SDVOSB CNSA 2.0 NSM-10 FISMA FedRAMP CMMC

Post-Quantum Compliance
for Federal Agencies

Assess your cryptographic posture against OMB M-23-02 mandates. Map every certificate, cipher suite, and key exchange to CNSA 2.0 readiness — in minutes, not months.

What Your Security Team Gets

From scan to ATO package in one tool

Discovery

Automated Crypto Inventory

TLS, SSH, PKI, HSM, code, and SBOM scanning. Maps every cryptographic asset across your boundary — including shadow IT certificate chains.

Assessment

CNSA 2.0 Scoring Engine

0–100 readiness score with HNDL risk multiplier. Framework-aware deadlines: 2027 (web/cloud), 2029 (code signing), 2033 (full transition).

Compliance

ATO Package Generator

Auto-maps findings to NIST 800-53 controls (SC-13, SC-17, SC-23). Exports OSCAL 1.2.1 assessment results for direct eMASS integration.

Remediation

POA&M Auto-Population

Every quantum-vulnerable finding becomes a tracked remediation item with priority, milestone, and FIPS 203/204 replacement recommendation.

Planning

Migration Simulator

Model your PQC transition: team size, budget, deadline feasibility. Three scenarios (aggressive/current/constrained) with risk reduction curves.

Monitoring

Continuous Drift Detection

Watch mode with CDM/CEF syslog export, Slack alerts, and webhook integration. Catch certificate rotations that introduce quantum-vulnerable algorithms.

From Zero to Compliance Report

1

Deploy

Single binary, zero dependencies. SCIF-safe — no phone-home, no telemetry.

2

Scan

Point at your boundary. pqcat scan tls 10.x.x.0/24 discovers every crypto asset.

3

Assess

Readiness score, NIST control mapping, POA&M items — all auto-generated.

4

Report

PDF briefing for leadership. OSCAL JSON for eMASS. CBOM for supply chain.

Command Center Dashboard

Real scan data from soqu.org and soqucoin.com — 14 assets, 12 quantum-vulnerable

PQCAT Pro Command Center — PQC Readiness Score 81/100, showing 6 Vulnerable, 0 Transitional, 1 Compliant assets from live soqu.org TLS scan

Live scan results from PQCAT Pro — soqu.org & soqucoin.com TLS assessment

PQCAT Pro Asset Inventory — Complete cryptographic asset tracking showing 7 assets with zone classification (Compliant, PQ Vulnerable), algorithms (AES-128-GCM, ECDSA-P256, SHA256-RSA), and TLS certificate locations

Cryptographic Asset Inventory — OMB M-23-02 compliant tracking of every algorithm, certificate, and cipher suite

Download PQCAT Pro — Federal Trial

30-day evaluation license for .gov and .mil organizations. Full Pro features, 100-asset scan limit, all compliance reports.

Linux (x86_64)

RHEL 8+, Ubuntu 20.04+, Amazon Linux 2

Coming Soon

macOS (ARM64)

macOS 12+ on Apple Silicon

Coming Soon

Get notified when trial downloads are available:

Federal trial licenses are signed with ML-DSA-65 (FIPS 204) and validated 100% offline. No telemetry, no internet required. Suitable for SCIF and air-gapped deployments.
In the meantime, request a manual evaluation and we'll deliver your license within 1 business day.

Service-Disabled Veteran Owned Small Business

Soqucoin Labs Inc. is a registered SDVOSB (CAGE Code: 19WH7, SAM.gov active). All PQCAT licenses are generated and signed using post-quantum cryptography. No data leaves your network — ever.