Security & Trust Center

Enterprise Security, Transparently Explained

We take a security-first approach to every engagement. From data residency to encryption standards — here is exactly how we protect your organization.

Request Security Brief security@kerdos.in

Compliance & Certifications

Built to Enterprise Standards

Our security posture is designed for regulated industries — healthcare, finance, government, and critical infrastructure.

Aligned

ISO 27001 Aligned

Our information security management system follows ISO 27001 principles — risk assessment, access control, and continuous security improvement.

Compliant

DPDP Compliant

Fully aligned with India's Digital Personal Data Protection Act 2023. Lawful processing, data minimisation, and user rights built in from day one.

Audit Ready

SOC 2 Type II Ready

Architecture designed to support SOC 2 Type II audits — covering security, availability, confidentiality, and processing integrity trust principles.

Active

Zero-Trust Network

No implicit trust across our infrastructure. Every request is authenticated, encrypted in transit (TLS 1.3), and authorised against least-privilege policies.

India Hosted

India-First Data Residency

Enterprise deployments default to Indian data centres. On-premise and private cloud options ensure your data never leaves your jurisdiction.

<2hr Notification

Incident Response SLA

Critical security incidents: 2-hour notification. Full root-cause analysis delivered within 72 hours. Dedicated security hotline for enterprise clients.

Technical Controls

Security Controls At-a-Glance

Every Kerdos engagement includes a baseline set of technical and organisational security controls — plus additional hardening for regulated industry clients.

Request Full Security Questionnaire

AES-256 encryption at rest

TLS 1.3 encryption in transit

Multi-factor authentication (MFA)

Role-based access control (RBAC)

Automated vulnerability scanning

Annual penetration testing

Immutable audit logs

Automated backup & DR

Private LLM deployment option

Air-gapped deployment available

NDA on request for all clients

Subprocessor transparency list

Transparency

Data Processing & Subprocessors

Data Processing Agreement

Enterprise clients receive a full DPA outlining controller/processor responsibilities, data categories, and retention schedules.

Request DPA →

Subprocessor List

We maintain a public register of all third-party subprocessors used in delivering our services — updated quarterly.

View Subprocessors →

Penetration Testing

Annual third-party penetration tests are conducted on our core platforms. Summaries available to enterprise clients under NDA.

Request Report →

Kerdos Infrasoft Private Limited

CIN: U62099KA2023PTC182869 · Incorporated: 2023-12-29 · 私人有限公司（股份有限）

Verify on MCA ↗

Statutory Registrations & Identifiers

MCA 注册

U62099KA2023PTC182869

印度公司事务部 · CIN

验证 ↗

GST 登记

29AAKCK7265N1ZM

商品与服务税 · 卡纳塔克邦

TAN

BLRK28562C

税款扣缴与收取账户号

DPIIT 认证

DIPP170654

印度创业 · NLP 与 AI 企业

验证 ↗

D-U-N-S 编号

644775119

邓百拥全球企业标识码

进出口编码

AAKCK7265N

DGFT · 商业与工业部

UDYAM 登记

UDYAM-KR-03-0393965

MSME · 中小企业部

验证 ↗

ESI 登记

50000758830000999

印度费用医疗保险公司

Security Questions or Concerns?

Our security team responds to all enterprise inquiries within 2 business hours. For vulnerability disclosures, use our responsible disclosure process.

Contact Security Team General Enquiry

Enterprise Security, Transparently Explained

Built to Enterprise Standards

Security Controls At-a-Glance

Data Processing & Subprocessors

Data Processing Agreement

Subprocessor List

Penetration Testing

Security Questions or Concerns?

获取最新洞察。