Encryption, IoT, MSSP

Forescout Targets Quantum Threats with Real-Time Encryption Detection, Giving MSSPs a Critical Edge

Most organizations don’t know whether their infrastructure can withstand the arrival of quantum computing, and that’s a problem. Forescout just rolled out new technology that tackles this head-on: real-time detection of non-quantum-safe encryption across IT, OT, and IoT environments.

The timing isn’t random. Forescout Research – Vedere Labs found that just 6% of internet-facing SSH servers support post-quantum encryption. That means most of them are still vulnerable, giving attackers a clear shot to grab encrypted data now and sit on it until quantum computing catches up, a tactic known as “harvest now, decrypt later.”

Detection Without Visibility Gaps

Forescout’s answer is a patented capability that inspects the encryption posture of devices across the network, whether they’re visible or trying to stay under the radar. Instead of relying on stateful inspection or scanning installed libraries, “Forescout’s patented technology does this by behavior analysis of the traffic profiles, handshakes, and communications,” Robert McNutt, Chief Strategy Officer at Forescout told MSSP Alert. That means the platform can detect encryption weaknesses even in unmanaged or evasive devices, offering visibility across hybrid environments where traditional scanning tools typically fall short.

This visibility is part of Forescout’s broader “Quantum-Safe Security Assurance” strategy, which breaks down into four areas: detection, enforcement, mitigation, and control. The system not only identifies devices using outdated encryption but also isolates critical systems, flags misconfigurations, and limits traffic from devices deemed non-compliant. It’s a proactive approach in a space where most responses are still reactive.

Preparing MSSPs and Enterprises for What’s Next

The technology is available through Forescout’s eyeFocus cloud platform, which is already MSSP-enabled. “MSSPs can create reports, mitigation strategies, and network rules to help customers remain safe from quantum attacks,” McNutt said. For security teams managing complex OT and IoT environments, that integration means they can fold quantum-safe detection into existing threat monitoring and asset management workflows without major overhauls.

New research from the company underlines why this is urgent. TLS 1.3 adoption, the only TLS version that supports post-quantum cryptography, is still under 20%. Algorithms like ML-KEM are growing fast but still represent less than 0.1% of global server adoption. And when it comes to IoT and operational tech, the barriers are even higher: think firmware updates, or full hardware replacements in some cases.

Despite the low adoption rate, Forescout isn’t waiting for the market to catch up. “We’re working with our customers and government agencies to drive adoption and also create mitigation strategies,” McNutt said. “A big part of what we are doing is around identifying where the potential threats are and automating protections where things can’t be remediated.”

If your network includes medical devices, industrial controllers, or any critical infrastructure that connects over the open internet, you’re already in the risk zone. Forescout’s technology won’t solve quantum security alone, but it offers a measurable way to start confronting the gap, before quantum moves from theory to threat.

Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds