From c55570e6218863c29a50267fc458ebec46cfc683 Mon Sep 17 00:00:00 2001 From: Brett VanWagoner Date: Sun, 14 Dec 2025 23:19:35 -0700 Subject: [PATCH] Added CADI vendor QubitOwl and sorted alphabetically by Vender --- CADI.md | 96 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 47 insertions(+), 49 deletions(-) diff --git a/CADI.md b/CADI.md index 093deec..5d07197 100644 --- a/CADI.md +++ b/CADI.md @@ -1,49 +1,47 @@ -# Crypto Asset Discovery Tools (CADI) Index - -A crucial first step in transitioning to quantum-safe cryptography is understanding your cryptographic landscape. This requires discovering and inventorying the cryptographic assets within your IT environment. - -Various Crypto Asset Discovery (CADI) tools are emerging from different vendors, each with unique approaches and varying levels of maturity. Keeping track of this evolving market can be challenging. - -The **CADI Index** aggregates publicly available information about these tools to support cybersecurity professionals in their research and decision-making. All data included here comes from public sources, such as [NIST SP 1800-38B](https://www.nccoe.nist.gov/sites/default/files/2023-12/pqc-migration-nist-sp-1800-38b-preliminary-draft.pdf) and official vendor websites. - -## Index Structure - -- Tools are listed alphabetically by *vendor name*. -- *Yes/No* fields indicate whether a tool is confirmed to support a specific functionality. -- A blank field means the functionality is either unknown or unconfirmed. - -| Tool name | Vendor | License | Network traffic | Code / Development pipelines | Filesystem | Runtime and applications | Requires agents | Leverages external tools | Others | Comments | -| --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------- | ---------- | --------------- | ---------------------------- | ---------- | ------------------------ | --------------- | ------------------------ | ---------------------- | -------- | -| [Cryptomon](https://github.com/Santandersecurityresearch/CryptoMon) | Banco Santander | Opensource | Yes | No | No | No | No | | | | -| [CryptoBOM-Forge](https://github.com/Santandersecurityresearch/cryptobom-forge) | Banco Santander | Opensource | No | Yes | No | No | No | CodeQL | | | -| [Mercury](https://github.com/cisco/mercury) | Cisco | Commercial | Yes | No | No | | | | No | | -| [PostQ](https://www.cyberseq.io/) | CyberSeQ | Commercial | Yes | Yes | Yes | Yes | No | Yes | Integrated with CBOM, QBOM, QRNG, and PQC readiness assessment | Automates discovery, CBOM/QBOM generation, AI-enabled refactoring, PQC PenTesting, network cryptography monitoring (TLS/SSH/PCAP), and QRNG-based entropy services. | -| [Pcert](https://datawh.info/en/pcert/) | Datawarehouse | Commercial | Yes | Yes | Yes | | | | HSMs, TPM, Truststores | | -| [Key Insight](https://www.fortanix.com/platform/key-insight) | Fortanix | Commercial | | | | | | | | | -| [CodeQL](https://codeql.github.com/) | Github | Commercial | No | Yes | No | No | | | | | -| [CBOMkit](https://github.com/IBM/cbomkit) | IBM | Opensource | No | Yes | No | No | No | No | | Toolset for dealing with Cryptography Bill of Materials (CBOM) | -| [Sonar Cryptography Plugin](https://github.com/IBM/sonar-cryptography) | IBM | Opensource | No | Yes | No | No | No | No | | SonarQube Plugin that detects cryptographic assets in source code and generates CBOM | -| [Quantum Safe Explorer](https://www.ibm.com/docs/en/quantum-safe/quantum-safe-explorer/2.x.x_beta) | IBM | Commercial | No | Yes | No | Yes | No | Yes | | | -| [Guardium Quantum Safe](https://www.ibm.com/products/guardium-quantum-safe) | IBM | Commercial | | | | | | Yes | | | -| [Crypto Analytics Tool (CAT)](https://community.ibm.com/community/user/security/blogs/phillip-allison1/2024/09/02/building-an-ibmz-crypto-inventory-starting-with-ib) | IBM | Commercial | | | | | | | For Z mainframes | | -| [AgileSec Analytics](https://www.infosecglobal.com/products/agilesec-analytics) | Infosec Global | Commercial | Yes | | Yes | | | | | | -| [Advance](https://www.isara.com/products/isara-advance-cryptographic-inventory-and-risk-assessment-tool.html) | ISARA | Commercial | | | | | | | | | -| [Command](https://www.keyfactor.com/products/command/) | Keyfactor | Commercial | | | | | | | Certificates | | -| [CBOMkit-action](https://github.com/PQCA/cbomkit-action) | PQCA (Linux Foundation) | Opensource | No | Yes | No | No | No | No | | GitHub Action to generate Cryptography Bill of Materials (CBOM) | -| [NGFW](https://docs.paloaltonetworks.com/network-security/decryption/administration/post-quantum-cryptography-decryption/detection-control-post-quantum-cryptography) | Palo Alto | Commercial | Yes | No | No | No | No | | | | -| [QryptoScan](https://qryptocyber.com/qryptoscan/) | QryptoCyber | Commercial | | | | | | | | | -| [QryptoDiscover](https://qryptocyber.com/qryptodiscover/) | QryptoCyber | Commercial | | | | | | | | | -| [QryptoAssets](https://qryptocyber.com/qryptoassets-asset-encryption-scanning-cryptographic-inventory/) | QryptoCyber | Commercial | | | | | | | | | -| [QryptoDB](https://qryptocyber.com/qryptodb-database-encryption-scanning-cryptographic-inventory/) | QryptoCyber | Commercial | | | | | | | | | -| [QryptoCode](https://qryptocyber.com/qryptocode-code-encryption-scanning-cryptographic-inventory/) | QryptoCyber | Commercial | | Yes | | | | | | | -| [CDT](https://quantumgate.ae/) | QuantumGate | Commercial | | | | | | | | | -| [CipherInsights](https://quantumxc.com/cipherinsights/) | QuantumXchange | Commercial | Yes | No | No | | | | | | -| [QuProtect](https://www.qusecure.com/quprotect/cryptographic-discovery-and-inventory/) | QuSecure | Commercial | | | | | | | | | -| S-CAPE | Samsung SDS | Commercial | | Yes | | | | | | | -| [SECUI BLUEMAX NGF VE](https://www.secui.com/en/cloud/bluemaxngfve) | Samsung SDS | Commercial | Yes | No | No | No | No | | | | -| [AqtiveGuard](https://www.sandboxaq.com/solutions/aqtive-guard) | SandboxAQ | Commercial | Yes | Yes | Yes | Yes | No | Yes | | | -| [SSHerlock](https://info.ssh.com/ssherlock-ssh-key-discovery-and-post-quantum-resilience-assessment) | SSH.com | Opensource | | | | | | | SSH keys | | -| [Transparency Platform](https://www.binarly.io/blog/binarly-transparency-platform-v2-7-propels-enterprises-toward-post-quantum-readiness) | Binarly | Commercial | No | Yes | Yes | Yes | No | No | Firmware, Docker | | - - - +# Crypto Asset Discovery Tools (CADI) Index + +A crucial first step in transitioning to quantum-safe cryptography is understanding your cryptographic landscape. This requires discovering and inventorying the cryptographic assets within your IT environment. + +Various Crypto Asset Discovery (CADI) tools are emerging from different vendors, each with unique approaches and varying levels of maturity. Keeping track of this evolving market can be challenging. + +The **CADI Index** aggregates publicly available information about these tools to support cybersecurity professionals in their research and decision-making. All data included here comes from public sources, such as [NIST SP 1800-38B](https://www.nccoe.nist.gov/sites/default/files/2023-12/pqc-migration-nist-sp-1800-38b-preliminary-draft.pdf) and official vendor websites. + +## Index Structure + +- Tools are listed alphabetically by *vendor name*. +- *Yes/No* fields indicate whether a tool is confirmed to support a specific functionality. +- A blank field means the functionality is either unknown or unconfirmed. + +| Tool name | Vendor | License | Network traffic | Code / Development pipelines | Filesystem | Runtime and applications | Requires agents | Leverages external tools | Others | Comments | +| --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | ---------- | --------------- | ---------------------------- | ---------- | ------------------------ | --------------- | ------------------------ | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| [Cryptomon](https://github.com/Santandersecurityresearch/CryptoMon) | Banco Santander | Opensource | Yes | No | No | No | No | | | | +| [CryptoBOM-Forge](https://github.com/Santandersecurityresearch/cryptobom-forge) | Banco Santander | Opensource | No | Yes | No | No | No | CodeQL | | | +| [Transparency Platform](https://www.binarly.io/blog/binarly-transparency-platform-v2-7-propels-enterprises-toward-post-quantum-readiness) | Binarly | Commercial | No | Yes | Yes | Yes | No | No | Firmware, Docker | | +| [Mercury](https://github.com/cisco/mercury) | Cisco | Commercial | Yes | No | No | | | | No | | +| [PostQ](https://www.cyberseq.io/) | CyberSeQ | Commercial | Yes | Yes | Yes | Yes | No | Yes | Integrated with CBOM, QBOM, QRNG, and PQC readiness assessment | Automates discovery, CBOM/QBOM generation, AI-enabled refactoring, PQC PenTesting, network cryptography monitoring (TLS/SSH/PCAP), and QRNG-based entropy services. | +| [Pcert](https://datawh.info/en/pcert/) | Datawarehouse | Commercial | Yes | Yes | Yes | | | | HSMs, TPM, Truststores | | +| [Key Insight](https://www.fortanix.com/platform/key-insight) | Fortanix | Commercial | | | | | | | | | +| [CodeQL](https://codeql.github.com/) | Github | Commercial | No | Yes | No | No | | | | | +| [CBOMkit](https://github.com/IBM/cbomkit) | IBM | Opensource | No | Yes | No | No | No | No | | Toolset for dealing with Cryptography Bill of Materials (CBOM) | +| [Sonar Cryptography Plugin](https://github.com/IBM/sonar-cryptography) | IBM | Opensource | No | Yes | No | No | No | No | | SonarQube Plugin that detects cryptographic assets in source code and generates CBOM | +| [Quantum Safe Explorer](https://www.ibm.com/docs/en/quantum-safe/quantum-safe-explorer/2.x.x_beta) | IBM | Commercial | No | Yes | No | Yes | No | Yes | | | +| [Guardium Quantum Safe](https://www.ibm.com/products/guardium-quantum-safe) | IBM | Commercial | | | | | | Yes | | | +| [Crypto Analytics Tool (CAT)](https://community.ibm.com/community/user/security/blogs/phillip-allison1/2024/09/02/building-an-ibmz-crypto-inventory-starting-with-ib) | IBM | Commercial | | | | | | | For Z mainframes | | +| [AgileSec Analytics](https://www.infosecglobal.com/products/agilesec-analytics) | Infosec Global | Commercial | Yes | | Yes | | | | | | +| [Advance](https://www.isara.com/products/isara-advance-cryptographic-inventory-and-risk-assessment-tool.html) | ISARA | Commercial | | | | | | | | | +| [Command](https://www.keyfactor.com/products/command/) | Keyfactor | Commercial | | | | | | | Certificates | | +| [NGFW](https://docs.paloaltonetworks.com/network-security/decryption/administration/post-quantum-cryptography-decryption/detection-control-post-quantum-cryptography) | Palo Alto | Commercial | Yes | No | No | No | No | | | | +| [CBOMkit-action](https://github.com/PQCA/cbomkit-action) | PQCA (Linux Foundation) | Opensource | No | Yes | No | No | No | No | | GitHub Action to generate Cryptography Bill of Materials (CBOM) | +| [QryptoScan](https://qryptocyber.com/qryptoscan/) | QryptoCyber | Commercial | | | | | | | | | +| [QryptoDiscover](https://qryptocyber.com/qryptodiscover/) | QryptoCyber | Commercial | | | | | | | | | +| [QryptoAssets](https://qryptocyber.com/qryptoassets-asset-encryption-scanning-cryptographic-inventory/) | QryptoCyber | Commercial | | | | | | | | | +| [QryptoDB](https://qryptocyber.com/qryptodb-database-encryption-scanning-cryptographic-inventory/) | QryptoCyber | Commercial | | | | | | | | | +| [QryptoCode](https://qryptocyber.com/qryptocode-code-encryption-scanning-cryptographic-inventory/) | QryptoCyber | Commercial | | Yes | | | | | | | +| [CDT](https://quantumgate.ae/) | QuantumGate | Commercial | | | | | | | | | +| [CipherInsights](https://quantumxc.com/cipherinsights/) | QuantumXchange | Commercial | Yes | No | No | | | | | | +| [QubitOwl](https://www.qubitowl.com/) | QubitOwl | Commercial | Yes | No | Yes | No | Yes | No | Certificates, SSH keys, TLS handshakes | Automatically discover and maintain an up-to-date inventory of all cryptographic assets, with detailed insights into asset status and health to enable effective risk assessment and remediation prioritization. | +| [QuProtect](https://www.qusecure.com/quprotect/cryptographic-discovery-and-inventory/) | QuSecure | Commercial | | | | | | | | | +| S-CAPE | Samsung SDS | Commercial | | Yes | | | | | | | +| [SECUI BLUEMAX NGF VE](https://www.secui.com/en/cloud/bluemaxngfve) | Samsung SDS | Commercial | Yes | No | No | No | No | | | | +| [AqtiveGuard](https://www.sandboxaq.com/solutions/aqtive-guard) | SandboxAQ | Commercial | Yes | Yes | Yes | Yes | No | Yes | | | +| [SSHerlock](https://info.ssh.com/ssherlock-ssh-key-discovery-and-post-quantum-resilience-assessment) | SSH.com | Opensource | | | | | | | SSH keys | |