Security Policy
Committed to Security & Trust
At Knolbase, security and privacy are the very underpinnings of what we do. We regularly evaluate our security procedures and technologies to safeguard your information.
Last Updated:
At Knolbase, operated by Enigma Software Solutions Private Limited (“Knolbase”, “we”, “us”, “our”), security and privacy are the very underpinnings of what we do. We regularly evaluate our security procedures and technologies, including firewalls and encryption, to safeguard the security of your information. We strive to be transparent in our use and protection of data while keeping the underlying data secure.
We integrate strong security and global data privacy practices and standards, including ISO 27001, PCI DSS, GDPR, CCPA, and SOC 2 Type 2, to strike a balance between low-security control friction and maintaining your employees' and customers' privacy rights. Knolbase leverages enterprise-grade security. Since customers entrust sensitive data to our care, keeping it secure and safe is our mission.
We encrypt your data in transit and at rest. Our web applications undergo regular vulnerability assessments, penetration testing, and security reviews. Our security and privacy architecture enable you to remain compliant with global standards. We are also ISO 27001:2013 certified. Amazon Web Services provide Knolbase's computing infrastructure.
1. Regulation Ready Compliance
Data protection
We classify data based on sensitivity and protect data using risk-based controls. We encrypt data when transiting public networks and at rest. We limit access to data by role-based access control (RBAC), multifactor authentication, and where appropriate, extensive logging. We monitor our networks on an operations and security level 24/7, leveraging our global team.
Highly secured and reliable infrastructure
Knolbase uses Amazon Web Services (AWS), exclusively, for the hosting of staging and production environments, which provides almost 100% uptime for our servers.
Best of application security
We employ a secure development life cycle with inbuilt security controls. All customer data is encrypted both in transit and at rest using AES-256. For AWS S3, we support per-customer dedicated S3 buckets with unique encryption keys.
2. Continuous Commitment To Security
Security Vulnerability Assessment and Penetration Testing (VAPT)
We perform internal and external penetration testing regularly. Knolbase is committed to conducting external penetration testing on an annual basis by a specialized external team. The executive summaries are available upon request to customers. Additionally, we use multiple vulnerability scanning services and tools to continuously scan our application for any vulnerability, both from outside and inside, weekly/monthly/quarterly/annually.
Continuous threat monitoring
We employ multiple solutions to provide continuous threat intelligence and vulnerability testing, with real-time alerting. Static and dynamic code analysis is a core component of our continuous integration and delivery software development approach. Also, we use the best endpoint security, and it gets updated and scans done daily for any anomaly.
Dedicated specialised security team
We have a dedicated internal security team that is responsible for reviewing, updating, testing, and maintaining our security and privacy controls. They also lead our preparations for new certifications, handling security threats, and assessing new vendors.
Security project reviews
All engineering projects must go through architecture reviews and receive sign-off from the security team before work can begin.
Security code reviews
Engineers are required to complete a security review checklist as a part of the software development life cycle for all code changes. We have implemented, and regularly review, our Secure Software Development Life Cycle (SSDLC), so that security is encountered at every stage of development. We use both SAST and DAST in our security code review, which helps us to remove bugs as early as possible.
3. Contact Us
Security Team – Knolbase
Enigma Software Solutions Private LimitedKoramangala, Bengaluru, India
Email: security@knolbase.com
If you have any security-related questions, concerns, or if you want to report a potential security issue, please contact us at security@knolbase.com.
This Security Policy is part of our commitment to maintaining the highest standards of security and data protection for our AI-powered onboarding and training platform.