Compliance evidence for enterprise review
Access SOC 2 materials, privacy documentation, security questionnaires, and standard contracting resources from one place before procurement or legal review starts.
Enterprise security overview
Security and compliance for governed AI coding
Kilo gives security, privacy, legal, and platform teams a clear path to evaluate AI coding: SOC 2 resources, no data retention on paid plans, subprocessors, encryption, access controls, incident response, DPA support, and a live Trust Center.
Security review packet
What buyers can validate
- SOC 2
- security documentation available through the Trust Center
- SSO + SCIM
- identity, provisioning, RBAC, and audit controls
- No retention
- paid plans support no data retention for AI prompts and outputs
- DPA
- privacy and contract materials available for review
Buyer-ready trust
Designed for the questions security teams ask first
Data controls for AI coding
Paid plans support no data retention for AI prompts and outputs, plus provider and model routing controls so teams can match usage to approved data policies.
Access governance across developer surfaces
Govern access with SSO/SAML, SCIM provisioning, RBAC, team administration, and audit logs across IDE, CLI, Cloud, Slack, and code review workflows.
Security controls
A scannable control map for enterprise evaluators.
Use this page to route early security review. Use the Trust Center when your team is ready for underlying artifacts, policies, and compliance documents.
Review Trust Center artifactsCompliance and contracting
- SOC 2 documentation available through the Trust Center
- DPA and security review materials available for enterprise evaluations
- Subprocessor information available for legal and privacy review
- Standard MSA and enterprise contracting support
Data protection
- Encryption in transit and at rest for Kilo-managed systems
- No data retention for AI prompts and outputs on paid plans
- BYOK and approved provider routing options
- Data-residency and dedicated proxy gateway options for enterprise needs
Access controls
- SSO/SAML and OIDC options
- SCIM provisioning and deprovisioning
- Role-based access control and centralized team administration
- Provider and model allowlists by organization policy
Operations and response
- Audit logs for governed rollout and investigation workflows
- Incident response process and customer notification workflows
- SLA commitments and priority support for enterprise customers
- Trust Center updates for security posture and compliance artifacts
Evaluation workflow
Move from security review to governed rollout faster
Kilo separates buyer-facing security posture from responsible disclosure, so enterprise teams can evaluate the platform without digging through vulnerability reporting instructions.
Step 1
Review posture
Start with this overview, then open the Trust Center for SOC 2, subprocessors, privacy, and security documentation.
Step 2
Map controls
Confirm SSO, SCIM, RBAC, audit logs, model allowlists, data retention, and approved provider routing against internal AI policies.
Step 3
Plan rollout
Work with Kilo on enterprise onboarding, contracts, DPA, support commitments, and developer adoption across your approved surfaces.
Documents and next steps
Give every evaluator the right destination
Trust Center
SOC 2, security posture, subprocessors, privacy, and compliance artifacts.
Enterprise overview
Govern AI coding with SSO, SCIM, RBAC, audit logs, BYOK, and model controls.
Privacy policy
How Kilo handles privacy, personal data, and product data practices.
Responsible disclosure
Report vulnerabilities and review Kilo security disclosure guidance.
Enterprise readiness
Ready to bring security into your AI coding rollout?
Talk with Kilo about SOC 2 materials, data retention, subprocessors, encryption, access controls, incident response, DPA, Trust Center access, and enterprise rollout requirements.
Reporting a vulnerability? Use the responsible disclosure policy. Need live compliance documents? Open the Trust Center.