Quantum Xchange CipherInsights enhancements identify weaknesses in enterprise cryptography

Quantum Xchange announced the latest release of CipherInsights, the company’s network monitoring, crypto-discovery and risk assessment tool.

Version 11.0 includes several new features to pinpoint any weaknesses in enterprise cryptography and ease an organization’s inevitable migration to quantum-safe cryptography, replacing their legacy encryption with Post Quantum Cryptography (PQC) standards to be announced by the U.S. Department of Commerce’s National Institute for Standards and Technology (NIST) summer 2024.

Deployed as a passive listener on the network, CipherInsights continuously monitors dozens of cryptographic risk factors in near real time, including quantum-vulnerable cryptography and where encryption is deficient or outright lacking.

The sensor-based tool and on-the-wire analysis differs from network visibility and vulnerability scanners in that it scans and analyzes all traffic – even outbound traffic destined for an external host. For its functionality and practicality, CipherInsights is a discovery tool accepted by NIST’s National Cybersecurity Center of Excellence, Migration to PQC Project.

NIST highly recommends organizations begin their migration planning with a systems audit and inventory of all quantum-vulnerable cryptography in use throughout the enterprise. From there, risk analysis, prioritization, and remediation efforts can take place.

Quantum Xchange has responded, adding advanced dashboards to CipherInsights that capture an organization’s progress towards quantum-safety, prioritized by risk and exposure. On a single screen an organization can quickly determine what encryption is quantum-safe, what is not yet quantum-safe, and what cryptography is currently breakable by hackers using conventional systems.

Further efficiencies found in CipherInsights version 11.0 include new Application Programming Interfaces (APIs) to ensure seamless integration with established infrastructure and cybersecurity tools, such as Configuration Management Database (CMDB), Security Information and Event Management (SIEM), and Security Orchestration, Automation and Response (SOAR) systems. This version update also adds the ability to produce Cryptographic Bill of Materials (CBOM), which is quickly becoming the industry standard for reporting on cryptography used in an organization.

Even more prophetic are the additions of several new data fields to the already robust intelligence gathering and continuous network monitoring capabilities of CipherInsights. Now users can obtain upfront knowledge into which systems will respond well to the new PQCs and what connectivity and functionality will break when PQC standards are introduced to the network. This advanced troubleshooting and risk mitigation feature is certain to save organizations considerable time, resources, and budget on their path to quantum safety.

“We’re extremely proud of the CipherInsights product and its ability to provide in-depth visibility in the cryptographic deficiencies at large government agencies and commercial enterprises,” said Dr. Vincent Berk, Chief Strategist at Quantum Xchange.

“The global migration to quantum-safe cryptography will be a major undertaking fraught with uncertainties and unforeseen risks. We’re providing the technologies and real-time insights to navigate these unchartered waters easily and affordably with solutions that meet organizations wherever they are in their cryptographic journey – assess quantum readiness with CipherInsights and deploy quantum remediation with Phio TX,” added Berk.