Security is a top priority at Kolide. Our customers need to be confident that their data is secure which is why Kolide was built to meet the sophisticated needs of organizations large and small. We believe in implementing the technology that will keep you protected against the threats of tomorrow.
We regard ourselves as a provider of security as well as an adherant. Read below to learn more about issues pertaining to your security concerns.
Application security is important at Kolide. We have an active bug bounty program and we frequently engage professional penetration testers to find vulnerabilities in our most security-sensitive software. The Kolide Cloud product includes enforcable two-factor authentication, role-based access control, and more.Learn More➜
At Kolide, infrastructure security is important to us because we fully appreciate the sensitive nature of our customers' data. To mitigate risk, every customer has an isolated instance of our Cloud product that we deploy and harden in Google Cloud Platform on Kubernetes, a production-ready container orchestration platform.Learn More➜
Kolide was founded by members of Facebook's security team, so internal security is important to us because we love building an organization with a forward-thinking approach to internal security. At Kolide we believe in an unprivileged corporate network where we authenticate to internal services through a robust authentication proxy.Learn More➜
Single Sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials on (SSO).
If you're using password based authentication, you can turn on 2-factor authentication (2FA) and receive codes via SMS or configure a TOTP token.
All web and gRPC traffic sent to or from Kolide is encrypted TLS/SSL 256 bit encryption.
Our API and application endpoints are TLS/SSL only and score an “A” rating on Qualys SSL Labs‘ tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.
Kolide enforces advanced password complexity standards by checking for password entropy and disallowing passwords that are commonly used, use predictable substitutions, or match previously leaked credentials.
Kolide stores user passwords and credentials are stored using a password based key derivation function.
Kolide leverages Kubernetes to ensure that each customer gets a private deployment of the Kolide Cloud.
Kolide offers a bug bounty program facilitated by HackerOne, which gives security researchers a platform for responsibly reporting security vulnerabilities.
All credit card payments made to Kolide go through our partner, Stripe. Details about their security setup and PCI compliance can be found on Stripe’s security page.