Kyūdō
Kyudo Trust Center

Our security posture, transparent by default.

We sell a Trust Center to our customers. We use one ourselves. Request any artifact below, no sales call required.

Compliance Artifacts

Available for your security review.

SOC 2 Type II

In progress

Annual audit covering security, availability, and confidentiality trust service criteria. Report available upon completion.

Request status update

Security whitepaper

Available

Architecture overview, encryption standards, identity controls, tenant isolation model, and vulnerability management practices.

Request access

Data Processing Agreement (DPA)

Available

Standard DPA covering data processing terms, sub-processors, and data residency commitments.

Request DPA

Penetration test summary

Available under NDA

Annual third-party penetration testing with documented remediation. Summary available to qualified prospects.

Request under NDA

Vulnerability disclosure

Active

Report potential security issues to security@kyudo.ai. We acknowledge within 24 hours and triage within 72 hours.

Report a vulnerability
Security Controls

How we protect your environment.

Encryption at restAES-256 via Azure Key Vault
Encryption in transitTLS 1.3 on all connections
IdentityMicrosoft Entra ID with SSO (SAML 2.0, OIDC)
MFAEnforced across all access points
Tenant isolationDedicated database schemas, container workload isolation
NetworkPrivate endpoints only, no public internet exposure
MonitoringAzure Sentinel integration, 24/7 security operations
PatchingCritical CVEs patched within 48 hours of disclosure
Company

About Kyudo, Inc.

Legal entityKyudo, Inc.
HeadquartersCosta Mesa, CA
Security contactsecurity@kyudo.ai
SOC 2 Type IIIn progress
ISO 27001In progress
GDPRCompliant
CCPACompliant

Need something not listed here? Reach out to our security team directly.