Skip to content
Free forever for design partners · DORA · NIS2 · NIST PQC

Is your code readyfor the quantum era?

Scan your GitHub repositories for cryptography vulnerable to quantum attacks. Your code never leaves your infrastructure. Use it free and help us perfect detection.

No credit card · 2-minute scan · GDPR-compliant

Privacy by architecture

Your code never leaves your infrastructure

Privacy is not a promise — it's a right. It's an architecture you can audit. Four layers, all verifiable.

Client-side scan via GitHub Actions

Scanner runs inside your CI runner. We receive only structured findings — file path, line number, algorithm. Source code never leaves your infrastructure.

Memory-only fallback (zero persistence)

When server-side processing is unavoidable, code stays in RAM, gets scanned, and the container is destroyed. No disk write, no logs, no caches.

Open-source scanner core

Scanner core is MIT-licensed on GitHub with reproducible builds. Compile it yourself and verify the hash matches what we run.

Audit log per access

Every internal access generates an audit entry visible to you. You see who looked at your findings, when, and why — with cryptographic hashes.

Read full privacy architecture

Quantum readiness index · live

The numbers that matter

2030
Q-Day estimated by NIST

Cryptographically relevant quantum computers projected this decade.

€10M
DORA crypto fines

Maximum penalty for non-compliance under DORA Article 50.

87%
No crypto inventory

Of EU enterprises lack a cryptographic bill of materials.

How it works

Three steps from repo to audit

We scan, classify and certify. You ship the report.

01

Connect repository

Install our GitHub App. Scanner runs inside your CI — your code never leaves your infrastructure.

02

AI deep analysis

We detect RSA, ECC, weak hashes and outdated TLS, then map each finding to PQC alternatives (ML-KEM, ML-DSA, SLH-DSA).

03

Audit-ready report

CycloneDX 1.7 CBOM, executive PDF and DORA / NIS2 / ISO 27001 mapping — ready for your auditor.

Why now

Why this matters NOW

The quantum threat is not theoretical anymore. It is on the audit calendar.

Harvest now, decrypt later

Adversaries already capture encrypted traffic today, betting on quantum decryption before 2030. Long-lived secrets need PQC now.

Regulation tightens 2026–2030

DORA, NIS2 and BSI TR-02102 require cryptographic inventories and migration plans. Audits begin Q3 2026.

Migration takes 3–7 years

Refactoring TLS, KMS and signing pipelines is multi-year work. Inventory is the first deliverable — start before the audit.

Live demo preview

See it in action

acme/payments-api
68
risk score
14 findings · 372 files scanned
Recent findings
FileAlgorithmSeverity
auth/jwt.ts:47RSA-2048high
tls/server.go:132ECDSA P-256high
crypto/legacy.py:89SHA-1critical
vendor/openssl-1.0.2.js:12TLS 1.0critical
kms/sign.rs:64Ed25519medium
Exposure by language
TypeScript142 · 38%
Go88 · 24%
Python71 · 19%
Rust44 · 12%
Java27 · 7%

Design partners program

Quantum defense against cyberattacks: you protect, we learn, everyone gets stronger

We are in Phase 1: building the LATAM crypto-inventory dataset, not chasing MRR. You scan free. We learn from anonymized patterns. Everyone wins.

Strengthen the community against cyberattacks
  • Unlimited repositories — public or private
  • Weekly scans + drift alerts
  • Audit-ready PDF + CycloneDX 1.7 CBOM
  • DORA / NIS2 / NIST PQC / ISO 27001 mapping
  • Direct access to founder for feedback
  • Locked-in free price for 12 months minimum
Claim your spot

You scan. We publish the aggregates. Your code never leaves GitHub.

What we ask in return

We aggregate anonymized findings (algorithm frequency, framework distribution) into a public LATAM benchmark — never your code, never your secrets, never your repo names.

Sponsor scan costs ☕

Each scan costs ~US$0.20 in API fees. You can sponsor scans for other design partners — US$5 = 25 scans, US$20 = 100 scans. Supporters listed publicly on Ko-fi. Your scan data stays private, always.

Support on Ko-fi →

Live transparency · May 2026

Free scans covered
22
API cost per scan
$0.05
Pool balance
$4

API costs are currently covered by the founder's pool. Updated monthly.

— or —

🔑 Prefer to cover your own costs?

Configure your own Anthropic, OpenAI, or Gemini API key in Settings. Scan costs go directly to your account — zero impact on the platform pool. No quota anxiety.

Create account and configure →