Security & Compliance
Engineered for the highest regulatory bar
Bank-grade security, transparent compliance, and an enterprise audit posture — verified continuously.
ISO/IEC 27001 (Target)
Information Security Management System aligned with ISO 27001 controls and audit cadence.
FIU-IND & PMLA Aligned
Registered workflows, PEP & sanctions screening, transaction monitoring, STR preparation.
OWASP Top 10 Hardened
Application security baked in: rate limiting, input validation, secure headers, dependency scanning.
MPC / HSM Custody
Wallets backed by Fireblocks-class MPC custody. No single key, no single point of failure.
Audit & Logging
Tamper-evident audit logs retained for 5+ years. Admin actions tracked, separated by role.
Infrastructure Security
Encrypted at rest and in transit. Secrets in AWS Secrets Manager. CloudWatch monitoring 24/7.
Responsible disclosure
Found a vulnerability? Please report it confidentially to security@xybit.in. We acknowledge reports within 24 hours and offer a bug bounty for qualifying findings.