Providing Enterprise-Level Security
for Enterprise Data Validation
QuerySurge validates critical enterprise data with strong security, controlled access, and flexible deployment.
Enterprise data testing often requires access to sensitive systems, including databases, data warehouses, data lakes, files, APIs, applications, and BI platforms. QuerySurge is designed to help organizations validate data across these environments while supporting the security controls expected by enterprise IT teams.
QuerySurge Security
QuerySurge is typically deployed within a customer-controlled environment, including on-premises servers, virtual machines, or private cloud infrastructure. This gives organizations control over network access, authentication, infrastructure, connectivity, and security policy enforcement.
With support for encrypted credentials, LDAP and LDAPS authentication, TLS, Kerberos, HTTPS/SSL, Single Sign-On, account/session controls, and behind-the-firewall deployment, QuerySurge helps enterprise teams automate data validation while maintaining strong security oversight.
Secure Data Validation in Customer-Controlled Environments
QuerySurge is commonly deployed behind the customer’s firewall, allowing organizations to keep automated data validation activity within their own controlled network environment. This deployment model helps enterprise teams align QuerySurge with internal security policies, infrastructure standards, firewall rules, access controls, and compliance requirements.
Because data validation often requires testing against real data conditions, QuerySurge is designed to operate securely in environments where sensitive, regulated, or business-critical data may be present. This makes QuerySurge well suited for enterprise use cases such as ETL testing, data warehouse validation, cloud migration testing, BI report testing, data lake validation, ERP testing, and DevOps for Data.
Enterprise-Level Security
(To expand the sections below, click on the +)
- Data Security
- LDAP and LDAPS Authentication
- TLS Support
- Kerberos Integration
- HTTPS/SSL Deployment
- Single Sign-On Support
Data Security
QuerySurge protects database passwords and credentials using AES 256-bit encryption for storage and transmission.
This helps organizations secure the credentials used to connect to source and target systems during automated data validation. These systems may include relational databases, cloud data warehouses, data lakes, NoSQL platforms, files, APIs, and BI platforms.
By encrypting database credentials, QuerySurge helps enterprise teams protect sensitive connection information while enabling automated validation across complex data environments.
LDAP and LDAPS Authentication
QuerySurge supports Lightweight Directory Access Protocol, or LDAP, as an authentication option. QuerySurge also supports LDAPS, or Secure LDAP.
This allows organizations to authenticate QuerySurge users against existing enterprise directory services instead of relying only on local authentication. LDAPS support enables organizations to use SSL/TLS-based authentication for secure directory integration.
With LDAP and LDAPS support, QuerySurge can align with centralized identity management policies and enterprise access control processes.
TLS Support
QuerySurge supports TLSv1.0, TLSv1.1, and TLSv1.2 for HTTP communications between QuerySurge components.
TLS support helps protect communication between components in the QuerySurge architecture, including the Application Server and other QuerySurge services involved in test execution and system operation.
This enables organizations to secure internal QuerySurge communications according to their enterprise network and security requirements.
Kerberos Integration
QuerySurge supports integration with Kerberos security mechanisms.
Kerberos integration is useful for organizations that rely on Kerberos-based authentication for access to databases, big data platforms, or other enterprise systems. Support may depend on the customer environment and the JDBC drivers used to connect to specific platforms.
This helps QuerySurge fit into security architectures where Kerberos is part of the organization’s authentication model.
HTTPS/SSL Deployment
QuerySurge supports optional HTTPS/SSL deployment.
For organizations requiring encrypted browser-based access and secure component communication, QuerySurge can be deployed under HTTPS/SSL. This helps protect wire transmissions between QuerySurge components, including the Application Server, browsers, Agents, and related services.
HTTPS/SSL deployment is strongly recommended for enterprise environments and helps organizations secure user access to the QuerySurge application.
Single Sign-On Support
QuerySurge supports enterprise Single Sign-On, helping organizations simplify access while enforcing centralized authentication policies.
Current SSO support includes:
- Okta
- Azure Active Directory
- Google Cloud
- Salesforce
- Ping Identity
QuerySurge can also support identity providers that implement OpenID Connect, giving organizations additional flexibility when integrating QuerySurge with enterprise identity platforms.
With SSO support, users can access QuerySurge through familiar enterprise authentication workflows, while IT teams retain centralized control over user identity and access management.
Additional Enterprise Security Controls
(To expand the sections below, click on the +)
- Behind-the-Firewall Deployment
- Account and Session Protection
- Administrative Agent Enablement
- Secure Component Communication
Behind-the-Firewall Deployment
QuerySurge is typically deployed behind the organization’s firewall. This allows enterprise teams to keep QuerySurge within their own network perimeter and apply internal security controls around infrastructure, access, monitoring, and connectivity.
This deployment model gives organizations greater control over how QuerySurge connects to source and target systems and how users access the platform.
Account and Session Protection
QuerySurge includes account and session controls that help administrators protect user access.
Administrators can configure session timeout settings to automatically log out idle users after a defined period. QuerySurge also supports account lockout controls after repeated failed login attempts.
These capabilities help organizations reduce unauthorized access risk and align user access with enterprise security policies.
Administrative Agent Enablement
QuerySurge Agents execute tests against connected data sources and targets. When a QuerySurge Agent auto-registers, a QuerySurge Administrator must explicitly enable the Agent before it can be used for test execution.
This administrative enablement step gives organizations an additional control point before an Agent participates in automated data validation activity.
Secure Component Communication
QuerySurge is built on a distributed architecture that includes the QuerySurge Application Server, embedded database, and QuerySurge Agents. These components work together to manage users, store test assets and results, execute validations, and report outcomes.
Security features such as TLS and HTTPS/SSL help protect communications between QuerySurge components and users. This is especially important in enterprise environments where data validation activity may span multiple systems, networks, or infrastructure zones.
Security for Enterprise Data Validation at Scale
(To expand the sections below, click on the +)
- Security for Critical Data Validation Use Cases
- Secure Validation Across the Enterprise Data Ecosystem
- Why Security Matters in Data Testing
- Built for Enterprise IT, Data, and QA Teams
Security for Critical Data Validation Use Cases
QuerySurge helps organizations validate data across complex environments while supporting enterprise security controls.
Common use cases include:
- ETL testing
- Data warehouse testing
- Data lake validation
- Cloud migration testing
- Data migration validation
- BI report testing
- ERP and enterprise application testing
- Big data testing
- Regression testing
- DevOps for Data (DataOps) and CI/CD validation
Secure Validation Across the Enterprise Data Ecosystem
QuerySurge connects to a broad range of enterprise data sources and targets, enabling teams to validate data across heterogeneous environments.
QuerySurge can be used to validate data across:
- On-premises or cloud data warehouses
- Data lakes, lakehouses
- NoSQL databases
- Big data platforms
- Relational databases
- Flat files (CSV, TSV, delimited, fixed-width, text, log, and other)
- Excel files
- JSON
- XML
- Parquet
- APIs
- BI reports
- ERP systems
- Enterprise applications
By supporting secure connectivity and enterprise authentication options, QuerySurge helps organizations validate data across modern, hybrid, and legacy environments.
Why Security Matters in Data Testing
Data testing platforms often require access to the same systems that feed reporting, analytics, compliance, operations, finance, customer experience, and executive decision-making. As a result, security is not an optional consideration. It is a core requirement.
QuerySurge helps enterprise teams address several important security needs:
- Protect database credentials
- Support centralized authentication
- Enable secure directory integration
- Support enterprise SSO
- Secure browser-based access
- Protect communications between components
- Support Kerberos-enabled environments
- Operate behind the customer firewall
- Provide account and session controls
- Require administrative enablement of Agents
Together, these capabilities help organizations automate data validation while maintaining control over access, credentials, infrastructure, and communications.
Built for Enterprise IT, Data, and QA Teams
QuerySurge supports the security needs of teams responsible for enterprise data quality and data validation.
These teams include:
- Data engineering teams
- QA and software testing teams
- Data governance teams
- BI and analytics teams
- DevOps and DataOps teams
- Enterprise architecture teams
- Compliance and audit teams
- Information security teams
QuerySurge gives these teams a secure foundation for automating validation across source systems, transformation layers, target platforms, and reporting environments.
Security and Data Quality Work Together
Strong security protects access to enterprise systems. Strong data validation protects the accuracy of the data moving through those systems.
QuerySurge brings these priorities together by helping organizations validate data across critical pipelines, warehouses, lakes, applications, and BI reports while supporting secure deployment, encrypted credentials, enterprise authentication, and protected communications.
For organizations that rely on trusted data for reporting, analytics, compliance, operations, and decision-making, QuerySurge provides the automation and security foundation needed for enterprise-scale data validation.
Frequently asked questions
(To expand the sections below, click on the +)
- Is QuerySurge difficult to install?
- Do users need to write SQL for every test?
- How quickly can new users learn the platform?
- Does QuerySurge support a wide range of platforms?
- What support resources are available?
Is QuerySurge difficult to install?
No. QuerySurge is designed for fast deployment, helping teams get up and running quickly.
Do users need to write SQL for every test?
No. QuerySurge includes visual tools and AI-assisted capabilities that reduce manual SQL writing.
How quickly can new users learn the platform?
Many users can learn the basics in under an hour through the built-in interactive tutorial.
Does QuerySurge support a wide range of platforms?
Yes. QuerySurge provides 200+ pre-built data connectors for broad enterprise connectivity.
What support resources are available?
Customers can access online help, a knowledge base, self-paced training, certification, and premium support services.
