bereft of customization options and it's notably more expensive than its competition — but it beats most VPNs in a head-to-head matchup. For this review, we followed our rigorous 10-step VPN testing process, exploring ExpressVPN's security, privacy, speed, interfaces and more. Whether you read straight through or skip to the sections that are most important for you, you should come away with all the information you need to decide whether to subscribe. Editors' note: We're in the process of rebooting all of our VPN reviews from scratch. Once we do a fresh pass on the top services, we'll be updating each review with a rating and additional comparative information. Table of contents Findings at a glance Installing, configuring and using ExpressVPN ExpressVPN speed test: Very fast averages ExpressVPN security test: Checking for leaks How much does ExpressVPN cost? ExpressVPN side apps and bundles Close-reading ExpressVPN's privacy policy Can ExpressVPN change your virtual location? Investigating ExpressVPN's server network Extra features of ExpressVPN ExpressVPN customer support options ExpressVPN background check: From founding to Kape Technologies Final verdict Findings at a glance Category Notes Installation and UI All interfaces are clean and minimalist, with no glitches and not enough depth to get lost in Windows and Mac clients are similar in both setup and general user experience Android and iOS are likewise almost identical, but Android has a nice-looking dark mode Speed Retains a worldwide average of 93% of starting download speeds Upload speeds average 98% of starting speeds Latency rises with distance, but global average stayed under 300 ms in tests Security OpenVPN, IKEv2 and Lightway VPN protocols all use secure ciphers Packet-sniffing test showed working encryption We detected no IP leaks Blocks IPv6 and WebRTC by default to prevent leaks Pricing Base price: $12.95 per month or $99.95 per year Lowest prepaid rate: $4.99 per month Can save money by paying for 28 months in advance, but only once per account 30-day money-back guarantee Bundles ExpressVPN Keys password manager and ID alerts included on all plans Dedicated IP addresses come at an extra price ID theft insurance, data removal and credit scanning available to new one-year and two-year subscribers for free 1GB eSIM deal included through holiday.com Privacy policy No storage of connection logs or device logs permitted The only risky exceptions are personal account data (which doesn't leave the ExpressVPN website) and marketing data (which the policy says should be anonymized) An independent audit found that ExpressVPN's RAM-only server infrastructure makes it impossible to keep logs Virtual location change Successfully unblocked five international Netflix libraries, succeeding on 14 out of 15 attempts Server network 164 server locations in 105 countries 38% of servers are virtual, though most virtual locations are accessed through physical servers within 1,000 miles A large number of locations in South America, Africa and central Asia Features Simple but effective kill switch Can block ads, trackers, adult sites and/or malware sites but blocklists can't be customized Split tunneling is convenient but unavailable on iOS and modern Macs Aircove is the best VPN router, albeit expensive Customer support Setup and troubleshooting guides are organized and useful, with lots of screenshots and videos Live chat starts with a bot but you can get to a person within a couple minutes Email tickets are only accessible from the mobile apps or after live chat has failed Background check Founded in 2009; based in the British Virgin Islands Has never been caught selling or mishandling user data Turkish police seized servers in 2017 but couldn't find any logs of user activity Owned by Kape Technologies, which also owns CyberGhost and Private Internet Access A previous CIO formerly worked on surveillance in the United Arab Emirates; no evidence of shady behavior during his time at ExpressVPN Windows Version 12 leaked some DNS requests when Split Tunneling was active Installing, configuring and using ExpressVPN This section focuses on how it feels to use ExpressVPN on each of the major platforms where it's available. The first step for any setup process is to make an account on expressvpn.com and buy a subscription. Windows Once subscribed, download the Windows VPN from either expressvpn.com or the Microsoft Store, then open the .exe file. Click "Yes" to let it make changes, wait for the install, then let your computer reboot. Including the reboot, the whole process takes 5-10 minutes, most of it idle. To finish, you'll need your activation code, which you can find by going to expressvpn.com and clicking "Setup" in the top-right corner. You can install ExpressVPN's Windows app from the Microsoft store, but we found the website more convenient. Sam Chapman for Engadget Extreme simplicity is the watchword for all ExpressVPN's designs. The Windows client's launch panel consists of three buttons and less than ten words. You can change your location or let the app pick a location for you — the "Smart Location" is the server with the best combination of being nearby and unburdened. Everything else is crammed into the hamburger menu at the top left. Here, in seven tabs, you'll find the Network Lock kill switch, the four types of content blockers, the split tunneling menu and the option to change your VPN protocol. You can also add shortcuts to various websites, useful if you regularly use your VPN for the same online destinations. To sum up, there's almost nothing here to get in the way: no delays, no snags, no nested menus to get lost in. It may be the world's most ignorable VPN client. That's not a bad thing at all. Mac ExpressVPN's app for macOS is almost identical in design to its Windows app. The process for downloading and setting it up is nearly the same too. As on Windows, it can be downloaded from the App Store or sideloaded directly from the expressvpn.com download center. Only a few features are missing and a couple others have been added. Split tunneling is gone (unless you're still on a macOS lower than 11), and you won't see the Lightway Turbo setting. ExpressVPN recommends some servers, but it's easy to search the whole list. Sam Chapman for Engadget Mac users do gain access to the IKEv2 protocol, along with the option to turn off automatic IPv6 blocking — Windows users have to leave it blocked at all times. Almost every website is still accessible via IPv4, but it's useful if you do need to access a specific IPv6 address while the VPN is active. Android Android users can download ExpressVPN through the Google Play Store. Open the app, sign in and you're ready to go. The Android app has a very nice dark-colored design, only slightly marred by an unnecessary information box about how long you've used the VPN this week. ExpressVPN's Android app puts a little more information on the screen than it needs to, but still runs well. Sam Chapman for Engadget There's a large button for connecting. Clicking on the server name takes you to a list of locations. On this list, you can either search or scroll and can choose individual locations within a country that has more than one. We connected to as many far-flung server locations as we could, but not a single one took longer than a few seconds. The options menu is organized sensibly, with no option located more than two clicks deep. You will see a couple of options here that aren't available on desktop, the best of which is the ability to automatically connect to your last-used ExpressVPN server whenever your phone connects to a non-trusted wifi network. There are also a few general security tools: an IP address checker, DNS and WebRTC leak testers and a password generator. These are also available on the website, but here, they're built into the app. With the exception of the latter, we'd recommend using third-party testing tools instead — even a VPN with integrity has an incentive to make its own app look like it's working. iPhone and iPad You can only install ExpressVPN's iOS app through the app store. During setup, you may need to enter your password to allow your phone to use VPN configurations. Otherwise, there are no major differences from the Android process. ExpressVPN looks good on iPhone and iPad. Sam Chapman for Engadget The interface is not quite as pleasing as the dark-mode Android app, but it makes up for that by cutting out some of the clutter. The tabs and features are similar, though split tunneling and shortcuts are absent. Also, both mobile apps make customer support a lot more accessible than their desktop counterparts — plus, mobile is the only way to send email support tickets. Browser extension ExpressVPN also includes browser extensions for Firefox and Chrome. These let you connect, disconnect and change server locations without leaving your browser window. It's nice, but not essential unless you have a very specific web browser flow you like. ExpressVPN speed test: Very fast averages Connecting to a VPN almost always decreases your speed, but the best VPNs mitigate the drop as much as possible. We used Ookla's speed testing app to see how much of your internet speed ExpressVPN preserves. For this test, we emphasized the locations ExpressVPN uses for most of its virtual servers, including the Netherlands, Brazil, Germany and Singapore. Some terms before we start: Latency, measured in milliseconds (ms), is the time it takes one data packet to travel between your device and a web server through the VPN. Latency increases with distance. It's most important for real-time tasks like video chatting and online gaming. Download speed, measured in megabits per second (Mbps), is the amount of information that can download onto your device at one time — such as when loading a web page or streaming a video. Upload speed, also measured in Mbps, is the amount of information your device can send to the web at once. It's most important for torrenting, since the amount of data you can seed determines how fast you can download in exchange. The table below shows our results. We conducted this on Windows, using the automatic protocol setting with the Lightway Turbo feature active — a recent ExpressVPN addition that keeps speed more consistent by processing connections in parallel. Server location Latency (ms) Increase factor Download speed (Mbps) Percentage dropoff Upload speed (Mbps) Percentage dropoff Portland, Oregon, USA (unprotected) 18 -- 58.77 -- 5.70 -- Seattle, Washington, USA (best server) 26 1.4x 54.86 6.7% 5.52 3.2% New York, NY, USA 156 8.7x 57.25 2.6% 5.57 2.3% Amsterdam, Netherlands 306 17x 53.83 8.4% 5.58 2.1% São Paulo, Brazil 371 20.6x 53.82 8.4% 5.65 0.9% Frankfurt, Germany 404 22.4x 55.71 5.2% 5.67 0.5% Singapore, Singapore 381 21.2x 52.76 10.2% 5.64 1.0% Average 274 15.2x 54.71 6.9% 5.61 1.6% These are extremely good results. ExpressVPN is a winner on both download and upload speed. No matter where we went in the world, we never lost more than about 7% of our download speeds, and upload lost an astoundingly low average of 2%. This suggests that ExpressVPN deftly distributes its user load between servers to eliminate bottlenecks. This Ookla speedtest shows you can still get fast internet while connected to ExpressVPN -- our unprotected speeds are around 58 Mbps. Sam Chapman for Engadget The latency numbers look worse, but the rise in the table is less sharp than we projected. Ping length depends far more on distance than download speed does, so we expect it to shoot up on servers more than 1,000 miles from our location. Keeping the average below 300 ms, as ExpressVPN does here, is a strong showing. ExpressVPN security test: Checking for leaks A VPN's core mission is to hide your IP address and make you untraceable online. Our task in this section is to figure out if ExpressVPN can carry out this mission every time you connect. While we can't be 100% certain, the tests we'll run through below have led us to believe that ExpressVPN is currently leak-proof. Available VPN protocols A VPN protocol is like a common language that a VPN server can use to mediate between your devices and the web servers you visit. If a VPN uses outdated or insecure protocols, or relies on unique protocols with no visible specs or source code, that's a bad sign. Not all protocols are available on all apps, but Mac has the full range. Sam Chapman for Engadget ExpressVPN gives you a selection of three protocols: IKEv2, OpenVPN and Lightway. The first two are solid choices that support the latest encryption algorithms. OpenVPN has been fully open-source for years and is the best choice if privacy is your goal. While IKEv2 started life as a closed project by Microsoft and Cisco, ExpressVPN uses an open-source reverse-engineering, which is both better for privacy and quite fast. Lightway is the odd one out, a protocol you'll only find on ExpressVPN, though its source code is available on Github. It's similar to WireGuard, in that both reach for faster speeds and lower processing demands by keeping their codebases slim. However, Lightway was recently rewritten in Rust to better protect the keys stored in its memory. Ultimately, you can't go wrong with any of ExpressVPN's protocol options. 99% of the time, your best choice will be to set the controls to Automatic and let the VPN decide which runs best. Testing for leaks ExpressVPN is one of the best services, but it's not leak-proof (as you can read in the Background Check below). Luckily, checking for DNS leaks is a simple matter of checking your IP address before and after connecting to a VPN server. If the new address matches the VPN server, you're good; if not, your VPN is leaking. First, we checked the Windows app with split tunneling active to ensure the flaw really had been patched. We tested several servers and didn't find any leaks, which suggests the patch worked, though leaks were rare even before ExpressVPN fixed the vulnerability. We checked our IP while connected to the virtual India location, which is run from a physical server in Singapore. Don't worry -- it still looks like India to streaming services. Sam Chapman for Engadget In fact, we didn't find any leaks on any ExpressVPN server we tested on any platform. Though questions remain about iOS, as you'll see later in this section, that's a problem on Apple's end that even the best VPNs can do very little about for now. The most common cause of VPN leaks is the use of public DNS servers to connect users to websites, which can mistakenly send browsing activity outside the VPN's encrypted tunnel. ExpressVPN avoids the risks of the public system by installing its own DNS resolvers on every server. This is the key factor behind its clean bill of health in our leak testing. Two other common flaws can lead to VPN leaks: WebRTC traffic and IPv6. The former is a communication protocol used in live streaming and the latter is a new IP standard designed to expand domain availability. Both are nice, but currently optional, so ExpressVPN automatically blocks both to ensure there's no opportunity for leaks to arise. One note about VPN security on iOS: it's a known and continuing problem that iOS VPNs do not prevent many online apps from communicating with Apple directly, outside the VPN tunnel. This risks leaking sensitive data, even with Lockdown Mode active in iOS 16. A blog post by Proton VPN shares a workaround: connect to a VPN server, then turn Airplane Mode on and off again to end all connections that were active before you connected to the VPN. Testing encryption We finished up our battery of security tests by checking out ExpressVPN's encryption directly. Using WireShark, a free packet sniffer, we inspected what it looks like when ExpressVPN transmits data from one of its servers to the internet. The screenshot below shows a data stream encrypted with Lightway UDP. After connecting to ExpressVPN, HTTP packets were rendered unreadable while in transit. Sam Chapman for Engadget That lack of any identifiable information, or even readable information, means encryption is working as intended. We repeated the test several times, always getting the same result. This left us satisfied that ExpressVPN's core features are working as intended. How much does ExpressVPN cost? ExpressVPN subscriptions cost $12.95 per month. Long-term subscriptions can bring the monthly cost down, but the great deals they offer tend to only last for the first billing period. A 12-month subscription costs $99.95 and includes three months for free with your first payment, costing a total of $6.67 per month. The bonus disappears for all subsequent years, raising the monthly cost to $8.33. You can also sign up for 28 months at a cost of $139.72, but this is also once-only — ExpressVPN can only be renewed at the $99.95 per year level. There are two ways to test ExpressVPN for free before making a financial commitment. Users on iOS and Android can download the ExpressVPN app without entering any payment details and use it free for seven days. On any platform, there's a 30-day money-back guarantee, which ExpressVPN has historically honored with no questions asked. You will have to pay before you can use it, though. In our opinion, ExpressVPN's service is solid enough that it's worth paying extra. Perhaps not this much extra, but that depends on what you get out of it. We recommend using the 30-day refund period and seeing how well ExpressVPN works for you. If it's a VPN you can enjoy using, that runs fast and unblocks everything you need, that's worth a server's weight in gold. ExpressVPN side apps and bundles ExpressVPN includes some special features that work mostly or wholly separate from its VPN apps. Some of these come free with a subscription, while others add an extra cost. Every subscription includes the ExpressVPN keys password manager. This is available under its own tab on the Android and iOS apps. On desktop, you'll need to download a separate extension from your browser's store, then sign in using your account activation code. It's available on all Chromium browsers, but not Firefox. Starting in 2025, new subscribers get an eSIM plan through holiday.com, a separate service linked to ExpressVPN. The baseline 1GB holiday eSIM plans last for 5 days and can apply to countries, regions, or the entire world (though it's not clear whether the package deal applies to the regional and global plans). Longer-term plans include larger eSIM plans. You can add a dedicated IP address to your ExpressVPN subscription for an additional cost per month. A dedicated IP lets you use the same IP address every time you connect to ExpressVPN. You can add the address to whitelists on restricted networks, and you're assured to never be blocked because of someone else's bad activity on a shared IP. Unlike many of its competitors, ExpressVPN doesn't currently offer antivirus or online storage services, but there is a comprehensive bundle of ID protection tools called Identity Defender. We haven't reviewed any of these products in detail, but here's a list for reference: ID Alerts will inform you if any of your sensitive information is leaked or misused online. It's free with all plans, but you'll have to enter your personal information on your ExpressVPN account page or a mobile app. ID Theft Insurance grants up to $1 million in identity theft reimbursement and comes free with new ExpressVPN one-year or two-year subscriptions. It's not yet available to those who subscribed before it launched in October 2024. Data Removal scans for your information in data brokerages and automatically requests that it be deleted. It's also free with one-year and two-year plans. Credit Scanner is only available for United States users. It monitors your activity on the three credit bureaus so you can quickly spot any suspicious transactions. The Identity Defender features are currently only available to new ExpressVPN customers in the US. Close-reading ExpressVPN's privacy policy Although we worry that the consolidation of VPN brands under the umbrella of Kape Technologies (ExpressVPN's parent company) will make the industry less competitive, we don't believe it's influencing ExpressVPN to take advantage of its users' privacy. To confirm, and get a full sense of what sort of privacy ExpressVPN promises its users, we set out to read ExpressVPN's privacy policy in detail. It's long, but thankfully aimed at casual users instead of lawyers. You can see it for yourself here. In the introduction, ExpressVPN states that it does not keep either activity logs (such as a user's browsing history while connected to the VPN) or connection logs (such as the duration of a user's session and their IP address, which can be used to extrapolate browsing activity). It then specifies the seven types of data it's legally allowed to collect: Data used to sign up for an account, such as names, emails and payment methods. VPN usage data which is aggregated and can't be traced to any individual. Credentials stored in the ExpressVPN Keys password manager. Diagnostic data such as crash reports, which are only shared upon user request. IP addresses authorized for MediaStreamer, which is only for streaming devices that don't otherwise support VPN apps. Marketing data collected directly from the app — a "limited amount" that's kept anonymous. Data voluntarily submitted for identity theft protection apps. Of those seven exceptions, the only ones that count as red flags are account data and marketing data. Both categories are highly personal and could be damaging if mishandled. Fortunately, complying with subpoenas is not one of the allowed uses listed for either data category, nor does the policy let ExpressVPN sell the data to other private parties. The only really annoying thing here is that if you ask ExpressVPN to delete your personal data, you won't be able to use your account from then on. You aren't even eligible for a refund in this case, unless you're within 30 days of your initial subscription. As for marketing data, ExpressVPN collects device fingerprints and location data when you sign up for an account on its website. The privacy policy also claims this is anonymized, as its "systems are engineered to decouple such data from personally identifiable information." Audits corroborate this, as we'll see in the next section. So, while it would be better if ExpressVPN didn't collect any personal data at all, its practices don't appear to pose a risk to anything you do while using the VPN — just the ExpressVPN website. Privacy audits VPN providers often get third-party accounting firms to audit their privacy policies. The idea is that a well-known firm won't mortgage its reputation to lie on behalf of a VPN, so their results can be trusted. For the last several years, ExpressVPN has had KPMG look over its privacy policy and relevant infrastructure (see "TrustedServer" below). KPMG's most recent report, completed in December 2023 and released in May 2024, found that ExpressVPN had enough internal controls in place that users could trust its privacy policy. The report is freely available to read. This is a very good sign, though we're looking out for a more up-to-date audit soon. TrustedServer "TrustedServer" is a marketing term ExpressVPN uses for its RAM-only server infrastructure. RAM-only servers have no hard drives for long-term storage and return to a standard disk image with every reboot. This makes it theoretically impossible to store user activity logs on them, even if ExpressVPN wanted to do that. The KPMG audit, linked above, reports that TrustedServer works as advertised. Between its many clean privacy audits and the Turkish server incident in 2017, we're prepared to say ExpressVPN is a private VPN, in spite of its aggravating exception for marketing. Can ExpressVPN change your virtual location? Next, we tested whether ExpressVPN can actually convince websites that you're somewhere other than your real location. Our security tests have already proven it can hide your IP address, but it takes more than leak-proofing to fool streaming sites these days — Netflix and the others have gotten very good at combing through metadata to sniff out proxy users. The process for testing this is a lot like how we handled the DNS leak tests: try several different servers and see if we get caught. We checked five sample locations outside the U.S. to see if we a) got into Netflix and b) saw different titles in the library. The results are below. Server Location Unblocked Netflix? Library changed? Canada Y Y United Kingdom Y (second try; Docklands failed) Y Slovakia Y Y India Y Y (different from UK library) Australia Y Y In fifteen tests, ExpressVPN slipped up only once. Docklands, the UK server it chose as the fastest, wasn't able to access Netflix. We switched to a server labeled simply "London" and unblocked it without issue. ExpressVPN can change your virtual location so you can explore the wonderful world of K-drama. Sam Chapman for Engadget All the other locations got us access to an alternate Netflix library on the first try. We even checked whether the India server, which is physically located in the UK, showed us different videos than the UK servers. It did, which makes us even more confident that ExpressVPN's virtual locations are airtight. Investigating ExpressVPN's server network ExpressVPN users can connect to a total of 164 server locations in 105 countries and territories. These locations are reasonably well distributed across the globe, but as with all VPNs, there's a bias toward the northern hemisphere. There are 24 locations in the U.S. alone and a further 66 in Europe. That isn't to say users in the Global South get nothing. ExpressVPN has IP addresses from nine nations in South America (Argentina, Brazil, Bolivia, Chile, Colombia, Ecuador, Peru, Uruguay and Venezuela) and six in Africa (Algeria, Egypt, Ghana, Kenya, Morocco and South Africa). The network even includes Kazakhstan, Uzbekistan and Mongolia, impressive since central Asia may be the region most often shafted by VPNs. However, many of these servers have virtual locations different from their real ones. For those of you choosing a server based on performance instead of a particular IP address, ExpressVPN's website has a helpful list of which servers are virtual. The bad news is that it's a big chunk of the list. A total of 63 ExpressVPN locations are virtual, or 38% of its entire network. To reduce the sting, ExpressVPN takes care to locate virtual servers as close to their real locations as possible. Its virtual locations in Indonesia and India are physically based in Singapore. This isn't always practical, leading to some awkwardness like operating a Ghana IP address out of Germany. But it helps ExpressVPN perform better in the southern hemisphere. Extra features of ExpressVPN Compared to direct competitors like NordVPN and Surfshark, ExpressVPN doesn't have many special features. It's aimed squarely at the casual market and will probably disappoint power users. Having said that, what they do include works well. In this section, we'll run through ExpressVPN's four substantial features outside its VPN servers themselves. Network Lock kill switch "Network Lock" is the name ExpressVPN gives to its kill switch (though it's called "Network Protection" on mobile). A VPN kill switch is a safety feature that keeps you from broadcasting outside the VPN tunnel. If it ever detects that you aren't connected to a legitimate ExpressVPN server, it cuts off your internet access. You won't be able to get back online until you either reconnect to the VPN or disable Network Lock. ExpressVPN's kill switch is called Network Lock on desktop, and Network Protection on mobile (Android pictured) Sam Chapman for Engadget This is important for everyone, not just users who need to hide sensitive traffic. The recently discovered TunnelVision bug theoretically allows hackers to set up fake public wi-fi networks through which they redirect you to equally fake VPN servers, which then harvest your personal information. It's unlikely, but not impossible, and a kill switch is the best way to prevent it — the switch always triggers unless you're connected to a real server in the VPN's network. Like most of ExpressVPN's features, all you can do with Network Lock is turn it on and off. You can also toggle whether you'll still be able to access local devices while the kill switch is blocking your internet — this is allowed by default. Threat manager, ad blocker and parental controls ExpressVPN groups three tools under the heading of "advanced protection" — Threat Manager, an ad blocker and parental controls. Threat Manager consists of two checkboxes: one that blocks your browser from communicating with activity tracking software and one that blocks a list of websites known to be used for malware. Check any of these boxes to use the pre-set blocklists whenever you're connected to ExpressVPN. Sam Chapman for Engadget You can't customize the lists, so you're limited to what ExpressVPN considers worthy of blocking. They share their sources on the website. While the lists are extensive and open-source, they rely on after-the-fact reporting and can't detect and block unknown threats like a proper antivirus. The adblock and parental control options work the same way: check a box to block everything on the list, uncheck it to allow everything through. In tests, the ad blocker was nearly 100% effective against banner ads, but failed to block any video ads on YouTube or Netflix. The parental control option blocks a list of porn sites. It's an easy option for concerned parents, but only works while ExpressVPN is connected. As such, it's meant to be used in conjunction with device-level parental controls that prevent the child from turning off or uninstalling the VPN client. Split tunneling Sometimes, you'll find it helpful to have your device getting online through two different IP addresses at once — one for your home services and one for a location you're trying to spoof. That's where split tunneling is helpful: it runs some apps through the VPN while leaving others unprotected. This can also improve your speeds, since the VPN needs to encrypt less in total. You can configure split tunneling through either a blocklist or an allowlist. Sam Chapman for Engadget ExpressVPN includes split tunneling on Windows, Android and Mac (though only on versions 10 and below). You can only split by app, not by website, but it's still pretty useful. For example, you can have BitTorrent handling a heavy download in the background while you use your browser for innocuous activities that don't need protecting. ExpressVPN Aircove router By now, it should be clear that we find ExpressVPN to be a highly reliable but often unexceptional VPN service. However, there's one area in which it's a clear industry leader: VPN routers. ExpressVPN Aircove is, to our knowledge, the only router with a built-in commercial VPN that comes with its own dashboard interface. Usually, installing a VPN on your router requires tinkering with the router control panel, which turns off all but the most experienced users — not to mention making it a massive pain to switch to a new server location. Aircove's dashboard, by contrast, will be instantly familiar to anyone who already knows how to use an ExpressVPN client. It even allows different devices in your home to connect to different locations through the router VPN. Aircove's biggest drawback is its price. Currently retailing at $189 (not including an ExpressVPN subscription), it's around three times more expensive than an aftermarket router fitted with free VPN firmware. Some of you might still find the convenience worth the one-time payment. ExpressVPN customer support options ExpressVPN's written help pages are some of the best on the market. Its live chat is more of a mixed bag, and complex questions may cause delays. However, it is at least staffed with human agents who aim to reply accurately, rather than resolve your ticket as quickly as possible. You can directly access both live chat and email from ExpressVPN's mobile apps (on desktop, you'll have to go to the website). Sam Chapman for Engadget We approached ExpressVPN's support features with a simple question: "If I requested that ExpressVPN delete all my personal data, would I be able to get a refund for my unused subscription time?" (Remember from the Privacy Policy section that submitting a full deletion request also cancels your ExpressVPN account.) Our first stop was expressvpn.com/support, the written support center and FAQ page. It's divided into setup guides, troubleshooting, account management and information on each of ExpressVPN's products. The setup guides are excellent, including screenshots and clearly written steps; each one includes a video guide for those who learn better that way. Troubleshooting is just as good — no videos, but the same standards of clarity and usefulness prevail. The section starts with general problems, then delves into specific issues you might face on each operating system. Each article clearly derives from a real customer need. The live support experience To get answers on our refund question, we visited the account management FAQs. This section stated that the refund policy only applies within 30 days of purchase. Pretty clear-cut, but we still wanted an answer on our special case, so we contacted live chat by clicking the button at the bottom-right of every FAQ page. Live chat is in the bottom-right corner of every page of expressvpn.com. Sam Chapman for Engadget Live chat starts with an AI assistant, which is not too hard to get past — just ask it a question it can't answer, then click "Transfer to an Agent." We got online with (what claimed to be) a human in less than a minute. Answering the question took longer and involved an uncomfortable 10-minute silence, but we did get a clear verdict from a real person: refunds are within 30 days only, no matter what. If the live chat agent can't answer your question, you'll be redirected to open an email support ticket. Annoyingly, there's no way to go directly to email support through the website or desktop apps, though mobile users have the option to skip directly there. ExpressVPN background check: From founding to Kape Technologies ExpressVPN launched in 2009, which makes it one of the oldest consumer VPNs in continual operation. In more than 15 years of operation, it's never been caught violating its own privacy policy, though its record isn't free of more minor blemishes. Headquarters in the British Virgin Islands Founders Dan Pomerantz and Peter Burchhardt registered the company in the British Virgin Islands from the start to take advantage of that territory's favorable legal environment for online privacy. The BVIs have no law requiring businesses to retain data on their users, and the process for extraditing data is famously difficult, requiring a direct order from the highest court. In 2021, the BVI implemented the Data Protection Act (DPA) [PDF link], which prevents companies based in the territory from accessing data on their users anywhere in the world. It's a great privacy law in theory, modeled on best-in-class legislation in the EU. However, we couldn't find any evidence that its supervising authority — the Office of the Information Commissioner — has a leader or staff. In other words, while ExpressVPN is not legally required to log any data on its users, there's technically nobody stopping them from doing so. Whether you trust the jurisdiction depends on whether you trust the company itself. Let's see what the other evidence says. Security and privacy incidents Two significant incidents stand out from ExpressVPN's 16-year history. In 2017, when Andrei Karlov, Russia's ambassador to Turkey, was shot to death at an art show. Turkish police suspected someone had used ExpressVPN to mask their identity while they deleted information from social media accounts belonging to the alleged assassin. To investigate, they confiscated an ExpressVPN server to comb for evidence. They didn't find anything. A police seizure is the best possible test of a VPN's approach to privacy. The provider can't prepare beforehand, fake anything, or collude with investigators. The Turkey incident is still one of the best reasons to recommend ExpressVPN, though eight years is a long time for policy to change. The second incident began in March 2024, when a researcher at CNET informed ExpressVPN that its version 12 for Windows occasionally leaked DNS requests when users enabled the split tunneling feature. While these users remained connected to an ExpressVPN server, their browsing activity was often going directly to their ISP, unmasked. The bug only impacted a few users, and to their credit, ExpressVPN sprang into action as soon as they learned about it. The team had it patched by April, as confirmed by the researcher who initially discovered the vulnerability. But while their quick and effective response deserves praise, it's still a mark against them that a journalist noticed the bug before they did. Kape Technologies ownership and management questions In 2021, an Israeli-owned, UK-based firm called Kape Technologies purchased a controlling interest in ExpressVPN. In addition to ExpressVPN, privately held Kape owns CyberGhost, Private Internet Access, and Zenmate (before it merged into CyberGhost). As shown on its website, it also owns Webselenese, publisher of VPN review websites WizCase and vpnMentor, which poses an apparent conflict of interest. When reached for comment, a representative for ExpressVPN said that "ExpressVPN does not directly engage with, nor seek to influence, the content on any Webselenese site," and pointed us to disclosure statements on the websites in question — here's one example. Even so, it's a good reminder not to take VPN reviews at face value without knowing who's behind them (Engadget is owned by Yahoo, which does not own any VPNs). Diving deeper into the background of Kape's ownership will lead you to owner Teddy Sagi. Go back far enough, and you'll see he did prison time in Israel and was mentioned in the Pandora Papers, among other things. More recently, headlines about the billionaire have focused more his businesses in the online gambling and fintech arenas, as well as his real estate ventures. An ExpressVPN representative told us that "Kape's brands continue to operate independently," and our investigation bore that out — we couldn't find any proof that Kape or Sagi have directly attempted to influence ExpressVPN's software or daily operations. Closer to the immediate day-to-day operations of ExpressVPN was the company's employment of Daniel Gericke as CTO from 2019 through 2023. During that time, the US Justice Department announced it had fined Gericke and two others for their previous employment on a surveillance operation called Project Raven, which the United Arab Emirates (UAE) used to spy on its own citizens. The revelation prompted a public response from ExpressVPN defending its decision to hire Gericke, arguing that "[t]he best goalkeepers are the ones trained by the best strikers." ExpressVPN's representative confirmed that the company still stands by that linked statement. Gericke parted ways with ExpressVPN in October 2023, per his LinkedIn profile. While we don't know what we don't know, we can say that ExpressVPN has not notably changed its public-facing security and privacy policies during the time it's been connected to Kape, Sagi, or Gericke. In the end, how much ExpressVPN's history matters to you is a personal choice. If you object to any current or past actions by Kape Technologies or Teddy Sagi, there are other premium VPN options you might prefer. If you need more information to make up your mind, we recommend reading through CNET's 2022 deep dive on ExpressVPN's corporate history. Final verdict ExpressVPN is the VPN we most often recommend to beginners. It takes zero training to use, and consistently gets past filters on streaming sites. It also runs in the background with virtually no impact. If anything is worth the high price of admission, it's the excellent speeds distributed evenly across the worldwide server network. However, for certain specific cases, ExpressVPN may not be the best choice. There's no way to set up your own server locations, like NordVPN offers, and no double VPN connections, like you can build for yourself on Surfshark. Its corporate background is more suspect than the entities backing Proton VPN, and unlike Mullvad, ExpressVPN doesn't work in China — it's so well-known that the government targets its servers specifically. We suggest going with ExpressVPN for general online privacy, for spoofing locations in your home country while traveling, or if you regularly need to unblock sites in other countries. That encompasses 19 of every 20 users, which is fine by us, as ExpressVPN is a great service. It's just more of a reliable old screwdriver than a multi-tool. This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/expressvpn-review-2025-fast-speeds-and-a-low-learning-curve-160052884.html?src=rss

Call of Duty Season 4 is live in Warzone. The big update brings map changes to Verdansk, new modes, and more weapons to unlock. Season 4 shakes up the weapon meta for battle royale, so we have some new loadout recommendations for you to consider for your next match of Warzone.The Season 4 battle pass adds the new LC10 submachine gun and the FFAR1 assault rifle, and both are powerful options featured in our recommended gun builds listed below. Other weapons will arrive later in the season, and here we highlight all of Season 4's weapons and how to unlock them.Season 4 added the Overlook POI for Verdansk, and we have a full guide on how to complete the Overlook's Safe Room Easter egg. For more details about the latest update, make sure to check out the Season 4 patch notes for all the major changes in Warzone and Black Ops 6. FFAR1Season 4's new FFAR1 is a great choice for Warzone. This is an assault rifle with a very fast fire rate, but the recommended attachments will help with handling the gun's recoil. You'll also want an optic equipped, as the FFAR1's iron sights are pretty bulky and distracting. This gun is great for long-range fights or it can be used as a sniper support weapon.Recommended FFAR1 attachments:Optic: Volzhskiy ReflexMuzzle: CompensatorBarrel: Gain-Twist BarrelUnderbarrel: Vertical ForegripMagazine: Extended Mag II Krig CThe Krig C is one of the best assault rifle choices for long-range combat. This doesn't quite pack the impressive fire rate of the FFAR1, but this is a powerful and easy-to-handle assault rifle. The recommended attachments will help boost the bullet velocity and improve the gun's handling.Recommended Krig C attachments:Optic: Volzhskiy Reflex or Jason Armory 2xMuzzle: CompensatorBarrel: Gain-Twist BarrelUnderbarrel: Vertical ForegripMagazine: Extended Mag II Swat 5.56 (Grau conversion)The Swat 5.56 is still a solid choice for Warzone when using the Grau conversion-kit attachment, which transforms this gun into the fully-auto Grau 5.56 assault rifle from Modern Warfare 2019. With our recommended attachments, this gun has a very fast time-to-kill and very little recoil.Recommended Swat 5.56 attachments:Muzzle: Monolithic SuppressorUnderbarrel: Vertical ForegripMagazine: Full-Auto Extended MagRear Grip: Commando GripFire Mod: Grau Conversion LC10Season 4's new LC10 submachine gun is one of the most powerful choices for close-range combat in Warzone. This weapon is easy to use and boasts a fast time-to-kill. The recommended attachments will boost the gun's damage range and help reduce the recoil.Recommended LC10 attachments:Muzzle: CompensatorBarrel: Long BarrelUnderbarrel: Ranger ForegripMagazine: Extended Mag IIStock: Balanced Stock C9If you don't have the LC10 unlocked yet, the C9 submachine gun is the next best choice for close-range fights. This is a versatile and easy-to-handle weapon, and it's a solid choice for sniper support. The recommended attachments will give you more recoil control, extra bullet velocity, and additional ammo.Recommended C9 attachments:Muzzle: CompensatorBarrel: Reinforced BarrelUnderbarrel: Vertical ForegripMagazine: Extended Mag IIRear Grip: Commando Grip LadraAnother choice for close-range fights is Season 3's Ladra submachine gun. If you missed out on unlocking this weapon through the High Art event, it will be available to unlock by selecting it as an Armory challenge. The recommended attachments will boost the gun's damage range and help reduce the recoil.Recommended Ladra attachments:Muzzle: CompensatorBarrel: Long BarrelUnderbarrel: Vertical ForegripMagazine: Extended Mag IStock: Balanced Stock HDRThe HDR is the best sniper rifle for those long-range engagements across Verdansk. The recommended attachments will help boost the bullet velocity and damage range, making this a one-shot sniper at infinite range. For sniping on Rebirth Island, you can always go for the Kar98k listed below, if you want a lighter and more aggressive sniper option.Recommended HDR attachments:Muzzle: Monolithic SuppressorBarrel: Gain-Twist BarrelUnderbarrel: Lightweight BipodRear Grip: Quickdraw GripFire Mod: 108MM Overpressured Kar98kThe Kar98k marksman rifle is a solid choice for those looking for a faster and more aggressive sniper. This won't get you one-shot potential at infinite range, but this is still a great build for aggressive snipers not looking to challenge players across a massive map like Verdansk.Recommended Kar98k attachments:Optic: Range Caller V3.4Muzzle: VT-7 Spiritfire SuppressorBarrel: Prazisionsgewehr 762 Long BarrelSling: Recon SlingAmmunition: 7.92x57MM High Grain Rounds

Business Development Associate, eCommerceAppLovinToronto30 minutes agoApplyAbout AppLovinAppLovin makes technologies that help businesses of every size connect to their ideal customers. The company provides end-to-end software and AI solutions for businesses to reach, monetize and grow their global audiences. For more information about AppLovin, visit: www.applovin.com.To deliver on this mission, our global team is composed of team members with life experiences, backgrounds, and perspectives that mirror our developers and customers around the world. At AppLovin, we are intentional about the team and culture we are building, seeking candidates who are outstanding in their own right and also demonstrate their support of others.Fortune recognizes AppLovin as one of the Best Workplaces in the Bay Area, and the company has been a Certified Great Place to Work for the last four years (2021-2024). Check out the rest of our awards HERE.About AppLovin’s eCommerce TeamAppLovin is the market leader in performance advertising for mobile games. In 2024, we expanded into the ecommerce space, enabling brands to reach 150M+ U.S. daily active users in a variety of mobile games—scale that rivals the largest social platforms. In Q4, we reached a $1 billion annual run rate in gross advertiser spend in the ecommerce category alone.Learn more about our fast-growing ecommerce beta: https://ecomm.applovin.com/AppLovin's global team is composed of team members with life experiences, backgrounds, and perspectives that mirror our customers around the world. We are intentional about the team and culture we are building, seeking candidates who are outstanding in their own right and also demonstrate their support of others.About the RoleWe are seeking a driven, analytical, and results-focused Analyst, Business Development to join our fast-paced and expanding eCommerce team. This is a unique opportunity to shape a new business line from the ground up and work at the intersection of performance marketing and business development within the rapidly growing eCommerce space.In this client-facing role, you’ll partner with eCommerce brands to unlock growth by leveraging AppLovin’s marketing platform. You’ll build strong relationships with key stakeholders, help them optimize campaigns, and lead strategic initiatives that drive business outcomes. You’ll also work closely with AppLovin leadership and product experts to evolve our eCommerce advertising solution and drive adoption in the market.ResponsibilitiesOnboard eCommerce brands to our platform and educate them on AppLovin’s eCommerce growth solution.Understand what matters most to your partners and drive an action plan for their growth.Set up new campaigns for success by leveraging best practices for creative and performance targets.Define and analyze metrics to ensure success for our eCommerce partners.Become an expert on AppLovin’s mobile advertising products for eCommerce brands.Partner with the broader AppLovin Business Development team in the region.Basic Qualifications1-3 years of professional experience.Bachelor's degree or higher in related fields.Self-starter and eager to learn.Demonstrate outstanding analytical ability and strategic grasp of the “big picture”.Exceptional communication skills and clearly able to communicate concepts and ideasHave experience prioritizing competing demands.Flexible team-player who can use drive, creativity, and initiative to move the organization forward.Demonstrated experience in handling large data sets, with a strong ability to analyze complex data and identify actionable patterns to drive strategic decision-making and optimize client outcomes.Proven interest in technology. Whether you’re an early adopter of gadgets, or an Excel whiz, or took a computer science class in school and loved it, we are a high tech and big data company where you will constantly have the opportunity to contribute business and product ideas.Preferred QualificationsExperience in the e-commerce space and brand operations.A basic understanding of programming or scripting.A basic understanding of image and video editing software.Understanding of models for intelligent decision making, such as game theory, chess, or poker.AppLovin has become aware of a scam targeting jobseekers with fake “app optimization” and similar roles. We do not ask our candidates to download apps or make any form of payment(s). AppLovin works with applicants through our Careers page and applovin.com email addresses. If you are contacted through other unofficial channels (such as WhatsApp or Telegram) or asked to download an app or make a payment, these contacts are not legitimate. Confirm the information here and contact us directly with any questions.AppLovin is proud to be an equal opportunity employer that is committed to inclusion and diversity. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status, or other legally protected characteristics. Learn more about EEO rights as an applicant here.If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send us a request at accommodations@applovin.com.AppLovin will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you’re applying for a position in California, learn more here.Please read our Global Applicant Privacy Notice to learn more about how AppLovin processes your personal information. Create Your Profile — Game companies can contact you with their relevant job openings. Apply