With the rise of quantum computing and agentic automation, cybersecurity faces unprecedented challenges. Quantum computers threaten to break many existing cryptographic algorithms, while intelligent autonomous agents can quickly find and exploit weaknesses. To stay ahead, organizations must adopt
cryptographic agility—the ability to rapidly identify, evaluate, and seamlessly update cryptographic assets in response to emerging threats.
The essential first step toward cryptographic agility is gaining clear visibility into all cryptographic components used within software systems. This is achieved through a
Cryptographic Bill of Materials (CBOM), which inventories algorithms, keys, certificates, and cryptographic libraries in use. A CBOM provides a foundational map to assess risk, ensure compliance, and plan transitions to quantum-resistant cryptography.
In this session, we introduce
CBOMkit-Hyperion, a Sonar Cryptography Plugin that automates CBOM creation by scanning source code as part of CI/CD pipelines. We’ll also demonstrate how to use the
CBOMkit - a toolkit to generate, visualize and analyze cryptographic assets, empowering teams to make informed, agile decisions.
Takeaways:Attendees will understand why
crypto-agility is critical in today’s AI and quantum threat landscape , and how a
Cryptographic Bill of Materials (CBOM) serves as the essential first step toward achieving it. Through a practical demo of the
CBOMkit, participants will gain hands-on knowledge of how to integrate cryptographic discovery and inventory into their development workflows—enabling them to embrace crypto-agility effectively in their day-to-day work.
Resource to enhance proposal: Session as Speakers regarding PQC importance and how to approach in OpenSSF community day Event, Delhi -
https://youtu.be/By9_KtcajpI?feature=shared
