Make your cryptography quantum-safe without rewriting your apps
PostQ is the control plane for hybrid and post-quantum cryptography. Discover vulnerable crypto, migrate to Dilithium & Kyber, and enforce quantum-safe policies — all without changing application code.
Built for modern cloud infrastructure
Everything you need to secure cryptography for the quantum era
From discovery to enforcement, PostQ gives your team full visibility and control over cryptographic operations across every environment.
Quantum Risk Scanner
Automatically discover where your infrastructure relies on RSA, ECC, and other quantum-vulnerable cryptography.
- Detect RSA/ECC usage across cloud systems
- Identify "harvest now, decrypt later" risk
- Generate a risk score and migration plan
Hybrid Signing API
Combine classical and post-quantum signatures in a single API call. Drop-in compatible with existing workflows.
- Classical + post-quantum composite signatures
- Drop-in REST API for any application
- Integrates with Azure Key Vault, AWS KMS, HashiCorp Vault
Migration Control Plane
Safely move from classical to hybrid to fully post-quantum cryptography with rollout controls and canary testing.
- Classical → Hybrid → PQ migration path
- Canary rollouts with automatic fallback
- Per-service and per-environment controls
Crypto Observability
A real-time dashboard showing cryptographic algorithm usage, PQ adoption progress, and security posture across all systems.
- Dashboard showing crypto usage by service
- Track PQ adoption progress over time
- Alert on downgrade or insecure algorithm usage
Policy Enforcement
Define and enforce cryptographic policies across your entire infrastructure from a central control plane.
- Enforce "no classical-only crypto" rules
- Centralized governance across all environments
- Compliance reporting for NIST PQC standards
Quantum-safe in three steps
Connect your cloud environment
Deploy the PostQ agent to your Kubernetes cluster, or connect via cloud APIs. Setup takes under 5 minutes.
Scan and detect crypto usage
PostQ maps every cryptographic algorithm in use — TLS certificates, signing keys, encrypted data stores, and more.
Enable hybrid and enforce policies
Switch to hybrid cryptography with one click, then enforce quantum-safe policies to prevent regressions.
One API call. Hybrid signatures.
PostQ’s signing API returns composite signatures that combine classical and post-quantum algorithms. Your existing verification code keeps working — quantum safety is additive, not disruptive.
- Drop-in REST API with SDKs for Go, Python, Node.js
- Works with existing key vaults and KMS providers
- Signature format is backward-compatible
- Full OpenAPI spec and interactive docs
// Sign a payload with hybrid cryptography
const response = await fetch("https://api.postq.io/v1/sign", {
method: "POST",
headers: {
"Authorization": "Bearer pq_live_...",
"Content-Type": "application/json"
},
body: JSON.stringify({
payload: "SGVsbG8gUXVhbnR1bSBXb3JsZA==",
algorithm: "dilithium3+ed25519",
key_id: "vault://signing/production"
})
});
// Response includes both classical and PQ signatures
const { signature, classical_sig, pq_sig, algorithm }
= await response.json();
// → algorithm: "dilithium3+ed25519"
// → Both signatures are valid independentlyWho uses PostQ
PostQ turns cryptography from a fragmented, invisible problem into a centralized, observable, and enforceable system.
Platform Engineers
Manage cryptographic configurations across Kubernetes, cloud services, and CI/CD pipelines from a single control plane.
Security Engineers
Gain visibility into cryptographic posture, enforce quantum-safe policies, and generate compliance reports for audits.
Cloud Infrastructure Teams
Integrate quantum-safe cryptography into AWS, Azure, and GCP environments without disrupting existing workflows.
Start making your infrastructure quantum-safe today
Run your first quantum risk scan in under 5 minutes. No credit card required.