Certification further validates what FedRAMP, ISO 27001, and other regs confirm: Kiteworks built for enterprises that can’t afford to compromise on security.
SAN MATEO, CA, UNITED STATES, June 18, 2026 /EINPresswire.com/ — Kiteworks, which empowers organizations to effectively manage risk in every send, share, receive, and use of private data, today announced that Kiteworks Secure MFT Server v9.4 is listed by Drummond Group as an AS2 certified product for the AS2-2Q26 and AS2-4Q25 interoperability test events. The certification marks the 50th round of interoperability testing for the IETF AS2 standard and validates that Kiteworks Secure MFT Server v9.4 can send and receive standards-based AS2 messages with full payload integrity, digital signatures, encryption, and receipt verification across trading partner ecosystems.
AS2 is the open standard for MIME-based secure peer-to-peer business data interchange over HTTP, widely used across retail, financial services, manufacturing, logistics, and government to secure EDI, XML, and binary business data in transit. For organizations that depend on trading partner ecosystems, it provides the interoperability baseline, transaction receipts, and payload integrity verification that modern B2B automation requires.
“Organizations that depend on trading partner ecosystems need more than file transfer encryption. They need interoperability, transaction integrity, policy control, and auditability across every exchange,” said Frank Balonis, CISO and SVP of Operations at Kiteworks. “Drummond AS2 certification for Kiteworks Secure MFT Server v9.4 gives customers third-party validation that Kiteworks supports secure, standards-based B2B data exchange—while unifying governance across the broader private data network.”
The threat to legacy MFT infrastructure is not historical—it is ongoing. According to the Kiteworks MFT Survey Report, 59% of organizations reported an MFT security incident in the prior 12 months.¹ Across 2024, 2025, and into 2026, four separate MFT platforms shipped critical-severity vulnerabilities exploited within hours of disclosure—in some cases with no available workaround. Attackers target file transfer infrastructure precisely because it sits at the intersection of regulated data and trusted partner connections. The question is no longer whether MFT security architecture matters. It is whether the vendor has done the work to prove it.
A Consistent Track Record of Third-Party Security Validation
Drummond AS2 certification is the latest addition to a validation portfolio that includes FedRAMP authorization, ISO 27001 certification, SOC 2 Type II audit, IRAP, BSI C5, among others—each representing independent, third-party scrutiny of Kiteworks’ security controls, architecture, and practices. Where FedRAMP, ISO 27001, and SOC 2 validate how Kiteworks protects data within its platform, Drummond AS2 certification validates how Kiteworks interoperates with the outside world: trading partner connections, B2B message exchanges, and automated workflows that move sensitive data across organizational boundaries. Together, they reflect a deliberate strategy of pursuing every relevant third-party validation rather than asking customers to accept internal attestations at face value.
“FedRAMP, ISO 27001, SOC 2, and other validations—those tell enterprises that Kiteworks has been examined from the inside,” Balonis added. “Drummond AS2 certification tells them Kiteworks has been tested from the outside, against other certified products in a full-matrix interoperability event. That combination—platform security rigor plus trading partner interoperability proof—is exactly what enterprises need when evaluating MFT for regulated data.”
What Drummond’s AS2-2Q26 Testing Covered
Drummond’s AS2-2Q26 test event required each participating product version to send and receive messages within a full product test group, verifying message structure, security requirements, payload integrity, and receipt delivery across digital signatures, encryption, HTTP/HTTPS transports, synchronous and asynchronous receipts, and data compression. Drummond also tested error handling—participants were sent corrupted messages and required to return appropriate MDN error statuses—validating that Kiteworks Secure MFT Server v9.4 recognizes transaction failures and returns the structured error signals that automated B2B workflows depend on.
A Governance-First MFT Platform
Kiteworks Secure MFT Server supports end-to-end file transfer workflows—vault-to-vault transfers, trading partner onboarding, scheduling, workflow authoring, and graphical monitoring—on a hardened virtual appliance with granular policy controls, DLP, ATP, CDR, SIEM reporting, and complete visibility into data entering and leaving the enterprise. Drummond AS2 certification for Kiteworks Secure MFT Server v9.4 is listed in Drummond’s certified-products directory for both AS2-2Q26 and AS2-4Q25, reflecting continued validation across consecutive test events.
¹ Kiteworks Data Security and Compliance Risk: 2025 MFT Survey Report, September 2025.
About Kiteworks
Kiteworks’ mission is to empower organizations to effectively manage risk in every send, share, receive, and use of private data. The Kiteworks platform provides customers with a secure data exchange that delivers data governance, compliance, and protection in a unified control plane. Kiteworks unifies, tracks, controls, and secures sensitive data moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all private data exchanges. Headquartered in Silicon Valley, Kiteworks protects over 100 million end-users and thousands of global enterprises and government agencies.
David Schutzman
Kiteworks
+1 203-550-8551
david.schutzman@kiteworks.com
Visit us on social media:
LinkedIn
Facebook
YouTube
X
Legal Disclaimer:
EIN Presswire provides this news content “as is” without warranty of any kind. We do not accept any responsibility or liability
for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this
article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Media gallery
