Back to Post-Quantum

// PHASE 01 · POST-QUANTUM

PHASE 01 — CRYPTO INVENTORY

Every certificate, key, library, protocol, and firmware signer — catalogued with exposure score and HNDL risk.

DURATION4 weeks
DELIVERABLELive inventory + risk map
DEPTHCode, config, network, hardware
Why it matters

YOU CAN'T MIGRATE WHAT YOU CAN'T SEE

Most organizations discover, partway into a PQC migration, that they don't know where their cryptography lives. Third-party libraries. Firmware. Old code signers. Protocol upgrades that regressed. The inventory isn't a preamble to the migration — it is the first half of it.

What we deliver

A LIVING CRYPTO CBOM

  • 01

    Source code scan

    AST-level scan of every repo: algorithms, parameters, key sizes, deprecated primitives. Wired into CI so drift is caught.

  • 02

    Runtime inventory

    Actual TLS handshakes, IKE exchanges, signing operations — observed in production and correlated to the code.

  • 03

    Third-party + firmware

    Library SBOMs, appliance firmware signers, HSM algorithm lists, vendor questionnaires.

  • 04

    HNDL risk map

    For each asset: confidentiality half-life, adversary interest, harvest-now-decrypt-later exposure. Your migration priority order.

// BY THE NUMBERS

4

WEEKS

CBOM

CRYPTO BILL OF MATERIALS

Live

NOT A ONE-TIME REPORT

// NEXT STEP

START A Q-DAY BRIEFING

A 60-minute executive briefing tailored to your sector, crypto inventory, and regulatory exposure.