Security & Cyber Resilience Readiness

Last updated: June 2026

Quant-Kongz provides a cloud-based dashboard together with a downloadable desktop agent that users install on their own computer or VPS in order to connect supported trading platforms and transmit account and trading activity data to the Quant-Kongz service.

We take product security seriously and are preparing our software, internal processes, and technical documentation for the EU Cyber Resilience Act, Regulation (EU) 2024/2847.

The main CRA obligations are scheduled to apply from 11 December 2027, while vulnerability and incident reporting obligations are scheduled to apply from 11 September 2026. Quant-Kongz is currently working on a security and compliance roadmap to align the product with the applicable requirements before the relevant deadlines.

Current status

Quant-Kongz is not currently presented as CE marked or as having completed a final Cyber Resilience Act conformity assessment. Our conformity assessment and technical documentation process is in progress.

Our CRA readiness roadmap includes

  • Cybersecurity risk assessment for the desktop agent, backend services, APIs, and data flows.
  • Secure-by-design and secure-by-default development practices.
  • Dependency and software component inventory management, including SBOM preparation.
  • Vulnerability handling and coordinated vulnerability disclosure process.
  • Security update and patch management process.
  • Definition of product support periods for security updates.
  • Technical documentation for product architecture, security controls, and release processes.
  • Incident response and reporting workflow for qualifying security events.
  • Review of applicable conformity assessment requirements before EU market availability under the CRA deadlines.

Security contact

If you believe you have discovered a security vulnerability in Quant-Kongz, please contact us at:

security@quantkongz.com

Please include the affected product version, environment, a short description of the issue, and reasonable steps to reproduce it. Do not access, modify, delete, or disclose data that does not belong to you.