KerbSense Security
KerbSense ← Back
Last updated: Security Overview

Security at KerbSense Built-in protection for kerbside intelligence.

We protect data with layered controls across infrastructure, application, and process. Below is a high-level summary of our programme.

Report a vulnerability Read our Privacy Policy

Security principles

Least privilege

Access is role-based and time-bounded wherever possible.

Defense in depth

Multiple layers across network, application, and device tiers.

Secure by default

Encryption, MFA, audit logging, and secure baselines enabled by default.

Infrastructure

Cloud hosting

Managed cloud with physically secure data centres, redundant power, networking, and environmental controls.

Segmentation & isolation

Separate environments (prod/stage) and VPC/VNet isolation with private subnets.

Backups

Automated backups with periodic restore testing and region-level redundancy.

Observability

Centralised logging, metrics, and alerting with retention and tamper-resistant storage.

Application security

SDLC & code quality expand

Peer review, CI checks, dependency scanning, and security gates before production deploys.

Secrets management expand

KMS/secret stores; no secrets in code; rotation and scoped access.

Hardening & patching expand

Hardened images, minimal packages, regular patch windows, and automated rollouts.

Network & encryption

  • TLS 1.2+ for all external endpoints; HSTS enabled.
  • Encryption at rest using provider-managed keys or KMS.
  • Firewalls, security groups, WAF for internet-facing services.
  • Private networking for device ingest where available.

Identity & access

  • MFA enforced for admin access; SSO supported for enterprise.
  • RBAC with least privilege; periodic access reviews.
  • Session management and audit logging for sensitive actions.

Vulnerability management

Automated dependency and container image scanning, periodic penetration testing, and tracked remediation SLAs by severity.

Incident response

Runbooks, on-call rotation, post-incident reviews, and customer notification commitments consistent with legal obligations.

Compliance

Our programme aligns to industry best practices (e.g., ISO 27001 principles). Formal certifications may be in progress; contact us for current status and reports under NDA.

Business continuity & disaster recovery

Documented BCDR plans with RTO/RPO objectives, tested restorations, and diversified regions for critical services.

Sub-processors

We use vetted providers for hosting, analytics, support, and email. Each is bound by data processing terms and security obligations. For an up-to-date list, contact security@kerbsense.com.

Data retention & deletion

We retain logs and operational data for the minimum period needed for security, troubleshooting, and product improvement, then delete or aggregate. See our Privacy Policy for rights and details.

Responsible disclosure

We welcome reports from the security community. If you believe you’ve found a vulnerability, please email security@kerbsense.com with details, steps to reproduce, and your contact information. We’ll acknowledge receipt, investigate promptly, and keep you updated.

  • Do not access data that isn’t yours or degrade service.
  • Give us reasonable time to remediate before public disclosure.
  • No social engineering or physical attacks.
Email security@kerbsense.com Back to homepage

Contact

KerbSense Ltd
71–75 Shelton Street, London, WC2H 9HQ
Email: security@kerbsense.com