Cryptographic Bill of Materials
A comprehensive inventory of all cryptographic algorithms, keys, and certificates in your software stack.
What is a CBOM?
A Cryptographic Bill of Materials (CBOM) is a detailed inventory that catalogs all cryptographic assets within a software system, including:
- Encryption algorithms and key lengths
- Hashing functions and signatures
- Certificates and their expiration dates
- Cryptographic libraries and dependencies
Why CBOMs Matter
CBOMs are essential for organizations preparing for the quantum computing era and maintaining regulatory compliance:
- Identify quantum-vulnerable algorithms
- Plan post-quantum cryptography migrations
- Meet compliance requirements (NIST, FIPS)
- Reduce security technical debt
Sample CBOM Report
Example cryptographic findings from a typical application scan
RSA-1024
auth/jwt.py
Upgrade to RSA-2048 or ECDSA
critical
SHA-1
utils/hash.js
Migrate to SHA-256 or SHA-3
high
AES-256-GCM
encrypt/data.go
Quantum-safe, no action needed
secure
MD5
legacy/checksum.c
Replace with SHA-256
critical
Ready to Generate Your CBOM?
Start scanning your applications today and get comprehensive cryptographic insights.