Security review
Use this page when you need the hosted isolation model and deployment boundary story explained clearly.
Security and deployment boundaries
Security review for
Security review for
hosted and private-VPC
QF-Mem deployments.
QF-Mem is designed to keep durable AI workflow memory scoped, auditable, and operationally controlled. The default commercial path is managed SaaS. Enterprise customers that need customer-cloud network boundaries can use a managed private VPC lane without changing the core product model.
Managed SaaS or private VPC · Memory-space isolation · Operational review support
> deployment_review
tenant_boundary: authenticated memory space
workflow_boundary: server-enforced scope membership
deployment_paths: [managed_saas, private_vpc]
ops_controls: [status_report, drift_audit, maintenance, restore_drill]
review_goal: match deployment boundary to workflow and procurement risk
What this page is for
This is the trust and architecture-review path for buyers who need to understand deployment boundaries before they commit to a pilot or rollout.
Architecture review
Use this path when you need to decide between managed SaaS and private VPC for a real team rollout.
Operational review
Use this page when you need confidence in recovery, maintenance, and governance controls for long-running workflows.
How QF-Mem approaches isolation
Primary tenant boundary
In hosted deployments, the main tenant boundary is the authenticated memory space. Durable memory is then organized into scoped workflow surfaces so projects stay separated and auditable inside that boundary.
Deployment boundary choices
Teams can start with managed SaaS for speed. Customers that require stronger network and residency control can use a managed private VPC deployment in their own cloud environment.
Workflow separation
Scope membership and access checks are enforced on the server side so one workflow surface cannot read or mutate another without explicit authorization.
Operational safeguards
QF-Mem includes deterministic status reporting, drift checks, maintenance routines, and runbook-driven rollback and recovery procedures.
What security-conscious buyers usually need answered
- Can one customer's memory be seen by another? Hosted isolation is designed to prevent that through authenticated tenant boundaries and server-enforced workflow access checks.
- Can we keep memory inside our own cloud boundary? Yes. Private VPC is the path for customers that require customer-cloud network boundaries.
- Do we need to change model vendors? No. QF-Mem is a memory/control-plane layer for MCP-compatible workflows and is not tied to one model provider.
- What operational controls exist? Status reporting, drift and maintenance checks, acceptance gates, and recovery procedures are explicit product surfaces.
Frequently asked during diligence
Can one customer's agent memory be seen by another customer?
No. The hosted model is designed around authenticated memory-space boundaries with server-enforced scope access.
Can we keep memory inside our cloud boundary?
Yes. Private VPC is the enterprise path for customers that require customer-cloud network boundaries.
What happens in a security review?
We walk through the deployment model, tenant boundary, workflow isolation expectations, and the right rollout lane for your environment.
How do we report a vulnerability?
Email security@qfmem.com. Please do not disclose exploit details publicly before coordinated remediation.
Need a security or architecture review?
Tell us your deployment constraints and we will map the right boundary and rollout path.
Use this for private VPC questions, procurement review, or security-led rollout planning.