Federal CNSA 2.0 deadline · January 2027

Is your codebase ready for the Post-Quantum federal mandates?

CipherMap is a local, privacy-first CLI that audits your repository for quantum-vulnerable cryptography. Find out where you stand in 30 seconds.

One command. No signup. Click to copy.

ciphermap — scan session

Built for the cryptographic migration

Everything you need to inventory, grade, and gate your post-quantum readiness — without handing your source code to a third party.

Detects quantum-vulnerable crypto

Flags RSA, ECDSA, DH, and broken hashes like MD5 across your entire dependency tree before adversaries harvest-now-decrypt-later.

CNSA 2.0 aware

Maps findings against the NSA's Commercial National Security Algorithm Suite 2.0 and the January 2027 federal migration deadlines.

CycloneDX 1.6 CBOM export

Serialize every cryptographic asset into a machine-readable Cryptographic Bill of Materials for auditors and compliance pipelines.

CI/CD gates

Drop ciphermap into GitHub Actions with --fail-on=critical to block non-compliant pull requests automatically.

Zero network footprint

Runs 100% on your machine. Your source code never leaves the directory — no uploads, no telemetry, no servers.

Results in 30 seconds

A single binary crawls thousands of files in seconds, producing a color-coded readiness grade you can act on instantly.

Grade your repository now

Don't wait for an audit to find your RSA-2048 keys. Scan locally, today.