Security Overview

Quant provides comprehensive security features across all platform services, from edge-level protection to container image vulnerability scanning. Our multi-layered security approach protects your applications, data, and infrastructure while maintaining optimal performance.

Security Features Overview

Web Application Firewall (WAF) Advanced threat protection with customizable rules, real-time monitoring, and automatic threat mitigation to protect against common web vulnerabilities and attacks.

Security Headers Management Automated security header configuration and assessment tools to protect against XSS, clickjacking, and other client-side attacks with one-click security improvements.

Container Image Security Comprehensive vulnerability scanning for container images used in Quant Cloud, including both application-level dependencies and operating system packages.

Traffic Control & Rate Limiting Sophisticated traffic shaping capabilities including geographic restrictions, source-based filtering, and rate limiting to prevent abuse and ensure service availability.

Web Application Firewall (WAF)

Quant’s WAF provides enterprise-grade protection against web application attacks:

Core Rule Set (CRS)

• OWASP ModSecurity Rules: Protection against common vulnerabilities
• Automatic Updates: Rule sets are continuously updated with new threat intelligence
• Customizable Sensitivity: Adjust rule sensitivity based on your application needs
• Real-time Monitoring: Track blocked requests and security events

Custom WAF Rules

• Custom Rule Creation: Build application-specific protection rules
• Geographic Blocking: Block or allow traffic based on country or region
• IP Whitelisting/Blacklisting: Control access based on source IP addresses
• Request Pattern Matching: Block requests based on URL patterns, headers, or content

Getting Started with WAF Learn how to enable and configure WAF protection for your projects with step-by-step guidance.

Security Headers

Protect against client-side attacks with comprehensive security header management:

Automated Security Assessment

• Security Grade Analysis: Automatic assessment of your current security posture
• One-Click Improvements: Apply recommended security headers with a single click
• Real-time Validation: Immediate feedback on security header effectiveness

Improve Your Security Headers Complete guide to implementing and optimizing security headers including:

• Strict-Transport-Security: Enforce HTTPS connections
• Content-Security-Policy: Prevent XSS and code injection attacks
• X-Frame-Options: Protect against clickjacking
• X-Content-Type-Options: Prevent MIME-sniffing attacks
• Referrer-Policy: Control referrer information leakage
• Permissions-Policy: Manage browser feature permissions

Container Image Security

For Quant Cloud applications, comprehensive image security scanning provides vulnerability management:

Multi-Layer Scanning

• Application Dependencies: Scan for vulnerabilities in application packages and libraries
• Operating System Packages: Identify OS-level security issues and outdated packages
• Base Image Analysis: Assess security of container base images
• Real-time Monitoring: Continuous scanning as new vulnerabilities are discovered

Security Dashboard

• Vulnerability Breakdown: Visual representation of security issues by severity
• Repository Risk Matrix: Compare security posture across multiple repositories
• Detailed CVE Information: Complete vulnerability details with remediation guidance
• Security Score: Overall security assessment with improvement recommendations

Container Image Security Detailed guide to understanding and managing container image vulnerabilities with comprehensive scanning and remediation workflows.

Traffic Control & Access Management

Sophisticated traffic management and access control capabilities:

Geographic Traffic Control

• Country-Level Blocking: Restrict access based on visitor location
• Regional Allowlists: Permit access only from specific geographic regions
• Compliance Support: Meet data residency and regulatory requirements

Source-Based Access Control

• IP Address Filtering: Allow or block specific IP addresses or ranges
• User-Agent Restrictions: Control access based on client characteristics
• Referrer Validation: Restrict access based on referring websites

Rate Limiting & DDoS Protection

• Request Rate Limiting: Prevent abuse with configurable rate limits
• Burst Protection: Handle traffic spikes while blocking malicious floods
• Automatic Scaling: Dynamic rate limiting based on normal traffic patterns
• Bot Detection: Identify and manage automated traffic

Page Rules for Security Configure traffic control and access management through the flexible page rules engine.

Authentication & Access Controls

Comprehensive authentication and authorization features:

Password Protection

• Site-Wide Authentication: Protect entire sites or specific paths
• Multiple Authentication Methods: Support for various authentication mechanisms
• User Management: Control access for teams and individual users

Team & Organization Security

• Role-Based Access: Granular permissions for team members
• Organization Management: Multi-tenant security with proper isolation
• Audit Logging: Track access and configuration changes

Security Monitoring & Analytics

Real-time security monitoring and comprehensive reporting:

Security Event Monitoring

• Real-time Alerts: Immediate notification of security events
• Attack Pattern Analysis: Identify trends and recurring threats
• Performance Impact: Monitor security feature impact on site performance

Compliance & Reporting

• Security Posture Reports: Regular assessment of overall security status
• Vulnerability Tracking: Monitor remediation progress over time
• Compliance Documentation: Generate reports for security audits

Getting Started with Security

Quick Security Setup

1. Enable WAF Protection: Activate basic WAF rules for immediate protection
2. Configure Security Headers: Use one-click security header improvements
3. Set Up Access Controls: Implement authentication where needed
4. Monitor Security Events: Review WAF logs and security alerts

Advanced Security Configuration

1. Custom WAF Rules: Create application-specific protection rules
2. Geographic Restrictions: Implement location-based access controls
3. Rate Limiting: Configure traffic limits and abuse prevention
4. Container Security: Enable image scanning for cloud applications

Security Best Practices

• Regular Updates: Keep security rules and configurations current
• Monitoring: Actively monitor security events and adjust rules accordingly
• Testing: Validate security configurations don’t impact legitimate traffic
• Documentation: Maintain records of security configurations and changes

Tip

Start with basic WAF protection and security headers, then gradually implement more advanced features based on your specific security requirements. Regular monitoring and adjustment of security rules ensures optimal protection without impacting user experience.

Quant’s comprehensive security features provide defense-in-depth protection across all layers of your web infrastructure, from edge-level filtering to application-specific vulnerability management.