Security for AI agents
QX gives teams powerful AI agents with the controls, isolation and transparency that business-critical work demands. Here is how we keep your data safe.
Compliance & certifications
Independent audits are underway. Our policies, controls and full subprocessor list are available through our Trust Center.
ISO 27001:2022
Information security management system (ISMS) audit underway.
SOC 2 Type II
Independent examination of our security, confidentiality and availability controls.
CASA Tier 2
Cloud Application Security Assessment covering app and API security.
UK & EU GDPR
Backed by our DPA which is available upon request via our Trust Center.
How we protect your data
Defense in depth across our infrastructure, application and operations.
End-to-end encryption
TLS 1.2+ in transit, AES-256 at rest. Integration credentials also get app-level encryption.
Tenant isolation
Agents execute in isolated, per-org sandboxes with no shared file system.
Granular data selection
Control exactly which files and folders get ingested, and which actions agents can take.
Role-based access
Assign owner, admin and member roles to control permissions across your team.
Secure authentication
Single sign-on via Google and Microsoft, optional MFA and passkeys for local accounts.
Revocation & deletion
Instantly revoke integrations to cut off access. Delete your data from our systems on request.
How we secure against AI risks
Autonomous agents create a new attack surface. We mitigate that.
Flexible model choice
Only trusted models: pick among OpenAI, Anthropic and Gemini per agent and per task. Upgrade with ease when new models are released.
No model training
Your content is used only to run the work you ask for. We don't train our models on it. Our AI providers operate under no-training terms for QX traffic.
Credentials stay protected
Connection secrets are encrypted at rest and resolved at execution time, so they're completely invisible to the AI.
Dig deeper on our security posture
Browse our security controls, policies, subprocessors and answers to common questions, or request access to documentation under NDA.
Email security@qxlabs.com for queries or issues.