QubitAC Scanner

Scan. Discover. Secure.

Unmonitored web servers and SSH services are a growing blind spot. Certificates expire silently. Key exchanges go unchecked. PQC readiness is unknown. QubitAC Scanner scans your TLS endpoints and SSH services to map your cryptographic exposure in one pass — from discovery to dashboard, every step in one pipeline.

⬇ Download Scanner Open Dashboard

With QubitAC Scanner, you can:

Scan → Map your TLS & SSH surface

Scan every web server's TLS configuration and SSH service across your infrastructure. Discover what's running, where, and how it's configured — automatically.

TLS endpoints Certificates SSH services Cipher suites

Assess → Evaluate PQC readiness

Every endpoint is evaluated against NIST post-quantum standards. Know immediately which connections use quantum-vulnerable key exchanges and which have migrated to hybrid PQC groups like X25519MLKEM768.

ML-KEM (FIPS 203) ML-DSA (FIPS 204) Shor's vulnerability

Prioritize → Identify what to fix first

Detect expiring certificates, deprecated TLS versions, weak cipher suites, and missing PQC support. Each finding is ranked by migration urgency — critical, high, medium, or low — so your team fixes the right thing first.

Critical High Medium Low

Report → Generate compliance-ready evidence

Produce structured CBOM output that maps directly to NIST, PCI-DSS, and emerging PQC compliance frameworks. Export as JSONL, upload to the dashboard, and share with auditors, CISOs, and engineering leads.

CBOM JSONL Dashboard CSV / Markdown

The AC Scanner Flow

QubitAC's scanner pipeline combines reconnaissance, TLS analysis, certificate parsing, SSH auditing, and PQC assessment into a single automated flow.

qubitac — ac-scanner pipeline

What QubitAC Scanner Reveals

Deep analysis of every endpoint — from PQC vulnerability scoring to scan result quality and full dashboard visualization.

Quantum vulnerability assessment

Every scanned endpoint gets a three-component PQC analysis: key exchange, certificate signature, and public key. Each is checked against known quantum-vulnerable algorithms and assigned a migration priority level.

Detects PQC hybrid groups: X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768

Maps each vulnerability to its NIST replacement: ML-KEM, ML-DSA, FN-DSA

Priority levels: Critical (3 vulnerabilities) → Low (PQC hybrid active)

PQC Assessment

Key Exchange

X25519 — quantum vulnerable

Shor's

Certificate Signature

ECDSA-SHA256 — quantum vulnerable

Shor's

Hybrid Key Exchange

X25519MLKEM768 — quantum safe

ML-KEM

CRITICAL

3 vulnerabilities

LOW

PQC hybrid active

Visualize your cryptographic inventory

Upload your CBOM to the QubitAC dashboard and see your entire cryptographic posture at a glance. Filter by TLS version, cipher suite, certificate authority, PQC readiness, and migration priority.

Interactive charts for TLS versions, key exchanges, and certificates

PQC readiness score across your entire infrastructure

Export findings for auditors and compliance teams

Dashboard

Endpoints

1,247

PQC Ready

23%

TLS 1.3

78%

TLS 1.2

19%

TLS 1.0/1.1

Actionable findings, not noise

Every scan result includes probe status, data quality flags, and clear migration recommendations. Know exactly what data was extracted, what's missing, and what to fix first.

Smart probe classification: success, partial, incomplete, no_tls, failed

Data quality flags so you know exactly what was captured per host

JSONL output feeds directly into normalize, CBOM, and report pipelines

Scan Results

api.example.com:443

TLS 1.3 · TLS_AES_256_GCM_SHA384

success

legacy.example.com:443

TLS 1.2 · missing cert dates

partial

internal.example.com:8080

Port open · no TLS

no_tls

cdn.example.com:443

TLS 1.3 · X25519MLKEM768

PQC ✓

Start discovering your TLS & SSH exposure

Download the scanner, run it against your web servers and SSH hosts, and upload the results to see your PQC readiness score.

⬇ Download Scanner Open Dashboard