Automating Cryptography Inventory

Full visibility on cryptography use inside applications, networks and hardware.

Ensure “Crypto Agility”

Prepare for changes such as post-quantum cryptography by ensuring your applications are crypto agile.

Migrate Securely

Ensure that even your crypto-intensive applications will operate securely after migration to cloud cryptography services.

Continuous Compliance

Demonstrate regulatory compliance at the click of a button.

What is a Cryptography Inventory?

A cryptographic inventory is a strategic cybersecurity asset much like other hardware and software inventories. It enables an organisation to enforce a secure cryptographic policy across IT infrastructure, react quickly to security issues, and efficiently carry out strategic transformations such as migrating crypto services to the cloud or deploying post-quantum cryptography.

A good cryptography inventory will include information about algorithms, keys, certificates, protocols, and providers/libraries. It will also describe where each item is used and what data is being protected. In the case of a cryptographic key inventory, you will also record where your keys are being stored.

Advantages of a Cryptography Inventory

Know exactly what Cryptography your Application is using

Today’s applications often involve dozens of libraries, dependencies and framework components all of which may use cryptography for some of their functionality. Getting a handle on the keys and cryptography in use is difficult. Documentation is rarely complete and code review for a million-line application is too laborious. Legacy software can be even more difficult to deal with.

Get Full Visibility

Unlike other tools on the market, Cryptosense Analyzer is able to see inside running applications, this gives it a unique insight into the real workings of the application. Cryptosense’s tracing approach sees all the calls to the crypto libraries made by an application, including the those made by framework components and libraries. In the report, Analyzer gives a full summary of the crypto operations seen in the trace, including information on algorithms, keys, key lengths, key storage, certificates and cryptographic libraries used for each operation.

End-to-End Key Lifecycle Data

Cryptosense Analyzer shows you which keys are used for which operations. The interface allows you to filter out certain keys, such as those that are unused (often public key certificates in TLS keystores), and ephemeral keys (like TLS session keys).

If you are planning a migration to cloud cryptography, you can also check which keys would be suitable for direct use as a bring-your-own key in cloud crypto services.

Analyzer Screenshot - Inventory

Demonstrate Compliance and Plan Changes

Our cryptography inventory reports allow you to demonstrate compliance with standards requiring the use of specific cryptographic algorithms and keylengths. For example: FIPS or PCI-DSS. They are also useful when planning refactoring around new crypto libraries or cloud crypto services.

Cryptography Inventory White Paper

Learn how to build and maintain a useful cryptography inventory.
Enforce your secure cryptographic policy across IT infrastructure, react quickly to security issues, efficiently carry out strategic transformations, such as migrating cryptography services to the cloud, or deploying post-quantum cryptography.

read white paper