pqAgility — Interactive Demo

Upload Data Files

Upload data files from your cryptographic data sources for analysis

📜

CBOM

CycloneDX Cryptographic Bill of Materials (JSON)

🔒

Qualys SSL

Qualys SSL/TLS scan results (XML)

☁️

AWS S3

AWS S3 bucket encryption inventory (JSON)

🏢

CMDB

ServiceNow CMDB application inventory (JSON)

How Data Sources Are Used

📜

CBOM (CycloneDX)

Cryptographic Bill of Materials providing certificate and algorithm inventory

Risk Analysis

Identifies quantum-vulnerable algorithms (RSA, ECDSA), expiring certificates, and weak key sizes

AI Analysis

Enables queries about certificate inventory, algorithm usage, and cryptographic asset relationships

Architecture

Maps certificates to applications and shows TLS configurations in architecture diagrams

Migration

Identifies assets requiring post-quantum migration and prioritizes by algorithm type

🔒

Qualys Scan

TLS/SSL configuration assessment with vulnerability detection

Risk Analysis

Detects weak ciphers (RC4, 3DES), outdated protocols (TLS 1.0/1.1), and SSL vulnerabilities

AI Analysis

Answers questions about TLS configurations, cipher suites, and protocol versions across services

Architecture

Shows TLS termination points and protocol versions in application architecture flows

Migration

Flags services requiring immediate remediation before PQC migration can begin

☁️

AWS S3 Inventory

Cloud storage encryption status and configuration data

Risk Analysis

Identifies unencrypted buckets, weak encryption algorithms, and data-at-rest vulnerabilities

AI Analysis

Enables queries about storage encryption status, KMS key usage, and bucket security posture

Architecture

Displays storage encryption in application data flows and highlights unencrypted data stores

Migration

Includes storage encryption upgrades in PQC migration timeline and cost estimates

🏢

CMDB (ServiceNow)

Business context including ownership, criticality, and data classification

Risk Analysis

Correlates technical risks with business impact using service tier, data classification, and ownership

AI Analysis

Provides business context for AI responses including asset owners, criticality, and compliance requirements

Architecture

Annotates architecture diagrams with business owners, service tiers, and data classifications

Migration

Prioritizes migration phases by service tier, data retention, and TNFL threat assessment

Risk Assessment Dashboard

Last assessed: 2 minutes ago

Application:

2

CRITICAL

Immediate action required

5

HIGH

Remediate within 30 days

8

MEDIUM

Remediate within 90 days

5

LOW

Monitor and maintain

Discovered Relationships (0)

No correlations found yet. Click "Run Correlation Engine" to discover relationships between your crypto assets.

AI-Powered Analysis

AI Model Configuration

Configure the AI model and parameters for cryptographic analysis

Model Provider

Model Name

API Key

Your API key is stored locally and never sent to our servers

API Endpoint (Optional)

Temperature

0.7 Controls randomness (0 = focused, 1 = creative)

Max Tokens

Context Window

System Prompt

Uses OpenAI LLM with RAG for intelligent analysis

Cryptographic Architecture

Applications & Services

Click on an application to view its detailed cryptographic architecture

💳

Payment Gateway

Tier 1 — Payment Processing

Certificates:1 (RSA-2048)

Algorithms:RSA-2048, AES-256-GCM

Protocols:TLS 1.0, 1.2, 1.3

Weak Ciphers:1 (3DES)

Expiring:1 cert (31 days)

HIGH RISK

🌐

Customer Portal

Tier 1 — Customer Data

Certificates:1 (ECDSA-P256)

Algorithms:ECDSA-P256, AES-256

Protocols:TLS 1.2, 1.3

Weak Ciphers:0

Storage:UNENCRYPTED 🔴

CRITICAL STORAGE

🏥

Healthcare Records

Tier 1 — Protected Health Info

Certificates:1 (RSA-2048)

Algorithms:RSA-2048, RC4, AES-256

Protocols:TLS 1.1, 1.2

Weak Ciphers:1 (RC4) 🔴

Total Assets:6

CRITICAL RISK

🔗

API Gateway

Tier 1 — Platform Engineering

Certificates:1 (RSA-4096)

Algorithms:RSA-4096, AES-256

Protocols:TLS 1.2, 1.3, mTLS

Weak Ciphers:0

Storage:Logs UNENCRYPTED 🟡

MEDIUM RISK

🛠️

Development Environment

Dev/Test — Engineering

Certificates:1 (self-signed)

Algorithms:RSA-2048

Protocols:TLS 1.0, 1.2

Weak Ciphers:0

Total Assets:3

LOW RISK

Post-Quantum Cryptography Migration Plan

Application:

24

Months

12

Quantum-Vulnerable Assets

5

Phases

Crypto Assets

View and filter ingested crypto assets from all sources

Type	Details	Source	Risk	Ingested

Applications

View applications from CMDB data with business context

Name	Owner	Business Unit	Service Tier	Data Classification	Hostnames