Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

Kapiche has implemented best-in-class security practices to keep customer data safe.. At Kapiche, we protect your data like it's our own

Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
GDPR Logo
GDPR
HIPAA Logo
HIPAA
SOC 2 Logo
SOC 2

Kapiche is reviewed and trusted by

Michaels Stores-company-logoMichaels Stores
Australia Post-company-logoAustralia Post
Colorado Technical University-company-logoColorado Technical University
AGL Australia-company-logoAGL Australia
ANZ-company-logoANZ
Woodside Homes-company-logoWoodside Homes
RAC WA-company-logoRAC WA
Team Global Express-company-logoTeam Global Express

Documents

REPORTSNetwork Diagram
REPORTSOther Reports
REPORTSPentest Report
REPORTSSecurity Prospectus
REPORTSSOC 2 Report
COMPLIANCEHIPAA
COMPLIANCESOC 2
SELF-ASSESSMENTSCAIQ
PRODUCT SECURITYProduct Architecture
POLICIESAcceptable Use Policy
POLICIESAccess Control Policy
POLICIESAnti-Malicious Software Policy

Risk Profile

Data Access LevelInternal
Impact LevelModerate
Recovery Time Objective24 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

HIPAA Report
Network Diagram
Other Reports
View more

Self-Assessments

CAIQ

Data Security

Access Monitoring
Data Backups
Data Erasure
View more

App Security

Responsible Disclosure
Bot Detection
Code Analysis
View more

AI

AI Governance
AI Monitoring
AI Risk Management
View more

Legal

SubprocessorsSentry-company-logoSegment-company-logoAuth0-company-logoGoogle-company-logoHoneycomb-company-logo
Data Processing Agreement
Privacy Policy
View more

Data Privacy

Cookies
Data Breach Notifications
Data Into System
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Status Monitoring
Amazon Web Services
Anti-DDoS
View more

Endpoint Security

Disk Encryption
DNS Filtering
Endpoint Detection & Response
View more

Network Security

Data Loss Prevention
DNSSEC
Firewall
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Training
View more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
View more

Security Grades

SecurityScorecard
Kapiche Web App
Security Scorecard A grade
Kapiche API
Security Scorecard A grade
CryptCheck
Web App
A+
Qualys SSL Labs
Web App
A+
API
View more
Trust Center Updates

Kapiche not affected by the XZ Utils backdoor vulnerability

Copy link
Vulnerabilities
Kapiche is not affected by the XZ Utils backdoor vulnerability. Our security team has reviewed all OS versions deployed in our environment and confirmed that none of the impacted operating systems or versions are utilized. For more details on this vulnerability, please visit https://nvd.nist.gov/vuln/detail/CVE-2024-3094 and https://www.darkreading.com/vulnerabilities-threats/are-you-affected-by-the-backdoor-in-xz-utils.

Kapiche's Response to HTTP/2 Rapid Reset Attack and Curl Vulnerabilities

Copy link
Vulnerabilities
Kapiche is aware of CVE-2023-44487, also known as "HTTP/2 Rapid Reset Attack," related to HTTP/2 capable web servers where rapid stream generation and cancellation can result in additional load which could lead to a Denial of Service. Kapiche's infrastructure is designed with various protections to address Layer 7 request floods, however, we have implemented additional mitigations and patches address this issue.

Kapiche's Response to the 2022 OpenSSL 3 Vulnerabilities

Copy link
Incidents
After careful review of our infrastructure and SBOM, the Kapiche team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022. As a helpful resource, you can use this page to determine if certain widely used software in your environment is affected or unaffected: https://github.com/NCSC-NL/OpenSSL-2022/blob/main/software/README.md