Trusted Intelligence
Join Us

Governance & Trust

Qognetix Lightweight Cybersecurity Posture Statement (Pre-Cloud Stage).

1. Security Philosophy

Qognetix adopts a security-by-design approach appropriate to its stage.

Although we are not yet delivering a cloud platform or handling external datasets, we implement secure development and operational practises from day one to minimise future risk and ensure smooth scaling when platform services go live.

2. Current Security Controls (Pre-Cloud)

2.1 Secure Development Practises

  • Private, access-controlled Git repositories
  • MFA enforced on all development and infrastructure accounts
  • No hard-coded credentials in code or config
  • No open inbound services, no public API, no cloud endpoints exposed
  • Mandatory code review for Engine, Solver, and Studio/Lab components
  • Regular dependency/patch updates

2.2 Device & Endpoint Security

  • Full-disk encryption on all development machines
  • Password manager required for credentials
  • Automatic OS and security updates enabled
  • Enforced device lock, biometrics, and screen-timeout controls

2.3 Minimal Attack Surface

(Qognetix is currently pre-cloud and does not host user data.)

  • No production cloud services active
  • No customer or sensitive data stored or processed
  • Internal tools operate in isolated development environments
  • No exposure of Engine or Solver codebases beyond authorised developers

2.4 Identity & Access Governance

  • Principle of least privilege
  • Role-based access for repos and internal tooling
  • Immediate revocation of access if a device or account is suspected compromised
  • Logged administrative actions on version control systems

3. Future Security Roadmap (Aligned to Product Roadmap)

Security investment will scale proportionately with platform maturity.

  • Pre-Cloud Launch (2026-2027)
    • Formal cybersecurity review/penetration testing
    • IAM / zero-trust design for cloud API
    • Data governance and logging infrastructure
    • Vendor and supply-chain validation
  • Post-Cloud Beta (Seed Stage)
    • Continuous security scanning and monitoring
    • Data classification and retention policies
    • Encryption of data in transit and at rest
    • Formal certification planning (ISO27001 if required by partners)
  • Long-Term (Hardware Pathway)
    • Secure firmware update architecture
    • Hardware-level attestation for FPGA/ASIC pathway
    • IP protection and tamper-resistance measures

4. Security + IP Integration

Security supports our IP protection strategy:

  • Access-controlled codebase protects proprietary substrate (Engine + Solver)
  • No public cloud endpoints reduces risk of reverse engineering
  • Hardware mapping strategy will include secure synthesis boundaries
  • Sensitive architectural details stored under restricted access and encrypted
  • Security policies feed into IP audit and patent strategy

5. Commitment to Responsible Innovation

Qognetix will implement all measures required to ensure:

  • safe cloud deployment
  • secure processing of any future research datasets
  • responsible development of synthetic-intelligence tooling
  • proportionate risk management aligned to scale and use-cases

This ensures that as the platform expands, security scales with it.