Fund managers entrust QUORUM with portfolio context, trade theses, and decision records. This page describes how we protect that data — what's in place today, what's in progress, and how to reach our security team.
QUORUM is built for the institutional investment workflow. Fund managers' positions, theses, and risk parameters are among the most sensitive data a firm holds — competitive intelligence, regulatory exposure, and personal performance all converge in it. Our security model is designed around three principles:
This page describes the controls in place today. Where a control is in progress or planned, we say so directly rather than implying maturity we haven't reached.
All connections to QUORUM use TLS 1.2 or higher. HTTP traffic is redirected to HTTPS at the edge. We use HSTS to prevent protocol downgrade. Internal service-to-service calls within our infrastructure are also encrypted.
Customer Data is stored encrypted at rest using AES-256 at the storage-engine layer. Database backups are encrypted with the same standard. Secrets (API keys, signing keys, third-party credentials) are stored in a managed secrets vault, not in source code or environment files committed to repositories.
Encryption keys are managed by our cloud provider's key-management service. Production keys are rotated on a defined schedule and on personnel change. Customers do not currently bring their own keys; BYOK support is on the Enterprise+ roadmap.
QUORUM uses Better Auth, deployed in our own infrastructure with credentials stored in our own database — not delegated to a third-party identity provider. Passwords are stored as salted hashes using a modern key-derivation function. Multi-factor authentication is available to all users and required for administrator accounts.
SSO via SAML 2.0 is available on the Institution and Enterprise+ tiers, allowing Customers to manage QUORUM access through their existing identity provider (Okta, Azure AD, Google Workspace, and others). User provisioning and deprovisioning follow the Customer's IdP.
Within a Customer workspace, roles control what each user can see and do — view, propose, override, configure, administer. PM Override permissions and Risk Governor configuration are gated to senior roles. All privileged actions are logged immutably to the workspace's audit trail.
QUORUM employees do not have standing access to Customer Data. Production access for support or incident response requires explicit approval, is time-bound, and is logged. Engineering work happens against synthetic and anonymized fixtures — never live Customer content.
QUORUM runs on Render in US-region data centers, with PostgreSQL as the primary data store. The platform is deployed as a single backend and frontend application, with horizontal scaling for inference workload. We use established cloud-provider primitives — managed databases, managed secrets, edge TLS termination, automated patching of base images — rather than rolling our own where mature alternatives exist.
Production environments are isolated from staging and development. Database backups are taken daily with point-in-time recovery, and backup integrity is verified periodically. Logging and monitoring run continuously, with alerting on anomalies in authentication, error rates, latency, and resource consumption.
Customer workspaces are isolated at the application layer through workspace-scoped queries and row-level access enforcement. Every database query that touches Customer Data is scoped to the requesting user's workspace. Cross-workspace data access is structurally prevented.
All Customer Data is currently processed and stored in US-region infrastructure. EU-region inference and storage is on the roadmap for European market expansion; we are not yet certified for processing data subject to GDPR controller obligations.
Customer Data is retained for as long as the Customer's account is active. IC Reports and deliberation transcripts are designed as long-lived records to support SEC Rule 204-2 retention windows; Customers can configure extended retention through workspace settings. On termination, Customer Data is returned or deleted within a reasonable period subject to legal-hold and backup retention windows. Operational logs are retained for up to 90 days.
QUORUM uses Anthropic's Claude as the primary LLM for deliberation, synthesis, and IC Report generation, with OpenAI as a fallback. Both providers operate under enterprise-grade terms with the following protections:
QUORUM does not train its own foundation models on Customer Data. Heuristic agents (Macro Strategist, Quant Evaluator, Risk Governor) run on deterministic logic with no LLM call and no data leaving our infrastructure.
We monitor our codebase, dependencies, and container images for known vulnerabilities through automated scanning integrated into CI/CD. Critical vulnerabilities are patched on an expedited timeline; high-severity vulnerabilities follow defined SLAs. Dependency updates are reviewed before being merged.
Annual third-party penetration testing is on the near-term roadmap as we scale the customer base. Findings from testing — and from internal review — are tracked through to remediation and verified.
QUORUM maintains a documented incident-response process covering detection, triage, containment, eradication, recovery, and post-incident review. The on-call engineering team is paged on monitored alerts and is responsible for initial response.
In the event of a security incident affecting Customer Data, we will notify affected Customers without undue delay, in accordance with applicable law and our contractual obligations. Initial notifications include the nature of the incident, the data affected if known, and the remediation steps underway. Follow-up communications include root-cause analysis and corrective actions once available.
We are honest about where we are: QUORUM is an early-stage company building toward institutional-grade compliance maturity. The current posture:
Enterprise Customers may request a security questionnaire response (SIG, CAIQ, or custom) through their account contact. We aim to respond within five business days.
If you discover a security vulnerability in the Service, please report it to security@getquorum.ai. We commit to:
We ask that researchers act in good faith: do not exploit vulnerabilities beyond what is necessary to demonstrate the issue, do not access or modify Customer Data, and give us reasonable time to remediate before public disclosure. We do not currently operate a paid bug bounty but may in the future.
For security questions, vendor risk reviews, or to request our security questionnaire responses:
If your procurement or vendor risk team needs SOC 2 documentation, security questionnaire responses (SIG, CAIQ), penetration test reports, or a Data Processing Agreement, contact our team and we will route the request appropriately.