// Our Platform  //

Qinsight Platform Overview

Qinsight is a cryptographic posture management platform that discovers, inventories, and analyzes all enterprise cryptography—keys, keystores, certificates, libraries, algorithms, protocols, and more. It surfaces weaknesses, compliance gaps, and quantum-vulnerable assets to improve organizations' quantum readiness.

How It Works

Qinsight helps you discover, inventory, analyze, and act on all enterprise cryptography in one place. It builds a living catalog of keys, X.509 certificates, algorithms, protocols, and owners (CBOM-ready), highlights weak or non-compliant crypto and quantum-vulnerable assets, and guides remediation to improve readiness.

// FAQ//

Frequently Asked Questions?

01/

What is a Cryptographic Posture Management Platform?

Our Cryptographic Posture Management Platform (CPM) gives you visibility and control over how cryptography is used across your environment. Qinsight builds a live CBOM (algorithms, keys, certificates, issuers/expirations, protocols, owners) and turns it into actionable insights—clear issues with severity, owners, and next steps—plus reports you can share with leadership and auditors.

02/

How does Qinsight discover and inventory cryptography?

Through authorized collection of cryptographic signals across systems and services (no heavy rollout). Findings are normalized into a searchable CBOM with business context (system, environment, owner) and can be exported to CSV/PDF or synced to CMDB/ticketing.

03/

What does the analytics/risk engine flag?

Deprecated protocol versions, weak/legacy ciphers, short keys, self-signed/mis-issued or near-expiry certs, inconsistent profiles—and quantum-susceptible usage where classical public-key schemes (e.g., RSA, DH/ECDH, DSA/ECDSA) protect sensitive flows. Qinsight highlights these areas and rolls them into an overall PQC readiness score so you can prioritize pilots and migrations.

04/

What's included in the Cryptographic Bill of Materials?

A structured inventory of cryptographic assets and metadata, typically including:

  • Algorithms (e.g., AES-GCM, RSA-2048, ECDH), with parameters/modes/OIDs and classical vs quantum security level fields.
  • Protocols (e.g., TLS/SSH) with negotiated suites and referenced crypto.
  • Certificates/keys (public/private/secret), sizes/curves, issuers, validity, and key states (pre-activation, active, suspended, deactivated, compromised, destroyed) aligned to NIST key-management guidance.
  • Dependencies (who implements vs uses what), so you can trace impact.
05/

Do you store private keys or payload data?

No. Qinsight stores metadata (endpoints, certificate fields, protocol/cipher details, findings) and audit logs—never private keys or customer payloads.

06/

Is Qinsight cloud-native?

Yes. Qinsight is built as a cloud-native SaaS platform, designed for scale, fast onboarding, and seamless operation across hybrid and multi-cloud environments. No heavy infrastructure is required, and customers benefit from enterprise-grade integrations and updates delivered automatically.

07/

Do you automate certificate lifecycle (CLM)?

Today we focus on discovery, inventory, analytics, and alerts (including expirations and drift). We create issues with owners/dates and export to ticketing/CMDB; PKI/CLM integrations are on the roadmap.