A developer-first alternative for PQC discovery and readiness
PQShield is well known for deep post-quantum cryptography implementations and cryptographic products. PostQ solves a different, complementary problem: helping developer and security teams discover where quantum-vulnerable cryptography lives and generate a readiness report. PostQ is useful before, during, and alongside any migration.
No signup required for the basic TLS scan. We only inspect public metadata.
- Free external scan to get started immediately
- Cryptographic inventory across TLS, cloud, Kubernetes, JWTs
- Shareable readiness reports for security reviews
- Complements — not replaces — deep PQC implementations
Complementary, not competing
| PostQ | PQShield | |
|---|---|---|
| Primary focus | Discovery, scanning, inventory, and readiness reporting | Deep PQC implementations and cryptographic products |
| Best for | Security & platform teams mapping their PQC risk | Teams embedding certified PQC implementations into products |
| Starting point | Free external TLS/certificate scan, no signup | Engagement with cryptographic product/IP |
| Output | Shareable readiness report + cryptographic inventory | Cryptographic libraries, hardware IP, and SDKs |
| Where it fits | Before, during, and alongside migration | Implementation phase of migration |
This comparison reflects PostQ’s understanding of each product’s focus and is intended to be fair and non-aggressive. PQShield is a trademark of its respective owner; PostQ is not affiliated with or endorsed by PQShield.
See where your quantum-vulnerable crypto lives
Run a free scan in the PostQ dashboard to discover RSA, ECDSA, and DH exposure across your stack and generate a shareable readiness report.
Frequently asked questions
Is PostQ a replacement for PQShield?
No. They solve complementary problems. PQShield provides deep PQC implementations and cryptographic products; PostQ provides developer-first discovery, scanning, inventory, and readiness reporting. Many teams would use discovery and readiness tooling before and alongside an implementation partner.
When would I use PostQ?
Use PostQ when you need to answer 'where are we using quantum-vulnerable cryptography, and what should we migrate first?' — that is, the discovery, inventory, and prioritization phase, and to produce audit evidence.
Does PostQ implement post-quantum algorithms?
PostQ references the NIST standards (ML-KEM, ML-DSA, SLH-DSA) and detects vulnerable algorithms. Its scanner focuses on discovery and readiness rather than shipping certified cryptographic implementations.
Can I use both?
Yes. PostQ's inventory and readiness reporting helps you scope and prioritize work that an implementation-focused vendor or your own teams then carry out.
Run a free PQC readiness scan
Scan any public domain for quantum-vulnerable TLS, certificate, and key-exchange cryptography. No signup required.
No signup required for the basic TLS scan. We only inspect public metadata.