Security

Your product data is protected at every layer.

Security is foundational to everything we build. Here is how QAgent keeps your URLs, test outputs, and infrastructure safe.

Encryption Everywhere

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Your test runs, screenshots, screencasts, and API responses are protected at every layer.

Secure Infrastructure

QAgent runs on AWS with automatic failover, DDoS protection, and infrastructure-as-code. Data is stored in SOC 2 compliant data centers.

Access Controls

Role-based access control ensures team members access only what they need. All activity is logged with audit trails. SSO and MFA available on higher plans.

Data Isolation

Each customer's test data, dashboards, and history are logically isolated. Your product URLs, test results, and screenshots are never shared with or accessible by other customers.

Regular Reviews

Dependencies are monitored for vulnerabilities. Security practices and infrastructure configurations are reviewed on a regular cadence.

Incident Response

We maintain a documented incident response plan with defined escalation paths. Affected customers are notified within 72 hours of a confirmed security incident.

Our commitments

No training on your data

Your product URLs, test outputs, screenshots, and code-adjacent data are never used to train models for other customers or for general AI improvement. They remain exclusively yours.

Scoped agent execution

QAgent only tests URLs you explicitly submit. We do not crawl beyond the scope you authorize, and we do not perform destructive or load-testing operations without opt-in.

Data deletion

You can delete any test run at any time. On account termination, all customer data is permanently removed within 30 days.

Responsible disclosure

Discovered a security vulnerability? Email aarohi@qagentai.tech. We take all reports seriously and respond within 24 hours.