Security

Security for AI that can take action.

Quickly is designed for teams that connect real business systems to AI. That means encryption, workspace isolation, approval controls, audit trails, and careful handling of third-party integration data.

Security controls

The controls below describe how Quickly protects credentials, customer data, AI actions, and production systems.

Encryption and secrets

  • OAuth tokens, API keys, and customer-managed credentials are encrypted at rest
  • Credential encryption uses AES-256-GCM with workspace-scoped data encryption keys
  • Production secrets are managed through Google Cloud Secret Manager and deployment-time environment configuration
  • Public traffic uses HTTPS/TLS, and service connections use encrypted provider channels where supported

Tenant isolation and access control

  • Application data is scoped by workspaceId and protected by workspace membership checks
  • Workspace roles control admin, manager, and member access to customer data and settings
  • Integration credentials are scoped to the authorizing user and workspace
  • Public API keys, webhooks, and OAuth callbacks use signature, token, scope, or session validation

AI action governance

  • Autonomy modes control whether Quickly can read, write, or take destructive actions automatically
  • Sensitive write operations can require human approval before execution
  • Tool calls, workflow runs, approvals, failures, and important admin events are logged for review
  • Prompt-injection filtering, moderation, and untrusted-context labeling reduce unsafe AI behavior

Operational security

  • Quickly runs on Google Cloud Run, Cloud SQL PostgreSQL, Cloud Storage, Cloud Tasks, and related managed services
  • Container builds run CI checks and vulnerability scanning before deployment
  • Production errors and security-relevant failures are monitored and routed for staff review
  • Backups, incident response procedures, and access restrictions support recovery and investigation

AI autonomy controls

Admins choose how much independence Quickly has before it reads, writes, or changes data in connected tools.

Conservative

Approval first

Quickly asks before taking actions, which is best for new workspaces and sensitive workflows.

Balanced

Default for most teams

Read-only work can run automatically while writes and higher-risk tools require confirmation.

Autonomous

Configured carefully

Trusted workflows can run with fewer prompts when admins have reviewed permissions and blast radius.

Infrastructure

Quickly runs on Google Cloud Platform with managed services for compute, storage, queues, secrets, and observability.

Application hosting

Google Cloud Run services for web, app, and internal workers

Databases

Cloud SQL PostgreSQL for application data and vector search workloads

Object storage

Google Cloud Storage for workspace-scoped assets and documents

Background work

Cloud Tasks and scheduled jobs for durable asynchronous processing

Secrets

Google Cloud Secret Manager for production credentials and service configuration

Observability

Cloud Logging, Sentry, and AI tracing for debugging and incident response

Need security documentation?

The Trust Center includes data handling, subprocessors, compliance posture, and links to the public legal pages used for integration reviews.

Open Trust CenterContact security