CultureAI | Security

We've just raised $4m to measure and mitigate human cyber security risk... Find out more

Human Security Platform
Detect human risks

Continuous visibility of human cyber risks & security behaviours, synthesized from apps you already use.
Identify & quantify risks

Risk & security behaviour monitoring

Human risk scoring & analytics

Employee reporting tools
React

Instantly mitigate risks by automatically interacting with employees & orchestrating technical responses.
Intervene & mitigate

Human risk orchestration

Employee ChatOps & interventions

Human risk API

Triage

Human risk triage
Coach Employees

Improve behaviour with data-driven employee security coaching & help people prevent breaches.
educate & exercise

Automated security awareness training

Phishing simulations

Intelligent security coaching

Security communications

motivate

Gamification & security rewards

empower

Policy management

Cyber guardian mobile app
CultureLabs
Get a Demo

Our View

We protect our clients data, at all costs

When a client works with us, they're saying "We trust you to significantly decrease our security risks". It is our responsibility to do absolutely everything in our power to make that happen; starting with ensuring we don't increase their risks.

This page details just some of the lengths we go to to protect your data. If you're ever concerned, please talk to us at security@culture.ai.

The four pillars of trust

Security

Security is baked into everything we do; from our DevSecOps through to business ops and physical security. We encrypt your data at rest in transit and provide SSO, enforced MFA and IP-based ACLs to protect it. Your data is stored in your own country. Our team all hold BPSS security vetting, as a minimum. We perform regular pentests, and run continuous vulnerability scanning against our infrastructure, code and dependencies.

Reliability

Our platforms are built on best-in-class technologies, and are designed to be highly-available and fast. We use load balancing with automatic failover, geo-redundancy and monitor thousands of metrics every second to look for warning signs of issues. We have a defined and regularly tested disaster recovery plan.

Privacy

Protecting your data, and that of your employees, is our highest priority. It is, after all, why we founded CultureAI in the first place. We do everything in our power to ensure we protect it from unauthorised access, and are compliant with regulation such as GDPR.

Compliance

Our clients' often have strict compliance requirements, against which we have yet to record a single failure. We hold ISO 9001, 14001 and 27001, alongside Cyber Essentials Plus. We're happy to allow our enterprise clients to conduct independent audits / pentests, and our policy is to go to any length to support your internal compliance process.

Bug Bounty

Our bug bounty programme

We support the responsible disclosure of security issues and vulnerability to us from the security community. If you identify a security vulnerability in any CultureAI product please let us know at security@culture.ai and we'll acknowledge the report within a working day.

All we ask is that security researchers exercise appropriate consideration whilst conducting any testing; please throttle your rates and in the event you may (or have accidentally) access(ed) client data please stop and contact us so that we can remediate the vulnerability, communicate to our clients and order you pizza.

Trust & Security at CultureAI