Security

Your data stays yours.

Enterprise-grade security built into every layer. From encryption and tenant isolation to audit trails and AI safety controls.

Four pillars of trust

Security is not an add-on. It is built into the foundation of how Quickly stores, processes, and protects your data.

Encryption at rest and in transit

  • AES-256-GCM encryption for all stored credentials
  • Per-workspace encryption keys (not a shared global key)
  • TLS 1.3 for all data in transit
  • Zero-downtime key rotation support

Multi-tenant data isolation

  • Every database query scoped to your workspace
  • No cross-tenant data leakage by design
  • Workspace-level access controls and permissions
  • Role-based access: Admin, Manager, and Member roles

Authentication and access

  • OAuth 2.0 for all third-party integrations
  • Social login via Google and Microsoft
  • Webhook signature verification (HMAC-SHA256)
  • Session-based auth with secure HTTP-only cookies

Audit trail and transparency

  • Every AI action logged with full context
  • Tool calls, inputs, outputs, and durations recorded
  • Encryption key lifecycle auditing
  • Human-in-the-loop confirmation for sensitive actions

AI safety controls

Choose how much autonomy Quickly has. Every workspace can set its own policy, and admins can override settings per tool.

Conservative

Full control

Quickly asks for approval before every action. You review and confirm each step before anything changes in your tools.

Balanced

Recommended

Recommended

Quickly handles read-only actions automatically but asks for confirmation before creating, updating, or deleting anything.

Autonomous

Fastest

Quickly executes all actions automatically. Best for trusted workflows and experienced teams who want maximum speed.

Infrastructure

Quickly runs on Google Cloud Platform with industry-standard tooling for monitoring, scanning, and secret management.

Google Cloud Platform

Cloud Run with VPC isolation

Cloud SQL PostgreSQL

Managed, automated backups

Secret Manager

All secrets stored securely, never in code

Container scanning

Trivy on every deploy

Error monitoring

Sentry for real-time tracking

CI/CD pipeline

CircleCI with OIDC, no stored credentials

Questions about security?

We are happy to walk through our security practices, provide documentation, or answer any questions your team may have.

Contact usAbout Quickly