Post-Quantum Compliance for Federal, Financial, and Healthcare Mandates
Scan, score, and prove quantum readiness across your infrastructure. 11 regulatory frameworks assessed in a single static binary — no runtime dependencies, no phone-home, air-gap safe.
Scored Against 11 Frameworks Per Scan
Two Editions. One Codebase.
Same source, different build tags. Zero network code in the air-gapped binary — guaranteed by the Go compiler.
| Capability | Enclave | Pro |
|---|---|---|
| 7 Scanner Modules (TLS, SSH, PKI, SBOM, Code, HSM, CIDR) | ✓ | ✓ |
| Compliance Scoring — 11 Frameworks | ✓ | ✓ |
| TUI Terminal Dashboard | ✓ | ✓ |
| Self-Contained HTML + PDF Reports | ✓ | ✓ |
| ML-DSA-44 Report Seals (FIPS 204) | ✓ | ✓ |
| Air-Gap Safe (zero network code) | ✓ | — |
| Web Dashboard + RBAC | — | ✓ |
| REST API + Token Auth | — | ✓ |
| SIEM Export (Splunk / ELK / CEF) | — | ✓ |
| Scheduled Recurring Scans | — | ✓ |
| Prometheus Metrics | — | ✓ |
| Drift Detection + Baselines | — | ✓ |
| HTTPS Auto-Cert (ECDSA P-256) | — | ✓ |
Enclave = SCIF / IL4+ / classified environments · Pro = FedRAMP cloud / enterprise
Crypto Bill of Health
Every scan produces a normalized 0–100 quantum readiness score with zone-classified asset inventory. Red assets are quantum-vulnerable today. Yellow assets use transitional cryptography. Green assets meet post-quantum standards.
- → HNDL temporal risk multiplier (1.0× – 6.0×)
- → Framework-specific urgency deadlines
- → ML-DSA-44 sealed for tamper evidence
- → Offline verification — no phone-home
PQCAT Crypto Bill of Health
Sample Assessment — soqu.org
Confidential Compliance Engine
Prove quantum readiness to regulators without exposing sensitive infrastructure data. Three levels of privacy protection — from asset anonymization to zero-knowledge proofs.
Anonymization
BLAKE2b hashed asset locations. Algorithms and zone classifications visible. Salted per report.
Aggregate Only
Individual assets suppressed. Only scores, zone counts, and framework pass/fail results shared.
zk-STARK Proofs
Zero-knowledge attestation: "score ≥ threshold" without revealing any scan data.
Open Scanner. Proprietary Engine.
The 7 scanner modules are open source under Apache 2.0. The compliance engine, reporting, and enterprise features are proprietary. Inspect what touches your network. Trust what scores your compliance.
Ready to Assess Your Quantum Readiness?
SDVOSB sole-source eligible. No competitive bidding required for contracts up to $5M under FAR 19.1406. Contact us to schedule a pilot assessment.