PQLens

Know every algorithm you run.

PQLens builds your cryptographic inventory, scores your quantum exposure, and hands you auditor-ready evidence β€” at mid-market prices. 100% local; nothing leaves your machine.

πŸ”’ 100% local & offline-capable πŸ“‹ PCI DSS 12.3.3 evidence 🧾 CycloneDX 1.6 CBOM πŸ”‘ ML-DSA-signed reports

Cryptographic inventory is already mandatory.

PCI DSS v4.0 requirement 12.3.3 requires a documented inventory of the cryptography you use β€” today, not in 2030. PQLens generates that evidence in an afternoon, and flags the embarrassing stuff (MD5, SHA-1, TLS 1.0, RSA-1024) while it's at it. Post-quantum readiness is the roadmap it hands you next.

Broken / deprecated Quantum-vulnerable Quantum-weakened PQC-ready

Four discovery surfaces

One tool, from source to certificate. Ships five languages well, not fifteen poorly.

Code

Crypto API usage across Python, JavaScript/TypeScript, Java/Kotlin and Go β€” algorithm, key size, library, file:line.

TLS endpoints

Protocol versions, cipher suites, key-exchange groups (spot classical ECDHE vs hybrid X25519MLKEM768), certificate chains and expiry.

Certificates

PEM/DER stores and directories β€” key algorithm and size, signature hash, validity, deprecated-signature warnings.

SBOM enrichment

Ingest a CycloneDX or SPDX SBOM and attribute the crypto each dependency ships, classified for quantum risk.

Install

A single static binary β€” CLI for pipelines, desktop app when you run it with no arguments.

# macOS / Linux β€” download, then run the desktop app or the CLI
curl -fsSL https://files.pqlens.cybxsan.com/latest/pqlens_$(uname -s)_$(uname -m).tar.gz | tar xz

./pqlens                         # opens the desktop app
./pqlens scan code .             # inventory this repo
./pqlens scan tls example.com    # probe a TLS endpoint
./pqlens scan code . --fail-on quantum-vulnerable   # CI gate (Pro)

Pricing

Free for local discovery. Paid tiers unlock reports, compliance evidence, and the audit channel.

Free
$0
forever
  • Code / cert / SBOM scans
  • Up to 10 TLS endpoints
  • CycloneDX & JSON output
Download
Pro
$99
/ month
  • Unlimited scans
  • HTML/PDF reports
  • Roadmap engine Β· CI mode
Upgrade
Compliance
$349
/ month
  • ML-DSA-signed evidence
  • PCI / ISO / CNSA mappings
  • Drift alerts Β· cloud history
Upgrade
Partner
$599
/ month + $199/report
  • White-label for auditors
  • Client workspaces
  • vCISO / consultancy tooling
Contact

Need it done for you? The PQC Readiness Assessment β€” tool-assisted report + 90-day roadmap + 1-hour readout β€” is $4,500, ~20–25% of Big-4 equivalents. Talk to CybXSan.

PQLens by CybXSan Β· The evidence engine is open source: cybxsan-evidence.
We never claim β€œquantum-proof.” Verdicts follow NIST FIPS 203–205 and CNSA 2.0.