Security assessments built for regulated industries
For banks, fintech, and enterprises facing audits. We find vulnerabilities before your official assessors do.
Technical Assessment
What Kalasec provides
- ✓ Real vulnerabilities found in your live systems
- ✓ Severity-ranked findings + remediation steps
- ✓ Pre-audit prep before official assessors arrive
- ✓ Report you own and use internally
Compliance Submission
What a registered OJK assessor provides
- — Official filing accepted by OJK, BI, or other regulators
- — Requires assessor on OJK's registered vendor list
- — Required for regulated license renewal
KALASEC IS NOT A REGISTERED OJK ASSESSOR
We connect you with licensed partners for the official filing.
Serving Indonesian regulated entities and global companies with local subsidiaries.
Two things. One often confused for the other.
Understanding the difference protects you and sets the right expectations.
Technical Security Assessment
What Kalasec provides
- ✓ Real vulnerabilities found in your live systems
- ✓ Severity-ranked findings with step-by-step remediation
- ✓ Documented proof your security was tested
- ✓ Report you own and use internally
- ✓ Pre-audit preparation — fix issues before official assessors arrive
- ✓ Available now
Compliance Submission
What a registered OJK assessor provides
- — Official filing accepted by OJK, BI, or other regulators
- — Requires assessor on OJK's registered vendor list
- — Certifies your compliance posture to the regulator
- — Required for regulated license renewal
- — Kalasec is not currently a registered OJK assessor
- — We can connect you with licensed partners
KALASEC IS NOT A REGISTERED OJK ASSESSOR
We do the technical work. A registered assessor does the official filing. Both are necessary. We're honest about which is which. We can connect you with partners →
What We Offer Regulated Clients
Pre-Compliance Assessment
Find your vulnerabilities before your official auditors do. We run a full technical assessment using the same attack scenarios an official auditor will test. Your team fixes everything. You walk into the official audit clean.
Best for: Upcoming OJK/BI audit
Output: Technical report + remediation guide + retest
Technical prep only. Official filing requires a registered assessor.
Standard Technical Assessment
No audit deadline? Still need to know what's exposed. Full security assessment of your products, cloud, or AI systems. Findings ranked by severity. Step-by-step fixes included.
Best for: Security visibility without audit deadline
Output: Technical findings report
Need the Official Filing Too?
We connect you with a licensed OJK-registered assessor for the official submission. We run the technical assessment in parallel — saving you time and delivering cleaner findings to the official assessor.
Best for: Technical depth + official filing
Output: Kalasec report + licensed partner compliance submission
What's Different About a Pre-Compliance Report
| Section | Standard Report | Pre-Compliance Report |
|---|---|---|
| Vulnerability findings | ✓ | ✓ |
| Severity scoring (CVSS) | ✓ | ✓ |
| Step-by-step remediation | ✓ | ✓ |
| Regulatory clause mapping ★ | ✗ | ✓ Mapped to POJK 11/2022 |
| Audit-deadline timeline ★ | ✗ | ✓ Tied to your audit date |
| Evidence package + retest ★ | Optional add-on | ✓ Included |
★ Exclusive to Pre-Compliance tier.
Pre-Compliance Reports do not constitute an OJK compliance submission. They are technical assessment documents designed to prepare your team for the official process. The regulatory filing requires a registered OJK assessor.
Compliance-Tier Pricing
Pre-Compliance engagements require broader scope, a more detailed report, and a retest after remediation. This is reflected in the pricing.
| Package | Standard | Pre-Compliance | What's added |
|---|---|---|---|
| Product Attack | From $1,500 | From $2,000 |
✓ Regulatory mapping ✓ Retest ✓ Evidence package |
| Cloud Attack | From $2,500 | From $3,500 |
✓ Regulatory mapping ✓ Retest ✓ Evidence package |
| AI Attack | From $2,500 | From $3,500 |
✓ Regulatory mapping ✓ Retest ✓ Evidence package |
| Complete Package | From $5,000 | From $7,000 | ✓ All above across full scope |
IDR, SGD, and other currencies available on request. Invoicing in IDR for Indonesian clients. 50% to begin. 50% on delivery.
For Licensed Security Firms and Assessors
We work with OJK-registered assessors and licensed security firms who need reliable technical execution. You handle the compliance relationship and official filing. We run the technical assessment using our AI-powered methodology — delivering findings faster and at higher coverage. Engagements are fully confidential. We operate under your brand if required.
White-Label Execution
- ✓ Your brand, our work
- ✓ We execute the technical assessment
- ✓ Fixed cost per engagement
Referral Partnership
- ✓ 10–15% referral fee
- ✓ No further involvement required
- ✓ You refer, we close
Partner enquiries: inquiry@kalasec.com
Learn more about global partnerships →Book a Free Scoping Call
No sales pitch. Just honest assessment of what you need.
Book a Free Scoping Call →Tell us about your audit
What regulator, what deadline, what scope.
We scope it
Clear proposal, fixed price, no surprises.
We test
Results delivered before your audit window.