Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items
ControlK

Overview

Kapiche has implemented best-in-class security practices to keep customer data safe.. At Kapiche, we protect your data like it's our own

Compliance

CCPA Logo
CCPA
CSA STAR Logo
CSA STAR
GDPR Logo
GDPR
HIPAA Logo
HIPAA
SOC 2 Logo
SOC 2
Start your security review
View & download sensitive information
Ask for information

Kapiche is reviewed and trusted by

Zappos.com-company-logoZappos.com
Australia Post-company-logoAustralia Post
Colorado Technical University-company-logoColorado Technical University
Village Roadshow-company-logoVillage Roadshow
Nextdoor-company-logoNextdoor
AGL Australia-company-logoAGL Australia
ANZ-company-logoANZ
Woodside Homes-company-logoWoodside Homes
Medibank-company-logoMedibank
RAC WA-company-logoRAC WA
Entain-company-logoEntain
Team Global Express-company-logoTeam Global Express

Documents

All
Public
Private
HIPAA Report
Network Diagram
Other Reports
Pentest Report
Security Prospectus
SOC 2 Report
Vulnerability Assessment Report
HIPAA
SOC 2
CAIQ
Product Architecture
Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
Asset Management Policy
Backup Policy
Business Continuity Policy
BYOD Policy
Data Classification Policy
Data Sanitization Policy
Data Security Policy
Encryption Policy
General Incident Response Policy
Information Security Policy
Internal and External Communication Policy
Network Security Policy
Other Policies
Password Policy
Physical Security
Risk Management Policy
Software Development Lifecycle
Vulnerability Management Policy

Risk Profile

Data Access LevelInternal
Impact LevelModerate
Recovery Time Objective24 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

HIPAA Report
Network Diagram
Other Reports
View more

Self-Assessments

CAIQ

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure
Bot Detection
Code Analysis
View more

AI

AI Governance
AI Monitoring
AI Risk Management
View more

Legal

SubprocessorsSentry-company-logoSegment-company-logoAuth0-company-logoGoogle-company-logoHoneycomb-company-logo
Data Processing Agreement
Privacy Policy
View more

Data Privacy

Cookies
Data Breach Notifications
Data Into System
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Status Monitoring
Amazon Web Services
Anti-DDoS
View more

Endpoint Security

Disk Encryption
DNS Filtering
Endpoint Detection & Response
View more

Network Security

Data Loss Prevention
DNSSEC
Firewall
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Training
View more

Policies

Acceptable Use Policy
Access Control Policy
Anti-Malicious Software Policy
View more

Security Grades

SecurityScorecard
Kapiche Web App
Security Scorecard A grade
Kapiche API
Security Scorecard A grade
CryptCheck
Web App
A+
Qualys SSL Labs
Web App
A+
API
View more

Trust Center Updates

Kapiche not affected by the XZ Utils backdoor vulnerability

VulnerabilitiesCopy link

Kapiche is not affected by the XZ Utils backdoor vulnerability.

Our security team has reviewed all OS versions deployed in our environment and confirmed that none of the impacted operating systems or versions are utilized.

For more details on this vulnerability, please visit https://nvd.nist.gov/vuln/detail/CVE-2024-3094 and https://www.darkreading.com/vulnerabilities-threats/are-you-affected-by-the-backdoor-in-xz-utils.

Published at N/A

Kapiche's Response to HTTP/2 Rapid Reset Attack and Curl Vulnerabilities

VulnerabilitiesCopy link

Kapiche is aware of CVE-2023-44487, also known as "HTTP/2 Rapid Reset Attack," related to HTTP/2 capable web servers where rapid stream generation and cancellation can result in additional load which could lead to a Denial of Service. Kapiche's infrastructure is designed with various protections to address Layer 7 request floods, however, we have implemented additional mitigations and patches address this issue.

Published at N/A

Kapiche's Response to the 2022 OpenSSL 3 Vulnerabilities

IncidentsCopy link

After careful review of our infrastructure and SBOM, the Kapiche team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.

As a helpful resource, you can use this page to determine if certain widely used software in your environment is affected or unaffected: https://github.com/NCSC-NL/OpenSSL-2022/blob/main/software/README.md

Published at N/A
Powered bySafeBase Logo