Built by practitioners.
Not theorists.
Xiligent is a compliance and data privacy consultancy founded by security practitioners who got tired of watching businesses struggle with frameworks that should protect them — not paralyse them. We help Indian and global businesses build compliance programmes that actually work.
Compliance that actually
protects people.
Privacy regulation exists to protect people — customers, employees, patients, citizens. But too often, compliance becomes a box-ticking exercise that protects nobody. Businesses end up with binders full of policies that nobody reads and controls that nobody follows.
We exist to change that. We build compliance programmes that are practical, proportionate, and designed to actually reduce risk. Every policy we write is one your team will use. Every control we implement is one that makes your business more secure. Every framework we help you achieve is one that opens doors to new markets, partners, and customers.
What we believe
and how we work.
Substance over optics
We don't help clients create compliance theatre. Every control, policy, and process we build is designed to actually protect the business — not just pass an audit.
Straight talk
We tell clients what they need to hear, not what they want to hear. If something isn't compliant, we'll say so — early and clearly.
Builders, not advisors
We stay until the controls are in place. We don't hand over a slide deck and walk away — we build alongside you until the system works.
Proportionate to context
A 15-person startup and a 500-person enterprise have very different compliance needs. We right-size every engagement so you get exactly what you need — nothing more, nothing less.
People who've been
in the trenches.
Every member of our team has hands-on experience building and operating compliance programmes — not just advising on them.
Arun Mehta
Founder & Lead — Compliance
Former CISO with 12 years in fintech and healthcare compliance. Built and led security programmes at three regulated companies before founding Xiligent.
Sunita Krishnan
Data Privacy Counsel
Technology lawyer specialising in data protection regulation. Advised on DPDPA and GDPR implementation for SaaS, healthtech, and financial services companies.
Vikram Rao
Security & Pen Testing Lead
OSCP-certified offensive security professional with 8 years of experience in penetration testing, red teaming, and security architecture.
Pooja Tiwari
AI Governance Specialist
Led ISO 42001 implementation for AI-first companies. Specialises in AI risk assessment, algorithmic fairness, and responsible AI governance frameworks.
Four steps to
real compliance.
Every engagement follows the same proven structure — adapted to your business, your framework, and your timeline.
Discovery call
A free 30-minute conversation to understand your business, your regulatory landscape, and what is driving the compliance need.
Gap assessment
A structured review of your current state against the relevant framework. You get a prioritised gap report and a clear remediation roadmap.
Implementation
We build alongside you — policies, controls, training, evidence collection. We don't hand you a template and leave.
Audit readiness
Internal audit, evidence review, and full preparation so you walk into the external audit with confidence.
Ready to get started?
Tell us where you are and what you're trying to achieve. We'll give you an honest view of what it takes.