Request Demo arrow_forward
shield_locked POST-QUANTUM CRYPTOGRAPHY READY

Start Your CBOM from the Security Reports You Already Have

qReflector extracts cryptographic evidence from vulnerability reports, identifies quantum-relevant exposure, and turns scattered findings into a structured CBOM baseline.

description Vulnerability Scan
auto_fix_high
RSA ECC TLS
arrow_forward
account_tree Structured CBOM

Where is your cryptography used?

Public-key cryptography is embedded across certificates, TLS services, VPNs, APIs, identity systems, cloud workloads, OT environments and vendor products. Before migration can begin, security teams need evidence of where vulnerable cryptography actually exists.

key_visualizer

Public-Key Exposure

RSA, DH, ECDH and ECDSA appear across TLS, VPNs, certificates, SSH, identity systems and application services.

dataset

Fragmented Evidence

Crypto clues already exist in vulnerability reports, TLS findings, certificate inventories, asset data and scanner outputs — but they are scattered.

architecture

Discovery Before Migration

qReflector turns scattered findings into a structured baseline for CBOM enrichment and post-quantum migration planning.

Which Cryptography Needs Discovery?

Post-quantum migration starts by finding the algorithms, protocols, certificates and configurations that may require replacement, monitoring or policy control.

Quantum-Relevant Cryptography Inventory

8 ASSET CLASSES
Cryptography Where It Appears Quantum / Security Concern What qReflector Captures Migration Priority
RSA SSH, TLS, Signing Broken by Shor's Key Size, Padding, Provider HIGH
Diffie-Hellman Key Exchange Broken by Shor's Group Params, Prime Size HIGH
ECDH VPN, TLS 1.2+ Broken by Shor's Curve Name (P-256, etc) HIGH
ECDSA Auth, Blockchain Broken by Shor's Curve, Hash Algorithm HIGH
DSA Legacy Systems Deprecated/Quantum Weak Implementation Details LEGACY
TLS/Cipher Suites Web Traffic Algorithm Negotiation Suite Selection, Version POLICY
Certificates PKI Infrastructure Trust Integrity CA, Expiry, Signatures POLICY
Symmetric Crypto Data-at-Rest Grover's (Bit-Length) AES Mode, Key Strength MONITOR
code CORE CAPABILITY

Generate a CBOM Baseline from Vulnerability Reports

qReflector starts with evidence your team already has. Upload vulnerability reports, extract cryptography-related findings, identify quantum-relevant exposure, and create a structured baseline that can be enriched over time into a living CBOM.

description

Report-Based Discovery

Automated analysis of existing scanner outputs (Nessus, Qualys, etc).

priority_high

Quantum-Relevant Prioritization

Flag algorithms weak against CRQC threats based on NIST standards.

account_tree

CBOM-Ready Structure

Turn flat findings into queryable, CycloneDX-ready objects.

trending_up

Enrichment Path

Build from static reports toward real-time cryptographic inventory.

cbom_baseline.json
{ "source": "vulnerability_report", "asset": "vpn-gateway-01", "service": "443/tcp", "protocol": "TLS", "algorithm": "ECDHE_RSA", "certificate": { "signature": "sha256WithRSAEncryption", "keySize": 2048, "issuer": "Internal PKI" }, "quantumRelevance": "high", "migrationPriority": "high", "cbomStatus": "baseline", "evidence": "scanner finding" }

How It Works

1

Upload Report

Input existing security scans or vulnerability reports.

2

Extract Findings

NLP engines parse raw text for crypto keywords.

3

Identify Vulnerable

Flag algorithms weak against CRQC threats.

4

Normalize Assets

Clean and map findings to industry standards.

5

Export/Enrich

Generate CycloneDX CBOM for your GRC tool.

Designed for Sensitive Security Data

qReflector is built for security teams that need practical crypto discovery without creating unnecessary operational friction.

person_off

No Agent Required

No intrusive endpoint software; we analyze findings from your existing security stack.

cloud_upload

Controlled Uploads

Fine-grained control over what report data is processed and stored.

verified_user

Evidence-Based Output

Every CBOM asset link back to specific scanner findings for auditability.

groups

Security-Team Friendly

Language and workflows aligned with SOC and GRC professional requirements.

file_export

Exportable Baseline

Standardized CycloneDX output ready for any modern GRC or inventory tool.

private_connectivity

Roadmap to Private Deployment

On-premise and air-gapped extraction options in development for high-security tiers.

Find the vulnerable cryptography first.

Don't guess where your quantum exposure lies. Start with your existing evidence to build a structured CBOM baseline and prepare your transition roadmap today.

Request Enterprise Demo