How scoring works
The PQC readiness score, explained
The PostQ readiness score is a 0–100 indicator of how prepared an endpoint is for the post-quantum transition. Higher is more ready. It is a readiness indicator, not a guarantee of security.
Scoring categories
| Category | Weight | What it measures |
|---|---|---|
| External TLS exposure | 15% | Are deprecated TLS versions disabled and TLS 1.3 available? |
| Certificate algorithm risk | 20% | Quantum posture of the leaf certificate public key (RSA/ECDSA vs PQ). |
| Signature algorithm risk | 15% | Quantum posture of the certificate signature algorithm. |
| Key exchange risk | 20% | Does hybrid key exchange protect against harvest-now-decrypt-later? |
| Long-lived certificate risk | 10% | Shorter certificate lifetimes improve crypto-agility. |
| Inventory completeness | 10% | An external scan sees public endpoints only — internal assets need the agent. |
| Migration readiness | 10% | How ready is the endpoint to adopt hybrid/PQ cryptography? |
Severity labels
PQ-ready90–100
Hybrid-ready70–89 (with hybrid)
Low risk75–100
Medium risk55–74
High risk35–54
Critical risk0–34
See a real score in the sample report or scan your domain.