Login  |  Sign Up

 

Advancing secure and reliable modules for a smarter, connected world

 

Contact us today to learn more about how our secure IoT solutions can support your business

 

At Quectel, security isn't an afterthought — it's in our DNA. Recognizing the pivotal role IoT modules play in shaping our connected world, we're committed to implementing robust security measures at every stage of our product lifecycle. With our multifaceted approach to security, Quectel's IoT modules are designed to adhere to industry best practices and standards, while also staying ahead of the evolving security landscape.

In line with our commitment to providing top-notch security for our modules, we have joined forces with Finite State, the US-based leader in enterprise software supply chain risk management. Through this collaboration, we aim to reinforce the security of our modules by subjecting them to rigorous security testing, improving software supply chain visibility, and implementing comprehensive software risk management measures.

By addressing the ever-changing regulatory landscape and delivering verifiable information on secure software development practices, this partnership offers our customers the peace of mind they deserve. Our dedication to ensuring compliance and security within Quectel's product suite is unwavering, emphasizing transparency, regulatory adherence, and a steadfast pursuit of industry-leading security standards. The alliance with Finite State is a vital component of our broader initiative to achieve these goals and solidify our customers' trust in our products. Our dedicated customer support team is readily available to address any security concerns or inquiries you may have. In the event of a security incident, our established incident response plan facilitates swift investigation, containment, and recovery.

Benefits of our product security: building trust through transparency

Threat protection: Our security-first approach enables device OEMs to defend against a wide array of security threats, ensuring their data and systems are secured.

Trustworthy connectivity: Our modules establish a trusted, secure connection, enabling seamless, secure wireless communication.

Future-Proof Solutions

Future-proof solutions: Regular security updates, working with leading third-party security firms, and adapting to emerging threats keep your IoT deployments secure.

We provide regular transparency reports detailing the nature, number, and severity of vulnerabilities identified, along with our response timelines.

Quectel runs a robust bug bounty program, reflecting our proactive stance towards identifying and addressing vulnerabilities.

We implement top-tier data protection measures to ensure customer data is securely handled during device usage, storage, and transmission.

Our core security principles

Image title

Security by design

Quectel’s IoT modules are developed with security at the core. From product architecture to firmware/software development, we incorporate leading industry practices and standards, mitigating potential vulnerabilities from the get-go.

Example Title

Comprehensive security testing

We don't just test our modules — we challenge them. Leveraging vulnerability assessments, penetration testing, static application security testing, software composition analysis, and other rigorous methodologies, we ensure our modules stand tall against potential threats.

Image title

Regular updates and continuous protection

Security is a journey, not a destination. We proactively address vulnerabilities by regularly releasing firmware and software updates to safeguard your IoT deployments.

Example Title

Secure supply chain

Our secure hardware and software supply chain emphasizes component security and mitigates risks associated with tampering or counterfeit materials. We maintain close relationships with all third-party software suppliers to ensure the timely application of security updates and remediation.

Example Title

Transparency and software bill of materials (SBOMs)

We incorporate select security practices like generating SBOMs and VEX files as well as performing firmware binary analysis into our secure software development lifecycle.

Click here to access available SBOMs and VEX files.

Example Title

Regulatory compliance

Our IoT modules comply with global and regional security and privacy regulations. We actively collaborate with recognized certification organizations to foster a culture of compliance and customer trust.

Security Bulletins

Quectel_ Pioneering Transparency in IoT Security through SBOM and VEX Documents Updated: 2023-09-25

Contact our Product Security Incident Response Team

If you have discovered a potential security vulnerability in a Quectel module, please let us know via this form. Our Product Security Incident Response Team (PSIRT) is committed to resolving vulnerabilities in a timely and responsible manner.