剣 KENSAI
Back to Home

Security

As a security company, we take the protection of your data extremely seriously. Here's how we keep your information safe.

Encryption

  • TLS 1.3 for all data in transit
  • AES-256 encryption at rest
  • Encrypted database backups

Access Control

  • Role-based access control (RBAC)
  • Multi-factor authentication available
  • Audit logging for all actions

Infrastructure

  • EU data residency (GDPR compliant)
  • Regular security audits
  • DDoS protection
  • Isolated scan environments per customer
  • 24/7 infrastructure monitoring and alerting

Incident Response

  • Documented incident response plan with defined SLAs
  • Customer notification within 72 hours of confirmed breach (per GDPR)
  • Post-incident review and remediation for every event

Data Retention & Privacy

  • Minimal data collection — only what's needed to provide the service
  • Scan results auto-deleted after retention period or on request
  • We never sell, share, or monetize your data

Compliance

  • GDPR compliant — EU data processing and storage
  • NIS2-aligned security controls and reporting
  • SOC 2 Type II certification planned for 2026

Security Testing

  • Regular penetration testing of our own platform
  • Automated SAST/DAST in our CI/CD pipeline
  • Continuous dependency vulnerability scanning

Personnel Security

  • Mandatory security awareness training for all staff
  • Least-privilege access model across all systems
  • Background checks for employees with data access

Report a Vulnerability

Found a security issue? We appreciate responsible disclosure.

Contact us