Navigation
PlatformModules
Pages
SecurityPricingDocsBlogContact
Trust Center

Security you can verify

Built for IT and security teams that need asset truth without compromising tenant boundaries or compliance posture.

SOC 2
SOC 2 · DPDP Act 2023
Trusted by 200+ teams managing 50K+ assets.

Encryption in transit & at rest

TLS for agent and API traffic. Production databases and secrets use industry-standard encryption and key management practices.

Tenant isolation

Multi-tenant RBAC plus Postgres row-level security policies so one customer’s assets, tickets, and agents stay scoped to their tenant.

Identity & access

MFA (TOTP), SSO options (SAML/OIDC), session controls, and least-privilege roles for admins, technicians, and portal users.

Audit & monitoring

Activity trails for sensitive actions, alerting pipelines, and operational logging designed for investigation and compliance evidence.

Deployment choice

Run as managed SaaS or self-host with Docker and PostgreSQL on your infrastructure when data residency requires it.

SOC 2 security program

QS Assets operates under SOC 2 security controls covering access, change management, and availability practices across the platform.

Subprocessors

Infrastructure partners that may process customer data for the managed SaaS offering. Self-hosted deployments keep data on your stack.

  • RailwayAPI & database hosting (SaaS)
  • VercelWeb application hosting
  • Email delivery providerTransactional mail (verification, alerts)

Report a vulnerability

Responsible disclosure: email security@qsasset.com or see security.txt.

Platform status →