Security and trust

Security posture for Kairnex products.

Kairnex Solutions builds defensive software for AI-agent governance, compliance evidence, identity exposure response, machine identity remediation, Windows host inspection, and protected Apple workflows. This page explains how the product suite handles access, data boundaries, security contact, and responsible compliance claims.

Report a security issue Review subscription paths

Trust. Protection. Integrity.

Trust center

Security information for evaluation and procurement.

Review security contact details, product boundaries, data handling posture, and the compliance claims Kairnex makes publicly. The security posture is documented around practical defensive workflows, scoped product access, and clear evidence-handling boundaries.

The public posture is written from hands-on technical training: an Associate in Electronic Engineering, an Associate in Information Technology, and current Bachelor in Cybersecurity work.

Security contact

Use [email protected] for vulnerability reports, suspected abuse, or security review requests.

Access model

Hosted products use authorized SaaS workspaces. EvidenceCompanion is an access client for approved Evidence workspace users, KairnexXray and ShieldDesk builds are local-first, and paid access is managed through product-specific subscription terms.

Data handling

Customer organizations control their evidence, reports, snapshots, audit records, and operational materials uploaded or generated in the service.

Responsible claims

Kairnex describes support for SOC 2 and ISO 27001 workflows. Product workflow support and certification status are stated clearly during security review.

Product security model

Clear product boundaries protect customer workflows.

AgentBoundary handles AI-agent governance, Evidence handles hosted compliance workspaces, EvidenceCompanion handles mobile Evidence review, ExposureOps handles compromised identity response, KeyControl handles machine identity remediation, KairnexXray handles Windows host inspection, and ShieldDesk supports suspicious-message and link triage.

AgentBoundary AI-agent identity governance with agent passports, deterministic policy decisions, approval workflows, kill-switch planning, and audit logs.

KairnexEvidence Hosted compliance evidence, audit packs, controlled snapshots, reports, and read-only auditor handoff.

EvidenceCompanion iOS and iPadOS access for authorized Evidence workspace users to review status, snapshots, and report handoffs.

ExposureOps Defensive compromised identity response with safe indicators, dry-run remediation, approvals, and audit logs.

KeyControl Machine identity exposure response with safe HMAC fingerprints, owner mapping, blast-radius context, approval-gated remediation, and audit evidence.

KairnexXray Local-first Windows host IDS, inspection dashboard, sensor health, Defender trace, event timeline, and safe response planning.

ShieldDesk iOS, iPadOS, and macOS suspicious message and link triage with local cases, checklist readiness, and support bundle export.

Headquarters website Public product information, pricing requests, support routing, and security contact.

Security principles

Security commitments customers can evaluate.

These commitments define how Kairnex frames defensive workflows, sensitive data handling, audit records, and customer security review.

Kairnex products are designed for defensive workflows

Kairnex avoids collecting plaintext passwords, stolen cookies, raw credentials, raw session tokens, or full sensitive prompts

Audit records, action logs, reports, snapshots, safe fingerprints, and source-app evidence support review and handoff

Destructive, containment, remediation, and kill-switch actions require explicit approval before execution

Secrets and integration tokens are treated as protected production configuration

Public forms are for contact and support routing, not sensitive customer evidence or credentials

Security review

What your team receives during review.

During procurement, your team receives architecture notes, hosting posture, support process, privacy overview, and product-specific security boundaries as needed.

Hosting posture

Review the hosted SaaS model, infrastructure provider path, backups, and environment separation.

Data boundaries

Confirm what customer data is uploaded, generated, retained, exported, or shared through auditor links.

Access controls

Discuss workspace-scoped access, roles, companion app access, and account administration.

Disclosure path

Send vulnerability reports to the security contact with minimal reproduction detail and no sensitive data.