• Back

See Your Security Stack Like a Hacker

Spot and Score Your Cyber Risks with Q:SCAN

What is Q:SCAN?

Q:SCAN is a new way for your cybersecurity team to see your organization’s security the way outsiders see it. Q:SCAN uses open-source intelligence (“OSINT”) collection and analysis techniques to look for high-risk signals that are valuable to attackers. Q:SCAN can be used all by itself, or it can complement the vulnerability scanning tools you are already using.

Q:SCAN allows your cybersecurity team to use both public and private databases to identify vulnerabilities in your company’s cybersecurity protocols to benchmark against how the company is set up today against the best practices in the industry.

What Does It Do?

To help your organization understand how it can improve its public security posture, Q:SCAN organizes key cyber risk signals by categories including technical security, configuration, data and information management, process and activity, and documentation. Q:SCAN creates an overall risk score for your organization using the familiar metaphor of a “credit score,” with scores ranging from 300 to 850.

Q:SCAN runs on-demand or on a schedule of your choosing, delivering it to you by email alert after each scan or when your scores change. To help you take action, QOMPLX experts are available to provide guidance and recommendations whenever you need it.


What does that mean for your business?

Q:SCAN shuts the door to cyber threats. By allowing you to present the best version of yourself online, it organizes key cyber risk signals to create an overall internet security risk score.

Without Q:SCAN

Your organization has poor visibility into how attackers see your assets.

Q:SCAN analyzes high-risk signals that attackers may seek to exploit. You have complete control over which domains to scan.

Your vulnerability scanning tools don’t give you the full picture.

Q:SCAN looks at a wide range of public and proprietary databases to provide advanced analytics that identify whether your company or its employees have been cited in breaches, cyber events or IP address reputation lists.

You spend too much time fending off questions from customers about your security program.

Q:SCAN helps you get ahead of customers’ third-party risk management teams by identifying external weaknesses, reducing the time and money your staff needs to spend on inquiries.

Your organization’s reputation is damaged by third-party reports that attribute risks to assets you do not own.

Q:SCAN offers an accurate analysis of your internet-facing presence by scanning assets linked to your domain. Q:SCAN does not guess what assets “might” belong to your organization.

How do we do it?

Q:SCAN uses open and proprietary aggregated datasets to enrich the raw data it collects with known breach, reputation, and vulnerability data. This contextualized enrichment enables sophisticated analytics for cybersecurity risk exposure and mitigation with Q:CYBER and operational risk exposure and coverage with RubiQon Risk.

As part of the Q:CYBER security bundle, QOMPLX:OS, Q:SCAN helps clients understand, prioritize and mitigate their organization-specific risk exposure.


Key Features

Q:SCAN’s key features include:

Periodic reporting for on-going risk assessment and trend analysis

Provides high resolution visualization of organizational performance.

Risk scoring threshold monitoring

Sends real-time risk scoring notifications by email

Detailed risk exposure alerts

Available to offer immediate alerts for data breach, IP reputation, malware, vulnerabilities and exposed ports are available, as well as on-demand or scheduled reporting options.

Granular access control management

User privilege administration is achieved with a role-based access control (RBAC) methodology.

Convenient API-based accessibility

Secure RESTful API access is available to transmit data and reports as needed for automation and third-party integration efforts.

Interested in using Q:SCAN?

Contact us now to get started