Loading page content

QScout Sample Report

See what a QScout Free executive snapshot looks like before you run one.

QScout Free Executive Snapshot Sample

Interactive preview of the browser-safe QScout Free result

QScout Free Module Scope

QScout Free runs 24 requester-authorized public-surface modules across up to 10 total authorized same-domain public hosts.

Illustrative sample. This report uses synthetic demonstration data to show QScout structure, evidence formatting, remediation framing, and proof-console language. It is not derived from a real customer engagement.

QScout Free · Illustrative Sample

example-corp.com — Grade C · Score 72/100

24 modules · scan duration 247s · Needs Improvement

Scan Coverage

95.6%Near-Full

22 of 24 modules completed. Most modules completed; a small number were deferred.

Deferred (timed out): CT Log Subdomains, Public Surface Exposure Review.

HNDL Risk Score: 68/100 (HIGH)

Quantum-threat horizon: 7 years.

RSA-2048 certificates vulnerable to cryptanalytic quantum attacks
No hybrid key exchange detected
Long-lived sensitive data identified (financial records, PII)
Certificate validity extends beyond quantum threat horizon

Severity breakdown (24 findings)

Critical: 2
High: 5
Medium: 8
Low: 6
Info: 3

Executive summary

This assessment reveals significant cryptographic vulnerabilities requiring immediate attention. The organization's TLS infrastructure relies exclusively on classical cryptographic algorithms that will become vulnerable as quantum computing advances.

Key risks

Critical exposure to Harvest Now, Decrypt Later (HNDL) attacks targeting long-lived data
No post-quantum cryptographic protections detected across any endpoints
Deprecated protocol versions (TLS 1.0/1.1) still enabled on production systems

Recommendations

Initiate PQC migration planning within 90 days
Disable deprecated TLS versions immediately
Implement hybrid key exchange on critical systems
Generate Cryptographic Bill of Materials (CBOM) for compliance tracking

Current configuration may not meet upcoming NIST PQC CNSA 2.0 requirements (deprecated by 2030, disallowed by 2035). Board-level visibility recommended.

Top findings

Quantum Risk AnalysisCRITICAL
No Post-Quantum Algorithms Detected
Infrastructure does not support any NIST-approved post-quantum algorithms. All cryptographic operations rely on classically-secure algorithms vulnerable to Shor's algorithm.
TLS/SSL ConfigurationCRITICAL
TLS 1.0 Protocol Enabled
Server accepts connections using deprecated TLS 1.0 protocol, vulnerable to BEAST, POODLE, and other known attacks.
Certificate PolicyHIGH
RSA-2048 Key Length Insufficient for Quantum Era
Certificate uses RSA-2048 which provides approximately 112-bit security classically but zero security against quantum attacks.
HTTP Security HeadersHIGH
Missing Content-Security-Policy
No Content-Security-Policy header detected, leaving application vulnerable to XSS and data injection attacks.
Key Exchange AnalysisHIGH
Static RSA Key Exchange Supported
Server supports static RSA key exchange which does not provide forward secrecy.

Loading interactive charts… If charts do not appear, JavaScript is disabled. The information above is the same content rendered as static HTML.

Ready to Run Your Own QScout Free?

This sample demonstrates the browser-safe QScout Free result structure and provenance labels. Run your own scan to see your actual public quantum-risk signal and decide whether deeper guided assessment is warranted.

Run Your QScout Free View Methodology

No installation required • Public QScout Free scope • Results in 3-8 minutes

Structured Like the Live QScout Free Result

This demonstration mirrors the sections, evidence layout, and executive framing of the browser-safe QScout Free output without exposing customer-specific data, raw operational telemetry, or deeper guided-assessment artifacts.

Inspect security posture