Security at Querri: Built on Trust, Designed for Protection
We safeguard your data with transparent, enterprise-grade security practices. Focus on insights without worrying about data loss, breaches, or misuse.
Compliance & Security
Our security practices allow you to focus on insights without worrying about data loss, breaches, or misuse.
Independently Verified
Annual compliance audits ensure
your data stays protected
How we protect your information
Your data is yours - we never use your data to train AI
Your data stays private. No information is shared between customers. Everything remains isolated, keeping your business confidential.
Encryption & Key Management
We protect customer data using strong encryption protocols at rest and in transit. Keys are managed through AWS KMS and Azure Key Vault, with strict access controls to ensure decryption keys are never tied to user accounts. Each tenant can have its own key, adding an extra layer of security.
Granular Access Control
Access is granted based on the principle of least privilege through role-based access control (RBAC). Single sign-on (SSO), just-in-time credentials, and multi-factor authentication are integrated to ensure only the right people can access the right resources at the right time..
Isolation & Data Privacy
Our infrastructure is designed around isolated tenants, ensuring each project is its own secure boundary. By default, no access is allowed unless explicitly authorized, preventing data from crossing between tenants or accounts.
Encryption in Transit & at Rest
We adopt industry-standard cryptography, enforcing TLS for all data in motion and AES-256 encryption for data at rest. Load balancers automatically enforce HTTPS with the latest cipher suites, ensuring data confidentiality during transfer.
Compliance & Certifications
Querri is SOC 2 Type II certified, independently verifying the effectiveness of our controls over time. Our practices align with PCI-DSS, HIPAA, and ISO standards, and we continuously update them to meet evolving compliance needs.
Audit Logging & Monitoring
Every access and system change is tracked across multiple layers, including AWS CloudTrail, ELK logging, and Wazuh agents. Logs are tamper-resistant, centralized, and continuously monitored to detect anomalies or unauthorized behavior.
"Security has been at the heartDave Ingram, Querri Founder/CEO
of Querri from the first line
of code I wrote."
More Questions? Check out our FAQs
Querri secures data with layered protections, including encryption at rest and in transit, isolated tenant environments, strict role-based access controls, continuous monitoring, and independently audited compliance certifications.
Yes. All data is encrypted using industry-standard protocols (AES-256) at rest and TLS for data in transit. Encryption keys are managed with AWS KMS or Azure Key Vault, ensuring keys are isolated and never tied to user accounts.
Access is tightly controlled using role-based access control (RBAC), single sign-on (SSO), and just-in-time tokens that expire quickly. Multi-factor authentication is enforced, and all access attempts are logged and monitored.
No. Your data is isolated to your tenant environment and never used to train Querri's AI models or shared across accounts.
We employ 24/7 monitoring with AWS GuardDuty, Wazuh SIEM, and AWS Inspector to detect anomalies, intrusions, or vulnerabilities. Alerts trigger formal incident response procedures to quickly investigate and remediate issues.
Querri is SOC 2 Type II certified, independently verifying that our controls operate effectively over time. Our infrastructure also aligns with PCI-DSS, HIPAA, and ISO frameworks through our use of AWS and DuploCloud best practices.
Querri has formal incident response procedures in place. We rapidly detect, report, and mitigate incidents, while documenting outcomes and ensuring continuity of service.
Our platform is deployed across multiple availability zones with automated failover, backups, and disaster recovery procedures to ensure reliability and minimize downtime.
We continuously scan for vulnerabilities using AWS Inspector and Wazuh, patching critical issues quickly. File integrity monitoring and antivirus scanning provide additional protection against malware or unauthorized changes.
Yes. We share our SOC 2 Type II audit report under NDA with customers, partners, or prospects who request it by contacting security@querri.com.