Security at QuadSci.ai

    Last Updated: October 2025

    At QuadSci.ai, protecting the confidentiality, integrity, and availability of our customers' data is a top priority. Our product is designed to operate within each customer's own cloud environment, ensuring data remains under their full control. We follow industry best practices for security, compliance, and privacy across all of our operations.

    Self-Hosted Deployment

    QuadSci's products are delivered as a self-hosted application running entirely within each customer's cloud infrastructure (AWS, GCP, or Azure). QuadSci does not collect or store customer production data in our systems. Customers maintain ownership and control over their environments and data.

    QuadSci provides security guidance, configuration best practices, and tooling to help customers deploy securely and meet compliance requirements, minimizing customer's efforts during implementation.

    Security Practices

    At QuadSci.ai, security is embedded into every stage of our product design and operations. We combine secure development practices, continuous monitoring, and regular third-party testing to protect the integrity and availability of our systems. The following measures represent the foundation of our security program:

    • Access Control: Internal systems and code repositories are protected with centralized authentication and multi-factor access controls to ensure that only authorized personnel can access sensitive resources.
    • Data Protection: All sensitive data is encrypted both in transit and at rest using industry-standard encryption algorithms.
    • Vulnerability Management: Our engineering team continuously scans code and dependencies for vulnerabilities, promptly addressing any identified issues through defined remediation processes.
    • Penetration Testing: Independent security testing is performed annually to identify and remediate potential weaknesses in our systems and infrastructure.
    • Monitoring & Incident Response: Infrastructure and applications are continuously monitored for anomalies or potential threats. Security events are investigated and remediated according to documented response procedures to ensure minimal impact and quick resolution.

    Compliance

    QuadSci is fully SOC 2 certified. We conduct regular risk assessments, employee security awareness training, and vendor reviews to ensure continued compliance with industry standards.

    Privacy

    Our Privacy Policy explains how we handle limited telemetry and diagnostic information. Because customer data stays in the customer's environment, QuadSci does not process or store production data within our own infrastructure.

    Reporting Security Issues

    We appreciate responsible disclosure of potential vulnerabilities. If you believe you have found a security issue or have questions about our security practices, please contact us at security@quadsci.ai.