Internal Network
Scanner Connector
Quantum VAPT
Cloud Providers
Container Registries
Quantum Scanner
Servers

Overview

Gain continuous insight into your security posture across on-premise and cloud workloads leveraging Quantum's Vulnerability Assessment and Penetration Testing (VA/PT) solution.

The constant evolution of threats combined with the ever-changing attack surface of your infrastructure requires steady monitoring to ensure you stay secure.

Quantum continuously scans your environment for changes and any potential weaknesses using both inspection and attack simulation – leveraging the same TTPs as a real-world adversary.

Source Control
Containers
Cloud Configurations
Runtime
Quantum Scanner

Source Control & CI/CD Integration

Identify vulnerabilities early in the value chain where their impacts and remediation costs are lower.

Dependency Tree Scanning

Scan container images and app libraries for vulnerabilities to ensure your application is safe.

Configuration Scanning

Verify your cloud environments are securely configured and catch environment drift automatically.

Test the Runtime Stack

Check for vulnerabilities in your stack whether its virtual machines, container orchestration, or serverless.

Identify Misconfigurations and Nested Vulnerabilities

Continuously monitor your cloud environments to alert of any misconfigurations and potential security issues. Expose vulnerabilities in your application code and nested dependencies.

Scan Cloud Configurations and Infrastructure Code

Verify your cloud environments are configured with secure best practices using CIS provider, service, and other industry-standard benchmarks.

Supported Providers

Analyse Code Quality and Security in Over 30 Languages

Catch vulnerabilities introduced early in the development cycle – with robust code quality and package vulnerability support for every popular framework and language.

Supported Code Analysis Languages

Scan Containers from Any Registry

Check for vulnerabilities in container images and layers across all major cloud provider registries and any registry that supports the Docker V2 API.

Supported Registries

Easily Integrate with Your CI/CD Pipeline

From commit and pull request scan triggers, to issue tracking, to chat ops, the Quantum platform supports deep integration with your DevOps workflows.

Supported Integrations

Expose Exploitable Weaknesses

Continuously scan for runtime vulnerabilities in your servers, containers, and applications. Combined with configuration scanners and static code analysis, runtime scanning gives you a complete 360° view of your attack surface.

Quantum Platform
Container Registries
Runtime Scanner
Linux Servers and VMs
Windows Servers and VMs
Generic Host
Containers at Runtime

OS and App Scanning

Quantum probes your servers for OS-level vulnerabilities. We also probe for installed applications and test for vulnerabilities in the application layer – including containers and nested virtualization.

Complete App Lifecycle Scanning

Get 360° coverage by inspecting for vulnerabilities and best practices when your apps are built, and continuously as they run.

Attack Simulation and Penetration Testing

Gain deeper insights into how a threat actor could exploit the weaknesses in your system across each stage of the kill chain. Quantum provides continuous attack simulation and manual penetration testing with detailed evidence and guidance for remediation.

Reconnaissance

Phishing Awareness

Phishing Awareness

Quantum's attack simulation platform tests both the technical and human elements of security. Test your users' security aptitude with automated and curated phishing campaigns.

Weaponisation

Endpoint Security

Endpoint Security

We validate that your client and server endpoints have appropriate immunity to exploits to limit the number of attacks a threat actor can utilise.

Distribution

Email Gateway

Email Gateway

Continuously validate your email delivery system to ensure proper quarantining and filtering. We'll also ensure email is appropriately encrypted or signed based on policies defined by you.

Data Classification

Network Security

Quantum simulates payload delivery on your network to detect weaknesses in your traffic inspection and firewall configurations.

Exploitation

Endpoint Security

Endpoint Security

Quantum integrates with your EDR solution to ensure threats are contained when weaknesses are exploited. The responsiveness of your EDR solution impacts risk scoring and prioritisation.

WAF

Web Application Firewall

In addition to "assume-breach" scenarios, Quantum will also test for exploits from outside of your network, including tests against web applications and other public-facing assets.

Persistence

Lateral Movement

Lateral Movement

From the installed Quantum VA/PT agent, our attack simulation attempts to move laterally across your network, dropping micro-agents from which we'll pivot to other VLANs.

Command & Control

Web Gateway

Web Gateway

Quantum tests outbound access controls to ensure connections to known bad addresses and domain names, such as Command and Control (C&C) nodes, malware depots, and more.

Execute

Exfiltration

Exfiltration & DLP

We also validate proper network controls such as DLP are in place to prevent exfiltration. Sample data includes credit cards, PII, and more.

Ransomware Recovery

Ransomware Recovery

Quantum tests your ability to prevent or recover from a ransomware attack by deploying real ransomware on sample datasets.

Plans & Pricing

Basic

Out-of-the-box essentials
  • Vulnerability Scanning
  • Container Scanning
  • Cloud Security Scanning
  • Web Application Scanning
  • 1 per Year Human Penetration Testing
  • Remediation Validation

Professional

Our most popular plan

Basic plus:

  • Zero-Day Analysis
  • Real-Time Vulnerability Scans
  • 2 per Year Human Penetration Testing
  • Automated Attack Simulation

Enterprise

Customised and fully-managed

Professional plus:

  • Custom Attack Simulation Scenarios
  • Custom CMDB Integration
  • Custom Service Desk Integration
  • 4 per Year Human Penetration Testing

Ready to see what Quantum Security can do for you?

Our cybersecurity experts are ready to understand your needs and walk you through our strategy and approach. In addition, gain knowledge of your cybersecurity and risk posture with our free cyber health check.

Get a Demo Request a Free Cyber Health Check