Kendis Security

We take our customer’s data security very seriously. We ensure the integrity of our customer’s data by using enterprise level security to perform audits on our application and networks.

Datacenter & network security

Physical security
FacilitiesAll of your service data made in Kendis is hosted in AWS data centers. These are certified as ISO 27001, PCI/DSS Service Provider Level 1, and/or SOC II compliance. The AWS infrastructure is equipped with impeccable services that safeguard your data. These services include back-up power, HVAC systems, and fire suppression equipment to help protect servers and ultimately your data.
On-site SecurityTo have the best on-site security, AWS has one of the best security measures that includes security guards, fencing, security feeds, and intrusion detection technology. Learn more about AWS physical security.
MonitoringThe staff at Kendis constantly monitors all Production Servers. While physical security, power, and internet connectivity are monitored by AWS.
LocationKendis leverages AWS data centers in the United States. With Private Cloud hosting option customers can choose AWS location in the United States, Europe, and Asia.
Network security
Dedicated Security TeamOur Security Team is prompt to respond to security alerts and is available on call 24/7.
ProtectionWe use top of the line security for protecting our network. We also perform regular audits and utilize network intelligence technologies that watch for any attacks or malicious activity.
ArchitectureFor our network security architecture, we have divided it into various zones corresponding to their sensitivity, function and risk.
Network Vulnerability ScanningUsing proper Network security scanning, we are able to identify potentially vulnerable systems.
Penetration TestsRegular penetration tests are performed by security testing team.
Security Incident Event Management (SIEM)This is critical in recording logs from key network devices and host systems. It also notifies the Security Team in case of any attack.
Intrusion Detection and PreventionAll services entry and exit points are closely monitored to detect any malicious activity. Alerts are generated.
Threat Intelligence ProgramOur Threat Intelligence Program detects any threat that has been posted on threat intelligence networks. Quick action is taken against serious threats.
DDoS MitigationKendis has architected a multi-layer approach to DDoS mitigation. We have designed a custom DDoS Component to prevent any sort of attack.
Logical AccessFor accessing the Kendis Production Network, our employees have to use multiple factors of authentication.
Security Incident ResponseIf there is an alert, the teams providing network security are instantly notified and carry out the response.
Encryption in TransitAll data transmissions are encrypted using industry best-practices HTTPS and Transport Layer Security (TLS) over public networks.
Encryption at RestService Data is encrypted at rest in AWS using AES 256 key encryption.
Availability & continuity
UptimeKendis strives to maintain above 99% uptime. We rarely had downtime but in case it does, we assure you that we have our skilled engineers available 24/7 who would resolve this issue within minutes.
Disaster RecoveryIn case of an event, we can easily recover from any disaster. Our strong technical environment, testing procedures and Disaster recovery plans ensure that.

Application security

Secure development (SDLC)
Security TrainingWe keep constant focus to train engineers on web application security covering OWASP Top 10 security risks and common attack vectors.
Java Spring Security FrameworkWe use Java Spring Security Framework for Kendis that are pertinent in reducing SQL Injection (SQLi), Cross Site Scripting (XSS) and Cross Site Forgery (CSRF).
QAOur testing team ensures extensive and detailed testing.
Separate EnvironmentsProduction Environment is completely isolated from testing and staging activities. We make sure that all of our testing and staging activities are done in separate environments. We do not use any Service Data for testing or development.
Application vulnerabilities
Dynamic Vulnerability ScanningWith the help of Third Party security tools, we are able to scan and identify any security risks of the OWASP security risks, dynamically.
Static Code AnalysisWe use static analysis tools to scan the source code.
Security Penetration TestingSafeguarding customer data is of the highest priority for us. We pride ourselves on taking effective measures and tests against security threats that can be made on our customer data. Penetration tests are done regularly by Kendis.

Product security features

Authentication Security
Authentication OptionsOur authentication options include Kendis secure sign-in, Okta single sign-on, and Active Directory for on-site deployments.
Secure Credential StorageKendis stores passwords which are not saved in human readable format hence enhancing its security.
Additional product security features
Role Based Access ControlsKendis has different permission levels. Access to data is governed by role based access control (RBAC), and can be configured to define granular access privileges.
Transmission SecurityAll data transmissions with Kendis UI’s and API’s are encrypted using industry standard HTTPS/TLS over public networks.

Additional security methodologies

Security Awareness
PoliciesKendis has a very stringent set of security policies which are shared transparently with all the employees who have access.
TrainingOur all employees have to attend an annual Security Awareness Training and all engineers receive annual Secure coding Training.
Employee vetting
Background ChecksAll new employees are vetted carefully during the recruitment process.
Confidentiality AgreementsNewly hired employees have to sign a Non-Disclosure and Confidentiality agreement.

Ready to get started? Kendis is free for 10 days. No credit card required