All products

Overview

How SaQura PQC Scan works

A free tool that finds quantum-vulnerable cryptography (RSA, ECC …) in your code — as a GitHub Action or from the command line. In 30 seconds you see where action is needed.

Overview

The problem in one paragraph

Almost every piece of software uses encryption — a digital lock for passwords, messages and data. The locks in common use today (RSA, ECC) can be broken by a future quantum computer. Regulators such as Germany's BSI and the EU's NIS2 directive are pushing the move to quantum-safe methods. Attackers already capture data today to decrypt it later — which is why it matters now.

What it is

It finds the old locks in your code

Every migration starts with one question: where is the outdated crypto? SaQura PQC Scan reads your source code and dependencies and sorts each finding into a traffic-light level — quantum-vulnerable, already-weak, or quantum-safe. You get an easy-to-read report (with a percentage score) plus a standards-conformant inventory (CycloneDX CBOM). The tool is free, open source and changes nothing in your code.

Your codegets scanned
Report + CBOMtraffic light + score
SaQuramigrate & secure

Who it's for

When this is the right fit

For developers and teams who want to know how quantum-safe their software is — and need verifiable evidence (a CBOM) for audits and compliance.

Getting started

Get going

Add it as a GitHub Action in your CI — a report on every pull request — or run it locally with one command. Full details in the public repository.

npx saqura-pqc-scan .

What's next

Next steps