Security Portal
Security Portal
Security Portal
Security Portal
At KushoAI, data privacy and security are at the core of everything we do. This portal provides insights into our security posture and allows you to request access to our security documentation. We are SOC 2 Type II and ISO 27001 compliant.
Our cloud platform, accessible at [https://app.kusho.ai](https://app.kusho.ai), is hosted on AWS in the Stockholm (eu-north-1) region. We also offer an on-premises deployment with the same functionality as our public cloud, plus additional security and enterprise features as part of our Enterprise plan.
Most customers rely on our public deployment for test automation. However, if your organization operates in a highly regulated industry—such as healthcare, finance, or government—and requires enhanced privacy controls, contact us to explore an enterprise on-prem deployment.
At KushoAI, data privacy and security are at the core of everything we do. This portal provides insights into our security posture and allows you to request access to our security documentation. We are SOC 2 Type II and ISO 27001 compliant.
Our cloud platform, accessible at [https://app.kusho.ai](https://app.kusho.ai), is hosted on AWS in the Stockholm (eu-north-1) region. We also offer an on-premises deployment with the same functionality as our public cloud, plus additional security and enterprise features as part of our Enterprise plan.
Most customers rely on our public deployment for test automation. However, if your organization operates in a highly regulated industry—such as healthcare, finance, or government—and requires enhanced privacy controls, contact us to explore an enterprise on-prem deployment.
Compliances
Compliances
Compliances
Compliances
Product Security
Secure software development
lifecycle (SDLC) with regular
security reviews
Automated and manual
security testing, including static
and dynamic analysis
Regular penetration testing by
third-party security firms
Protection against common
web vulnerabilities
(OWASP Top 10, etc.)
Secure authentication and
authorization mechanisms
(OAuth, SSO)
Role-based access control
(RBAC) for fine-grained
permissions
End-to-end encryption for
data in transit and at rest
Data Security
Data encryption: AES-256 for
storage, TLS 1.2+ for transmission
Data integrity monitoring and
anomaly detection
Regular data backups with
encrypted storage and
disaster recovery plans
Granular data access policies with
audit logs
Data classification and handling
policies based on sensitivity levels
Protection against unauthorized data
modifications or deletions
Legal
Compliance with SOC 2 Type II
and ISO 27001
Terms of Service and
Acceptable Use Policy enforcement
Data Processing Agreements (DPA)
available for customers
Subprocessor transparency and
vendor security assessments
Incident response and breach
notification policies
Legal obligations for data retention
and deletion
Data Privacy
No unnecessary collection of
personal data; minimal data retention
User-controlled data deletion and
anonymization options
Privacy-by-design approach in all
features and services
Transparent data usage policies and
user consent mechanisms
Access Control
Role-based access control (RBAC)
with least privilege principles
Just-in-time (JIT) access provisioning
for sensitive operations
Secure access logging and real-time
monitoring
Strict access controls for
production environments
Infrastructure
Hosted on AWS in the eu-north-1
region with high availability
Network security measures: firewalls,
DDoS protection, IDS/IPS
Regular vulnerability assessments
and patch management
Cloud security best practices and
least-privilege access for
cloud resources
Corporate Security
Employee security awareness
training and phishing simulations
Background checks and security
screening for employees
Strict policies for handling customer
data and internal access controls
Secure internal communication tools
and encrypted messaging
Product Security
Secure software development
lifecycle (SDLC) with regular
security reviews
Automated and manual
security testing, including static
and dynamic analysis
Regular penetration testing by
third-party security firms
Protection against common
web vulnerabilities
(OWASP Top 10, etc.)
Secure authentication and
authorization mechanisms
(OAuth, SSO)
Role-based access control
(RBAC) for fine-grained
permissions
End-to-end encryption for
data in transit and at rest
Data Security
Data encryption: AES-256 for
storage, TLS 1.2+ for transmission
Data integrity monitoring and
anomaly detection
Regular data backups with
encrypted storage and
disaster recovery plans
Granular data access policies with
audit logs
Data classification and handling
policies based on sensitivity levels
Protection against unauthorized data
modifications or deletions
Legal
Compliance with SOC 2 Type II
and ISO 27001
Terms of Service and
Acceptable Use Policy enforcement
Data Processing Agreements (DPA)
available for customers
Subprocessor transparency and
vendor security assessments
Incident response and breach
notification policies
Legal obligations for data retention
and deletion
Data Privacy
No unnecessary collection of
personal data; minimal data retention
User-controlled data deletion and
anonymization options
Privacy-by-design approach in all
features and services
Transparent data usage policies and
user consent mechanisms
Access Control
Role-based access control (RBAC)
with least privilege principles
Just-in-time (JIT) access provisioning
for sensitive operations
Secure access logging and real-time
monitoring
Strict access controls for
production environments
Infrastructure
Hosted on AWS in the eu-north-1
region with high availability
Network security measures: firewalls,
DDoS protection, IDS/IPS
Regular vulnerability assessments
and patch management
Cloud security best practices and
least-privilege access for
cloud resources
Corporate Security
Employee security awareness
training and phishing simulations
Background checks and security
screening for employees
Strict policies for handling customer
data and internal access controls
Secure internal communication tools
and encrypted messaging
Product Security
Secure software development
lifecycle (SDLC) with regular
security reviews
Automated and manual
security testing, including static
and dynamic analysis
Regular penetration testing by
third-party security firms
Protection against common
web vulnerabilities
(OWASP Top 10, etc.)
Secure authentication and
authorization mechanisms
(OAuth, SSO)
Role-based access control
(RBAC) for fine-grained
permissions
End-to-end encryption for
data in transit and at rest
Data Security
Data encryption: AES-256 for
storage, TLS 1.2+ for transmission
Data integrity monitoring and
anomaly detection
Regular data backups with
encrypted storage and
disaster recovery plans
Granular data access policies with
audit logs
Data classification and handling
policies based on sensitivity levels
Protection against unauthorized data
modifications or deletions
Legal
Compliance with SOC 2 Type II
and ISO 27001
Terms of Service and
Acceptable Use Policy enforcement
Data Processing Agreements (DPA)
available for customers
Subprocessor transparency and
vendor security assessments
Incident response and breach
notification policies
Legal obligations for data retention
and deletion
Data Privacy
No unnecessary collection of
personal data; minimal data retention
User-controlled data deletion and
anonymization options
Privacy-by-design approach in all
features and services
Transparent data usage policies and
user consent mechanisms
Access Control
Role-based access control (RBAC)
with least privilege principles
Just-in-time (JIT) access provisioning
for sensitive operations
Secure access logging and real-time
monitoring
Strict access controls for
production environments
Infrastructure
Hosted on AWS in the eu-north-1
region with high availability
Network security measures: firewalls,
DDoS protection, IDS/IPS
Regular vulnerability assessments
and patch management
Cloud security best practices and
least-privilege access for
cloud resources
Corporate Security
Employee security awareness
training and phishing simulations
Background checks and security
screening for employees
Strict policies for handling customer
data and internal access controls
Secure internal communication tools
and encrypted messaging
Welcome to a new era of software engineering
© Copyright 2025, All Rights Reserved by Kusho, Inc.
Welcome to a new era of software engineering
© Copyright 2025, All Rights Reserved by Kusho, Inc.
Welcome to a new era of software engineering
© Copyright 2025, All Rights Reserved by Kusho, Inc.
Welcome to a new era of software engineering
© Copyright 2025, All Rights Reserved by Kusho, Inc.