Documentation Index
Fetch the complete documentation index at: https://quintsecurity.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
Entity Risk Assessment
Beyond per-event scoring, Quint evaluates the overall risk posture of agents, systems, and entire fleets. Entity assessment uses 8 dimensions computed from the complete behavioral graph.
Assessment Levels
Level 4: Fleet Assessment "How risky is our entire agent infrastructure?"
Level 3: System Assessment "How risky is this application/platform?"
Level 2: Agent Assessment "How risky is this specific agent?"
Level 1: Session Assessment "How risky was this particular session?"
Agent Assessment (Level 2)
The most common assessment. Produces scores across 8 dimensions, each 0-100.
Dimensions
| Dimension | Weight | Description |
|---|
| Historical Event Risk | 0.20 | EWMA of daily max scores (recent events weight more) |
| Privilege Footprint | 0.15 | Blast radius: resources, fields, servers, OAuth scopes |
| Behavioral Consistency | 0.15 | Action entropy, session variance, resource stability |
| Policy Compliance Rate | 0.15 | Violation frequency weighted by severity |
| Data Sensitivity Exposure | 0.10 | Highest-sensitivity data regularly accessed |
| External Communication Risk | 0.10 | Outbound data volume, unwhitelisted endpoints |
| MCP Trust Surface | 0.08 | Unverified servers, description changes, broad schemas |
| Trend Trajectory | 0.07 | Is the agent getting riskier or safer? |
agent_risk = (
0.20 × historical_event_risk +
0.15 × privilege_footprint +
0.15 × behavioral_consistency +
0.15 × policy_compliance +
0.10 × data_sensitivity_exposure +
0.10 × external_communication_risk +
0.08 × mcp_trust_surface +
0.07 × trend_trajectory
)
Example Agent Profile
{
"agent_id": "support_bot_v3",
"agent_risk_score": 34,
"risk_level": "medium",
"dimensions": {
"historical_event_risk": {"score": 22, "weight": 0.20},
"privilege_footprint": {"score": 58, "weight": 0.15},
"behavioral_consistency": {"score": 15, "weight": 0.15},
"policy_compliance": {"score": 8, "weight": 0.15},
"data_sensitivity_exposure": {"score": 45, "weight": 0.10},
"external_communication_risk": {"score": 62, "weight": 0.10},
"mcp_trust_surface": {"score": 10, "weight": 0.08},
"trend_trajectory": {"score": 38, "weight": 0.07}
},
"risk_drivers": [
{
"dimension": "external_communication_risk",
"score": 62,
"explanation": "Sends data to 3 external endpoints including 1 not on whitelist",
"recommendation": "Review and whitelist api.analytics-partner.io"
}
],
"trend": {
"7d_avg": 18,
"14d_avg": 21,
"30d_avg": 22,
"direction": "improving"
}
}
System Assessment (Level 3)
Aggregates agent scores and adds cross-agent signals:
| Signal | Weight | Description |
|---|
| Weighted agent scores | 0.50 | Weighted by action volume |
| Cross-agent resource contention | 0.20 | Multiple agents accessing same sensitive resources |
| Shared MCP concentration | 0.15 | Single-point-of-compromise MCP servers |
| Delegation chain risk | 0.15 | Cross-agent delegation depth |
Fleet Assessment (Level 4)
CISO dashboard view across all agents and systems:
{
"fleet_risk_score": 31,
"total_agents": 23,
"total_systems": 4,
"systems": [
{"system": "customer_support", "score": 38, "agents": 7},
{"system": "code_review", "score": 22, "agents": 5},
{"system": "data_pipeline", "score": 45, "agents": 8},
{"system": "sales_outreach", "score": 18, "agents": 3}
],
"fleet_stats": {
"total_actions_30d": 2847000,
"total_policy_violations_30d": 342,
"violation_rate": "0.012%"
}
}
Entity Risk Levels
| Score | Level | Meaning |
|---|
| 1-15 | Low | Operating within baseline |
| 16-35 | Moderate | Some drift, monitor |
| 36-60 | Elevated | Significant changes, investigate |
| 61-80 | High | Active risk, restrict permissions |
| 81-100 | Critical | Likely compromised, immediate action |
Assessment Triggers
| Trigger | Frequency |
|---|
| Scheduled (background) | Agent: 6h, System: 12h, Fleet: 24h |
| Threshold-triggered | On any event exceeding alert threshold |
| API-requested (on-demand) | GET /v1/assess/agent/{id}?window=30d |
