Information Security

Our comprehensive approach to protecting your data and our systems

Purpose

This Information Security page provides an overview of CulperSec's comprehensive security practices and policies. While our security documentation is available through our standard due diligence package for customers and prospects under mutual NDA, this page serves to demonstrate CulperSec's commitment to information security. It outlines our approach to data protection, system security, and the various policy areas we maintain to ensure the highest standards of security governance.

Infrastructure & Data Security

CulperIQ is built on a security-first architecture that emphasizes defense in depth, continuous monitoring, and proactive threat prevention. Our infrastructure leverages enterprise-grade cloud services and implements rigorous security controls at every layer of the technology stack.

CulperSec Policies

All CulperSec staff are accountable for understanding and adhering to the guidance contained in the CulperSec set of Information Security Policies. Policies address areas including asset classification, risk assessment, access control, change control and acceptance, incident response, exceptions, training, and where to go for additional information. Policies are available to all employees and those policies are listed below.

Additional Policies

CulperSec also internally maintains the following internal corporate policies:

Acceptable Use Policy
Antivirus/Antimalware Policy
Asset Management / Inventory Policy
Change Management Policy
Clear Desk and Clear Screen Policy
Cryptography Policy
Data Classification and Handling Policy
Logging Policy
Patch Management Policy
Physical/Environmental Security Policy
Awareness Training Policy
Mobile Device Policy
IoT Security Policy
Vulnerability Management Policy
Removable Media Policy