Getting Started
Set up QuantAssure in minutes. This guide walks through creating your first system, connecting an integration, running a scan, and reviewing findings.
Create Your Organisation
- Request a trial — we'll create your organisation and send you an invite
- Accept the invitation to set up your account
- You become the owner and can invite team members later
Create a System
- Navigate to Systems → Add System
- A system represents a logical application or service you're monitoring (e.g., "Production API", "Customer Portal")
-
Set metadata:
- Name and slug
- Type — application, infrastructure, or service
- Environment — production, staging, development, or test
- Criticality — low, medium, high, or critical
- Data Classification — official, official:sensitive, etc.
Criticality and data classification influence AI risk scoring. Higher criticality systems get more conservative severity assessments. See Systems for details.
Connect an Integration
In your system's configuration, enable a data source. Each integration collects different types of data:
| Integration | What it collects |
|---|---|
| GitHub | Repositories, Dependabot vulnerability alerts |
| AWS SecurityHub | Cloud security findings |
| Mosyle | Managed devices, compliance status |
| Google Workspace | Users, security settings |
Follow the setup guide for your integration:
Start with one integration. You can add more later.
Run Your First Scan
- On your system detail page, click Run Scan
- The scan collects data from your configured integrations
- Watch the run status in the Runs section
- A typical first scan takes 1–3 minutes
Review Findings
Navigate to Findings to see what was discovered. Each finding shows:
- AI-adjusted severity — may differ from the raw scanner severity
- Source integration — where the finding came from
- Affected asset — which repository, device, or resource
- AI analysis — risk reasoning explaining the severity assessment
Sort by severity to focus on what matters most. See the Findings guide for details on triage and remediation.
Set Up Compliance (Optional)
- Navigate to Compliance → Add Target
- Select ISM OFFICIAL: Sensitive (or your target framework)
- Set your target certification date
- AI will begin mapping findings to ISM controls
See the Compliance guide for the full workflow.
Next Steps
- Invite team members — Settings → Team
- Add more integrations to broaden coverage
- Review ISM controls and set applicability
- Check your readiness dashboard