# Platform Quality and Security Workstream
The PQS workstream is dedicated to the assessment, maintenance and enhancements to security and quality of the Mojaloop platform, encompassing connectivity to participating DFSPs (including transactions) and the security of hub operator portals, and of the Mojaloop Open source codebase and related artefacts.
# Business Justification
This ensures the Mojaloop platform quality & security is maintained; vulnerability management is done and mitigations planned. Working with adopters, community members to improve security and quality incrementally. Provide features to support compliance and address gaps.
# Contributors
| Workstream Lead | Contributors |
|---|---|
| Sam Kummary | Juan Correa Devarsh Shah Shuchita Prakash Shashi Hirugade |
# Latest Update (Summary)
The team is working toward a year-end release candidate of 17.2.0, focusing on security hardening, dependency updates, and CI reliability. AI-powered tooling is now generating automated PRs for dependency updates across Mojaloop’s internal packages, significantly reducing manual workload. The Finance Portal requires a more comprehensive rewrite due to outdated technology. The workstream also assessed the Mojaloop IAC sandbox against the new QA Framework.
# Applicability
This version of this document relates to Mojaloop Version 17.1.0 (opens new window)
# Document History
| Version | Date | Author | Detail |
|---|---|---|---|
| 1.1 | 4th December 2025 | Paul Makin | Added latest update |
| 1.0 | 25th November 2025 | Paul Makin | Initial version |