Encryption Consulting Launches CBOM Secure V1.1 to Map Enterprise Cryptography Before the Post-Quantum Deadline Hits

Encryption Consulting has launched CBOM Secure V1.1, an enterprise platform designed to give security teams a full inventory of the cryptography running across their applications, cloud environments, and on-premises infrastructure.

The release comes as enterprises face mounting pressure to understand where encryption keys, certificates, algorithms, and cryptographic libraries are hidden across sprawling technology estates. That visibility is becoming more urgent as the U.S. government accelerates post-quantum cryptography timelines, moving federal civilian agency migration deadlines closer for key establishment and digital signature systems.

CBOM Secure V1.1 is built to address a problem many organizations still handle manually: finding and tracking every cryptographic asset before it becomes a compliance failure, outage risk, or post-quantum security exposure. Rather than focusing only on certificates or network endpoints, the platform models cryptographic assets as a relationship graph. That means it can connect certificates to private keys, trace how secrets are used by services, and show where risky algorithms or reused keys may be hiding.

“Most cryptographic inventories stop at certificates and network endpoints,” said Puneet Singh, principal at Encryption Consulting LLC. “The risk that matters often lives deeper, in source code and in the relationships between keys, certificates, and the services that consume them. With 20+ production sensors spanning source code through to production infrastructure, CBOM Secure gives teams the one thing they have never had: the full picture, correlated in a single place.”

The platform assigns cryptographic assets a 0-to-100 risk score, helping analysts prioritize weak algorithms, expiring certificates, self-signed certificates, short validity windows, key reuse, and insecure cipher configurations. Encryption Consulting says this can reduce the manual effort normally required to triage thousands of cryptographic findings and make compliance evidence easier to produce during audits.

That matters because cryptographic failures can be expensive and difficult to diagnose. An expired certificate can trigger major downtime, while a compromised certificate authority or newly broken algorithm can leave teams scrambling for days to determine exposure. CBOM

Secure is designed to shorten that response window by continuously monitoring cryptographic assets and alerting teams before expirations, policy violations, or insecure configurations turn into incidents.

Version 1.1 adds several major capabilities. A new CrowdStrike Falcon integration allows host inventory discovered through Falcon to sync into CBOM Secure’s host registry, giving organizations already using CrowdStrike a faster path to cryptographic visibility across those assets. The release also adds AWS cloud discovery, expanding support alongside Azure, Google Cloud, HashiCorp Vault, hardware security modules, and on-premises systems.

For developers and application security teams, the new Source Code Visualizer maps cryptographic API usage and library dependencies across codebases. That feature is intended to surface deprecated algorithms, hardcoded secrets, and embedded credentials before software reaches production, where remediation is far more expensive.

The release also brings AI into the platform. CBOM Secure V1.1 includes a retrieval-augmented generation service over product documentation and major compliance materials, including NIST, FIPS, PCI, and RFC standards. Encryption Consulting has also embedded Model Context Protocol support, allowing the platform’s cryptographic inventory, policies, sensor data, and analytics rules to be exposed as structured context for AI models. The company says that foundation will support natural language queries, AI-assisted remediation, and anomaly detection.

CBOM Secure V1.1 is already being used in financial services, according to the company. In one case, a global bank used the platform to find and retire deprecated algorithms that had remained active despite internal policies banning them. In another, a diversified financial group used it to reconcile certificates and keys across cloud systems, HSMs, directories, and trust stores, then revoke expired certificates and remove weak reused keys.

The broader market timing is notable. As enterprises prepare for the post-quantum transition, cryptographic asset management is becoming a core cybersecurity discipline rather than a narrow certificate-management function. Organizations cannot migrate what they cannot find, and many still lack a reliable map of where vulnerable algorithms and cryptographic dependencies exist.

CBOM Secure V1.1 is available now as an enterprise subscription. The platform supports exports in the open CycloneDX format, allowing findings to integrate with software bill of materials, governance, risk and compliance, and supply-chain security tools.