India CBOM deadline · December 2026

Find every certificate, key, and crypto library
before quantum breaks them

CryptoScan discovers all your cryptography across network, cloud, and code, flags what a quantum computer will break, and generates the regulator-ready Cryptographic Bill of Materials your auditors will ask for.

No signup. External surface only. We never touch private keys. Scan only domains you own or operate.
Dec 2026
India's CBOM readiness deadline for regulated entities
Harvest now, decrypt later
Encrypted data exfiltrated today is decrypted when quantum arrives
47-day certs
Shrinking certificate lifetimes make manual tracking impossible
The product

One engine, four answers

Every organization runs cryptography it has forgotten about. CryptoScan answers the four questions regulators — and attackers — are already asking.

Where is all my cryptography?

TLS endpoints, certificate-transparency history, cloud KMS/HSM keys, SSH keys, and crypto-library calls in your code. Discovered continuously, inventoried in one place.

What will quantum break?

Every finding is classified against a deterministic, auditable rules table built on NIST FIPS 203/204/205 — never AI guesswork. RSA and ECC fall to Shor's algorithm; we show you exactly where they live.

Where's my CBOM?

One click exports a CycloneDX Cryptographic Bill of Materials shaped for Indian regulators — the artifact you'll owe in an audit.

Is my migration on track?

A prioritized fix list ordered by real risk, expiry alerting before certificates lapse, and drift detection when new vulnerable crypto sneaks in.

How it works

From domain to board-ready report

Start from nothing but your domain name. Go as deep as your compliance program needs.

Scan your public surface — free

We enumerate every subdomain ever certified for your domain via Certificate Transparency logs, probe each TLS endpoint, and grade your quantum readiness A–F. Takes about a minute.

Connect cloud & code

Read-only scanners inventory AWS/GCP/Azure keys and certificates, plus crypto usage in your repositories. Least-privilege access, metadata only.

Export your CBOM & track migration

Download the regulator-shaped CBOM, hand owners a prioritized remediation list, and watch your quantum-vulnerable percentage fall over time.

Pricing

Start free. Pay when it keeps you compliant.

The one-time external scan is free, forever. Paid tiers buy continuous monitoring, internal discovery, and the compliance artifacts.

Free
₹0
one-time scan
  • External TLS + CT-log scan
  • Quantum-readiness grade
  • Shareable web report
  • CBOM teaser
Run a free scan
Starter
₹15k–30k
per month
  • Continuous external monitoring
  • Certificate-expiry alerting
  • Scheduled re-scans
  • Email/Slack alerts
Talk to us
Growth
₹50k–1.5L
per month
  • Everything in Starter
  • Cloud + code internal discovery
  • Full CycloneDX CBOM export
  • India/NIST compliance reports
  • Migration tracking
Book a demo
Enterprise
Custom
annual
  • SSO / RBAC
  • On-prem or air-gapped deployment
  • MSSP / white-label options
  • Dedicated support
Contact sales
Security architecture

Built by people who scan crypto for a living

A crypto-hygiene vendor has no excuse for sloppy security. These are engineering invariants, not marketing copy.

Private keys never leave your environment. Scanners extract metadata only: algorithm, key size, fingerprint, expiry. Raw secret material is never transmitted or stored.

Deterministic classification. Quantum-vulnerability verdicts come from a hard-coded, auditable rules table mapped to NIST standards — never from an AI model.

Least privilege everywhere. Cloud scanners use read-only IAM roles; code scanners use read-only repo scopes. Every permission we request is documented.

India-hosted. Backend and data reside in AWS ap-south-1 (Mumbai) — data-residency and sovereignty-eligibility for regulated Indian entities.

See your internal crypto

The free scan shows your external surface. The real CBOM work — cloud keys, code-level crypto, SSH keys, Kubernetes secrets — starts with a 30-minute walkthrough on your own data.

Book a demo → hello@cisora.io