Encryption at rest and in transit
TLS 1.2+ for every request to quilldocs.ai and our API. AES-256 for stored data. Customer-managed KMS keys are an enterprise option for workspaces that need them.
We document what we do for security in the open so your team can assess us without a meeting. This page is the canonical reference — if it contradicts something a salesperson says, this page wins.
TLS 1.2+ for every request to quilldocs.ai and our API. AES-256 for stored data. Customer-managed KMS keys are an enterprise option for workspaces that need them.
Each Quill deployment binds to exactly one workspace viaQUILL_WORKSPACE_ID. Cross-tenant collisions fail closed at startup, not silently at runtime — a missing binding is a deploy bug we want loud.
Pipeline runs, document edits, role changes, publishes — every action is logged with actor, target, and timestamp. Streamable to your SIEM. Retention configurable up to seven years on enterprise plans.
Customer repository contents are read for generation and kept only as long as they back active documents. Soft-delete with a 30-day recovery window; purge after, unless legal retention applies.
We publish status honestly. "In progress" means the audit is actively scheduled. "Available" means we'll send the report under NDA. "On request" means it exists; ask and we'll send.
Okta, Azure AD, Google, OneLogin, JumpCloud, anything SAML 2.0. Configurable session lifetimes. Just-in-time provisioning. Available on enterprise plans.
Per-workspace, per-document, per-action roles. Reviewers, publishers, viewers, admins. Optional required reviewers and approval chains for regulated environments.
IP allowlists. Configurable timeouts. Forced re-auth on destructive actions. Cookie security best practices (HttpOnly, Secure, SameSite). Industry-standard defaults.
We treat responsible disclosure seriously. We don't run a formal bug bounty yet (we're sizing one — Trigger: when traffic warrants), but we do credit reporters publicly with permission and we always say thank you, in real ways.
Email security@quilldocs.ai with details. PGP available on request. We acknowledge within 24 hours and commit to initial triage within 72.
quilldocs.ai, the Quill portal, the public API surface as it ships. Out of scope: third-party integrations (report to them), social engineering, and physical attacks against our office (we don't have one).