Encryption Management Platform

Confidential files, always encrypted. Manage your own keys, encrypt, store and share sensitive data across endpoints (Windows, Mac, iOS & Android), public clouds (Box, AWS, Google & Azure) and private cloud.

Watch Video

For US State and Federal Government Agencies

DUNS # 080041915; CAGE # 7HLM3

About Us

KAPALYA empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application. This ubiquitous encryption solution protects all your corporate data by seamlessly encrypting files on:

  • End-points computers/mobile devices.
  • Corporate servers and public cloud providers.
  • With KAPALYA, users have the ability to share encrypted files across multiple cloud platforms.
  • Integerated with Box, Amazon S3, Google and Microsoft Azure.

KAPALYA Solution for Government

  • 01 End-point Security

      The encryption management platform creates a secure vault on user endpoints where:
    • A data classification engine scans the endpoint for sensitive files and prompts users to encrypt.
    • All data within the vault is encrypted.
    • Each file and folder is assigned a unique encryption key.
    • No additional disk or storage space is taken up on the endpoint.

    • The problem with using the encryption offered by public cloud vendors:
    • Vendors will encrypt files at-rest on their cloud, however, files sitting on a user’s endpoint are left unencrypted and vulnerable to attacks.
    • The cloud provider won’t protect your files on endpoints or private clouds.
    • Most cloud providers control the encryption keys, making data visible to their cloud administrators.
    • Some cloud providers allow customers to bring and manage their own keys. However, integrating with a cloud provider’s key management system requires programming which could result in time consuming efforts and if not configured properly, could expose the customer’s data.
    • The Encryption Management Platform is cloud agnostic and uses client-side encryption so files and folders are encrypted before leaving the endpoint. While in-transit, files are double encrypted as they move through an SSL tunnel. Since the user controls the keys, your files are protected from eavesdropping by any third-party, including your cloud storage provider.
    • A unique encryption key per file allows users to share protected files across cloud storage platforms and to other Encryption Management Platform users.

    • KAPALYA creates a secure vault for each user on your private cloud as well, to allow file and folder protection within your network.
    • Your internal corporate administrators do not have privileges to view end-user data.
    • User’s credentials are not tied to the enterprise’s active directory.

    • Key management done differently:
    • One unique key for each file and folder Keys are served in real-time.
    • Keys are never stored on endpoints, public clouds or private clouds. Once the function is complete, the keys are destroyed.
    • This approach allows for encrypted file sharing within and outside your network.
    • When file sharing, only the unique key for that file is shared, not the keys to all your files.

    • KAPALYA’s data classification engine scans 250+ file types for social security numbers, credit card numbers, state I.D.s and driver's’ license numbers. The engine is customizable to identify the sensitive data your organization handles.
    • If confidential data is found sitting on endpoints, the platform will prompt users with a list of files, and options to preview, encrypt or delete. The frequency of scans can be on-demand or programmed to run at certain times or intervals and can be configured based on business needs.

 

KAPALYA Solution for Enterprise

  • 01 End-point Security

      The encryption management platform creates a secure vault on user endpoints where:
    • A data classification engine scans the endpoint for sensitive files and prompts users to encrypt.
    • All data within the vault is encrypted.
    • Each file and folder is assigned a unique encryption key.
    • No additional disk or storage space is taken up on the endpoint.

    • The problem with using the encryption offered by public cloud vendors:
    • Vendors will encrypt files at-rest on their cloud, however, files sitting on a user’s endpoint are left unencrypted and vulnerable to attacks.
    • The cloud provider won’t protect your files on endpoints or private clouds.
    • Most cloud providers control the encryption keys, making data visible to their cloud administrators.
    • Some cloud providers allow customers to bring and manage their own keys. However, integrating with a cloud provider’s key management system requires programming which could result in time consuming efforts and if not configured properly, could expose the customer’s data.
    • The Encryption Management Platform is cloud agnostic and uses client-side encryption so files and folders are encrypted before leaving the endpoint. While in-transit, files are double encrypted as they move through an SSL tunnel. Since the user controls the keys, your files are protected from eavesdropping by any third-party, including your cloud storage provider.
    • A unique encryption key per file allows users to share protected files across cloud storage platforms and to other Encryption Management Platform users.

    • KAPALYA creates a secure vault for each user on your private cloud as well, to allow file and folder protection within your network.
    • Your internal corporate administrators do not have privileges to view end-user data.
    • User’s credentials are not tied to the enterprise’s active directory.

    • Key management done differently:
    • One unique key for each file and folder Keys are served in real-time.
    • Keys are never stored on endpoints, public clouds or private clouds. Once the function is complete, the keys are destroyed.
    • This approach allows for encrypted file sharing within and outside your network.
    • When file sharing, only the unique key for that file is shared, not the keys to all your files.

    • KAPALYA’s data classification engine scans 250+ file types for social security numbers, credit card numbers, state I.D.s and driver's’ license numbers. The engine is customizable to identify the sensitive data your organization handles.
    • If confidential data is found sitting on endpoints, the platform will prompt users with a list of files, and options to preview, encrypt or delete. The frequency of scans can be on-demand or programmed to run at certain times or intervals and can be configured based on business needs.

 

KAPALYA Solution for SMB

  • 01 End-point Security

      The encryption management platform creates a secure vault on user endpoints where:
    • A data classification engine scans the endpoint for sensitive files and prompts users to encrypt.
    • All data within the vault is encrypted.
    • Each file and folder is assigned a unique encryption key.
    • No additional disk or storage space is taken up on the endpoint.

    • The problem with using the encryption offered by public cloud vendors:
    • Vendors will encrypt files at-rest on their cloud, however, files sitting on a user’s endpoint are left unencrypted and vulnerable to attacks.
    • The cloud provider won’t protect your files on endpoints or private clouds.
    • Most cloud providers control the encryption keys, making data visible to their cloud administrators.
    • Some cloud providers allow customers to bring and manage their own keys. However, integrating with a cloud provider’s key management system requires programming which could result in time consuming efforts and if not configured properly, could expose the customer’s data.
    • The Encryption Management Platform is cloud agnostic and uses client-side encryption so files and folders are encrypted before leaving the endpoint. While in-transit, files are double encrypted as they move through an SSL tunnel. Since the user controls the keys, your files are protected from eavesdropping by any third-party, including your cloud storage provider.
    • A unique encryption key per file allows users to share protected files across cloud storage platforms and to other Encryption Management Platform users.

    • KAPALYA creates a secure vault for each user on your private cloud as well, to allow file and folder protection within your network.
    • Your internal corporate administrators do not have privileges to view end-user data.
    • User’s credentials are not tied to the enterprise’s active directory.

    • Key management done differently:
    • One unique key for each file and folder Keys are served in real-time.
    • Keys are never stored on endpoints, public clouds or private clouds. Once the function is complete, the keys are destroyed.
    • This approach allows for encrypted file sharing within and outside your network.
    • When file sharing, only the unique key for that file is shared, not the keys to all your files.

    • KAPALYA’s data classification engine scans 250+ file types for social security numbers, credit card numbers, state I.D.s and driver's’ license numbers. The engine is customizable to identify the sensitive data your organization handles.
    • If confidential data is found sitting on endpoints, the platform will prompt users with a list of files, and options to preview, encrypt or delete. The frequency of scans can be on-demand or programmed to run at certain times or intervals and can be configured based on business needs.

 

Features

Encrypt

Data is encrypted in-transit and at-rest on endpoints, corporate servers and public clouds.

Auto-Protect

Out-of-the-box data classification engine scans over 250 file types for sensitive data.

Hidden

Zero-knowledge encryption masks cloud and corporate admins visibility into your data and encryption keys.

Keys

A unique key for each file and folder provides ultimate data security.

Share

Allows end-to-end encrypted file sharing across multiple public cloud platforms.

Save Time & Money

Eliminates the need of managing multiple vendors to secure your data at different points.

How it Works ?

Launch the app on your Windows or Mac computer and the Encryption Management System automatically scans for sensitive data.


Upload and encrypt any confidential data on endpoints (computers/mobile devices), corporate servers and/or public cloud providers.


Securely share your encrypted files, photos and videos through a public cloud provider.


Encryption is based on NSA Suite B Cryptography Standards using a FIPS 140-2 certified virtual key manager (vHSM).

Service Offerings

Managed Platform

Services managed and hosted by KAPALYA

  • Configure Encryption Management System on multiple devices per user (PC, Mac, iOS & Android).
  • Encrypted file sharing across multiple cloud providers (AWS/Box/Google/Microsoft).
  • Dashboard to view all user activities and registered devices.
  • Unlimited unique encryption keys for each file and folder.
  • Auto-detection and encryption of 250+ sensitive file types.
  • Encryption support on private cloud storage (Windows, Linux).
  • Biometric, pin and user ID/password authentication.
  • Ability to provision users.
  • 60-day file recovery.
  • Version control.
  • Multi-tenanted management and encryption key servers.
  • Email/Live Chat Support.
  • Service delivered from AWS.
Request Demo

Customer Owned Platform

Services managed and hosted by customer

  • Configure Encryption Management System on multiple devices per user (PC, Mac, iOS & Android).
  • Encrypted file sharing across multiple cloud providers (AWS/Box/Google/Microsoft).
  • Dashboard to view all user activities and registered devices.
  • Unlimited unique encryption keys for each file and folder.
  • Auto-detection and encryption of 250+ sensitive file types.
  • Encryption support on private cloud storage (Windows, Linux).
  • Biometric, pin and user ID/password authentication.
  • Ability to provision users.
  • 60-day file recovery.
  • Version control.
  • Dedicated management and encryption key servers.
  • 24/7 Tech support (Email, live chat and phone).
  • Servers hosted either on AWS or on-prem inside customers data center.
  • Masked public and private cloud admin visibility.
  • Integration with your existing Active Directory forest.
  • Point-to-Point IPsec VPN tunnel from customer prem to AWS.
  • Professional services to assist in setup of dedicated instance on AWS or your private cloud.
  • End-user and admin training.
  • Batch end-user creation.
Request Demo

Kapalya's Differentiators

Cloud Key Management

KAPALYA’s Approach:
Manage your own encryption keys.
Other Vendor's:
Use cloud provider’s encryption keys.

File & Folder Encryption

KAPALYA’s Approach:
Unique key served per file and folder.
Other Vendor's:
One key served per user for all their files.

Key Storage

KAPALYA’s Approach:
Keys are served in real-time and destroyed after encrypting.
Other Vendor's:
Keys could be stored on endpoints or public clouds.

SSL Tunnel

KAPALYA’s Approach:
Files are sent encrypted and through an SSL tunnel.
Other Vendor's:
Files are sent in clear-text via an SSL tunnel.


Encryption

KAPALYA’s Approach:
Client-side - Files are encrypted on the endpoint before upload.
Other Vendor's:
Server-side - Files are encrypted after data is uploaded.

Proxy-Based

KAPALYA’s Approach:
Files are encrypted on the end-point, before upload.
Other Vendor's:
Files are in clear text on endpoints and encrypted only when leaving the corporate perimeter.

Role-Based Policies

KAPALYA’s Approach:
Privileged users never have visibility into end-user data.
Other Vendor's:
Access to end user data is defined using role-based policies.

Privileged Cloud Admins

KAPALYA’s Approach:
Cloud admins are masked from viewing all data.
Other Vendor's:
Admins at public cloud providers have visibility into your corporate data.

WHO WE ARE

Executive Management

Sudesh Kumar

Founder &
CEO

Saeed Khosravi

Co-founder & CTO

Mohamed Menakbi

VP of Sales & Marketing | EMEA
Sales/Marketing/Business Developer

Emanuele Cerroni

Managing Director
Engineering

Nancirosa Piazza

Data Scientist
Advisors

Ramesh Iyer

Senior Cyber Security Leader

Derek Tumulak

Chief Product Officer

Santhana Krishnasamy

Product Leader | Startup Advisor

Greg Carter

Global Licenses Advisor

N Jayantha Prabhu

Technicial Advisor

Rabea Chaudhary

Brand & Marketing Advisor

Michael Turner

Technicial Advisor

Jagdish Amin

Business Development Advisor
Board of Directors

Sudesh Kumar

Saeed Khosravi

Administration

Thanh Nguyen

Administrative Assistant
Investors

CALTROP Holdings LLC

Private Investors

PRESS RELEASE

Kapalya Awarded Competitive Grant from the National Science Foundation
CoCre8 Technology Solutions are extremely excited to announce a distribution agreement with Caltrop for KAPALYA
Cybersecurity Startup KAPALYA Closes Seed Funding Round Led by Caltrop Holdings LLC
KAPALYA wins the best Cybersecurity startup company in North America award
KAPALYA Accepted in Platinum-Ranked Accelerator for Enterprise Startups
KAPALYA Partners with Thales to Provide Centralized Key Management
KAPALYA Partners with Gemalto to Leverage Their Latest Key Management Solution
KAPALYA Launches Intelligent End-to-End Encryption Software
KAPALYA partners with NSA to securing Data from Send to Receive

FROM THE NEWS

Kapalaya joins Berkeley Startup Cluster for a historic Berkeley-wide pitch competition at the intersection of innovation and equity
KAPALYA distribution rights awarded to CoCre8 Technology Solutions
Store Sensitive Business Files Through Multiple Platforms with KAPALYA
KAPALYA in Berkeley Startup Cluster
Protect your Data, wherever it Resides
Cybersecurity Startup KAPALYA Is Making Remote Work Companies Safer
Encryption is Non-negotiable
Navigating the cybersecurity challenges of the new normal, with Omar Ben Hamadou, KAPALYA's EMEA Sales Manager
Why you should worry about ransomware breaches during COVID-19
In conversation with Sudesh Kumar of KAPALYA, an ICE71 Accelerate 4 startup
KAPALYA Live Webcast - Safeguarding Elections: Protecting Citizen PII Data
Founder and CEO of KAPALYA, Sudesh Kumar speaking at the 2019 Alchemist Accelerator Demo Day
KAPALYA Live Webcast - Protect and Manage Your Unstructured Data with KAPALYA
KAPALYA Partners with Gemalto to Leverage Their Latest Key Management Solution
Gemalto boosts cloud security with scalable virtual key management
Sudesh Kumar keeps the key safe
Honolulu-based data encryption app Kapalya call NSA patent a game changer
The Hawaii Venture Capital Association selects Sudesh Kumar as one of the three finalists of the Tech Entrepreneur of the Year
Weekly Rotary Meeting-Sudesh Kumar-CEO of KAPALYA Inc
Entrepreneurial competition won by mobile app developer

PARTNERS

Thales/Gemalto

Gold OEM Partner

Hytrust

Integration Partner

DISTRIBUTORS

Carahsoft

US Federal & State Government

Caltrop Middle East

Europe/Middle East/Africa

Contact Us

Contact Us For More Informations

Location:

CALIFORNIA

1935A Addison St
Berkeley, CA 94704

HAWAII

Entrepreneurs Sandbox
643 Ilalo St, Suite 102
Honolulu, HI 96813

Call:

+1 (310) 400-6139

Loading
Your message has been sent. Thank you!

Frequently Asked Questions