Security is a top priority at Kolide. Our customers need to be confident that their data is secure which is why Kolide was built to meet the sophisticated needs of organizations large and small. We believe in implementing the technology that will keep you protected against the threats of tomorrow.
We regard ourselves as a provider of security as well as an adherant. Read below to learn more about issues pertaining to your security concerns.
Application security is important at Kolide. We have an active bug bounty program and we frequently engage professional penetration testers to find vulnerabilities in our most security-sensitive software. The Kolide product also integrates with Google and Slack OAuth, and features role-based access controls.Learn More➜
At Kolide, infrastructure security is important to us because we fully appreciate the sensitive nature of our customers' data. To that end, we host our K2 product on Heroku, which allows us to rely on their expertise to ensure timely patching and hardening of our server/data infrastructure and resistance to network based attacks.Learn More➜
Kolide's core business involves making security recommendations to our customers. As a result, it is important that we follow our own practices and create a forward-thinking approach to internal security. At Kolide we believe in an unprivileged corporate network where we authenticate to internal services through a robust auth proxy.Learn More➜
Single Sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials on (SSO).
All web and gRPC traffic sent to or from Kolide is encrypted TLS/SSL 256 bit encryption.
Our API and application endpoints are TLS/SSL only and score an “A” rating on Qualys SSL Labs‘ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.
Kolide enforces advanced password complexity standards by checking for password entropy and disallowing passwords that are commonly used, use predictable substitutions, or match previously leaked credentials.
Kolide stores user passwords and credentials using a password based key derivation function.
Kolide offers a bug bounty program facilitated by HackerOne, which gives security researchers a platform for responsibly reporting security vulnerabilities.
All credit card payments made to Kolide go through our partner, Stripe. Details about their security setup and PCI compliance can be found on Stripe’s security page.