Kobana
🇧🇷
Enterprise Security

Security You Can Trust

Protecting your financial data is a priority. Learn about the measures we adopt to keep your information secure.

99.9%

Availability

< 15min

Incident response

2x/year

Pentests performed

0

Data breaches

Protection Layers

Security implemented in multiple layers for maximum protection

Encryption in Transit

TLS 1.3, HSTS, and Perfect Forward Secrecy for all communications.

Encryption at Rest

AES-256 for sensitive data, with keys rotated via HSM.

Multi-Factor Authentication

MFA mandatory for all administrative access.

24/7 Monitoring

SIEM and real-time anomaly detection.

AWS Infrastructure

Hosted on Amazon Web Services, the world's largest cloud provider.

Continuous Backup

Incremental backups, fast recovery, and geographic redundancy.

Secure Infrastructure

Network Architecture

  • Segmentation: Networks isolated by function and sensitivity level
  • Firewalls: Strict inbound and outbound rules
  • WAF: Web Application Firewall against common attacks
  • DDoS Protection: Protection against denial of service attacks

Access Control

  • Least privilege principle: Minimum necessary access
  • Multi-factor authentication: Mandatory for all employees
  • Corporate SSO: Centralized identity management
  • Periodic review: Access reviewed quarterly

Backup and Recovery

  • RPO (Recovery Point Objective): Maximum 1 hour of data loss
  • RTO (Recovery Time Objective): Recovery within 4 hours
  • Automatic failover: Switching without manual intervention
  • DR tests: Simulations performed quarterly
White Hat Program

We have a rewards program for security researchers who responsibly identify vulnerabilities. Rewards range from $100 to $1,000+ depending on severity.

Send reports exclusively to whitehat@kobana.com.br
Include detailed description, reproduction steps, and potential impact
Follow the responsible disclosure policy
Donations to NGOs receive double rewards

Our Commitment

  • - Investigate all legitimate reports
  • - Not take legal action against good-faith researchers
  • - Pay rewards according to vulnerability severity
  • - Acknowledge your contribution (if desired)
View complete White Hat Policy

Frequently Asked Questions

Where is my data stored?

Your data is stored on Amazon Web Services (AWS), the world's largest cloud infrastructure provider. AWS maintains SOC 2, ISO 27001, and PCI-DSS certifications in its data centers.

Does Kobana have access to my banking data?

Kobana only accesses the data necessary to provide the contracted service, according to the permissions you grant during integration. All access is logged and auditable.

What happens in case of a data breach?

We have a structured incident response plan. In case of a breach affecting your data, you will be notified as required by LGPD, with information about what happened and measures taken.

Can I request security information?

Yes. Customers on Enterprise plans can request detailed information about our security practices under a confidentiality agreement. Contact comercial@kobana.com.br.

How does Kobana handle payment data?

Card data is tokenized and processed by PCI-DSS certified partners. We do not store complete card numbers in our systems.

Security Contact

For security-related questions, contact our team.

seguranca@kobana.com.br

For emergencies outside business hours, use the same email with the subject URGENT.

Related Documents

White Hat PolicyTerms of UsePrivacyLGPD
Schedule