What security is like at Kit.
Kit is built by x15ventures, which is wholly owned by CommBank. Central to Kit's development philosophy is the mantra of "safe, sound, secure".
Security is a core focus for us, not something we sacrifice in order to develop at pace. We design security into everything we build, not consider it an afterthought. We implement a range of measures to ensure that our software and the systems hosting it are as secure as possible, such as automated security tests in the build and CI systems, penetration testing and source code auditing, and vulnerability and patch management.
Our Security Operations Centre (SOC) constantly monitors for indicators of compromise and responds to reports of vulnerabilities and breaches. We treat resolution of security vulnerabilities and incidents as a critical priority.
Security risk management & regulatory compliance
As we operate in the sphere of financial technology, various regulations apply, from regulators including ASIC, APRA and the ACCC. As part of a broader risk management framework, we ensure compliance with relevant regulatory standards such as APRA CPS 234 and the CORIE framework.
Reporting security vulnerabilities
Please report any security issues you find in the Kit website or app to: firstname.lastname@example.org.
Anyone can send an email to this address. It will be read by the team, who will co-ordinate resolution of any reported security issues in confidence.