1.0 Introduction
This article describes the user interface (UI) features of the Post-Quantum Cryptography (PQC) Central on Fortanix Key Insight.
2.0 Terminology References
For Fortanix Key Insight - PQC Central terminologies, refer to Fortanix Key Insight for PQC Central Concepts.
3.0 Access PQC Central
Users can access the PQC Central dashboard after adding an AWS, Azure, On-Premises, or external key source connection in Fortanix Key Insight.
Once a connection is onboarded, you can access the PQC Central menu in the Fortanix Key Insight left navigation panel for the following connection types:
All Connections: The PQC Central dashboard displays PQC readiness details for all connections within your Fortanix Key Insight account.
Individual Connections: The PQC Central dashboard also displays the PQC readiness status and associated details for the following individual connection types, provided they have been onboarded to your Fortanix Key Insight account:
Cloud
Amazon Web Services (AWS)
Azure
On-Premises
External Key Source

Figure 1: Access connection switcher
Click MANAGE CONNECTIONS to navigate to the Connections page.
For more information on how to manage different connections, refer to the following:
NOTE
If an individual connection or all connections in your Fortanix Key Insight account were last scanned before the KI 25.04 release and have not been rescanned, the PQC dashboard will not display any data—even when you select All Connections or a specific connection type (Cloud, On-Premises, or External Key Source) from the connection switcher. To view the latest PQC information, perform a Rescan for each connection to populate the appropriate data.
For each connection or all connections,
The following key types will be displayed as quantum safe (
) according to the standards of the National Institute of Standards and Technology (NIST):
AWS: HMAC 224, HMAC 256, HMAC 384, HMAC 512, AES 256.
Azure: None of the key types.
On-premises: AES 256
External Key Source (Fortanix DSM): Leda Beta, Round5 Beta, LMS, MLDSA Beta, MLKEM Beta, AES and HMAC with sizes equal to or greater than 256 in.
All other key types will be displayed as quantum vulnerable (
).
A service or resource is marked as quantum safe only if it is encrypted using only quantum-safe key(s). Otherwise, it is marked as quantum vulnerable.
An AWS certificate is marked as quantum safe only if the associated key algorithm is quantum safe. Otherwise, it is marked as quantum vulnerable.
If you add, edit, or remove any connections on the Fortanix Key Insight Connections page, the PQC data for all connections will be automatically updated and displayed accordingly.
3.1 Access PQC Central Feature Tour
The PQC Central feature tour appears only once, when you first access and launch PQC Central in Fortanix Key Insight, regardless of whether you are a new or existing user.
This introductory guide is designed to help new users quickly become familiar with the feature.
It consists of five concise walkthrough steps that highlight the core functionality of PQC Central, providing a brief overview of the user interface and navigation.
.png?sv=2022-11-02&spr=https&st=2025-08-08T12%3A10%3A51Z&se=2025-08-08T12%3A47%3A51Z&sr=c&sp=r&sig=alWR50AkZHVd8XU8YFDNFtdut%2FOeA%2FHk93Wsl9JFYGg%3D)
Figure 2: Access the PQC Central feature tour
Click NEXT at the end of each step to proceed. Click PREVIOUS to navigate to the previous step if required.
At the final step, click FINISH to complete and close the feature tour.
4.0 PQC Central – All Connections
Select All Connections from the connection switcher to view PQC data across all connections in your Fortanix Key Insight account. The dashboard will display consolidated PQC readiness information for every onboarded connection.

Figure 3: Access All Connections overview
The All Connections PQC Central overview page provides a summary of PQC-vulnerable and PQC-safe keys, certificates, services, and resources across all connections, as outlined in the following sections:
4.1 Post Quantum Readiness
This section provides a summary of all vulnerability parameters and displays the counts for the following:
The percentage of your assets that are quantum-safe. The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable.
NOTE
The percentage is calculated for all connections or the individual connections using the following formula:
total= keysTotal + resourcesTotal + certficatesTotal;
vulnerableTotal = keysVulnerableCount + resourcesVulnerableCount + certficatesVulnerableCount;
percentage = (((total - vulnerableTotal) / total) * 100)
For example, as shown in Figure 3:
Total Keys (keysTotal) = 279
Total Services/Resources (resourcesTotal) = 118
Total Certificates (certficatesTotal) = 9
Total Vulnerable Keys (keysVulnerableCount) = 85
Total Vulnerable Services/Resources (resourcesVulnerableCount) = 27
Total Vulnerable Certificates (certficatesVulnerableCount) = 9
Therefore, the percentage is (((279+118+9) - (85+27+9))/(279+118+9)) * 100 = 70%
If the calculated percentage has a decimal value of 0.5 or higher, it is rounded up to the next whole number. Otherwise, it is rounded down to the previous whole number.
For example:
If the calculated percentage is 70.5%, the displayed value will be 71%.
If the calculated percentage is 70.4%, the displayed value will be 70%.
The formula is valid for all available values. If certain values are not applicable or unavailable, consider using 0 where appropriate.
For example, for an external key source connection, the values of resourcesTotal and resourcesVulnerableCount will be 0.
Total number of Vulnerable keys out of the overall key count.
Total number of Vulnerable certificates out of the overall certificate count.
Total number of Vulnerable services and resources out of the overall services or resources count.
Total number of Vulnerable connections out of the overall connection count.
Total number of Vulnerable accounts and subscriptions out of the overall account or subscription count.
4.2 PQC Vulnerability by Cryptographic Assets
The Sunburst chart in this section enables users to view PQC vulnerabilities by key, certificate, and service or resource.
4.2.1 PQC Vulnerability by Keys
The PQC Vulnerability by Keys Sunburst chart in Fortanix Key Insight visually represents the distribution of keys across different levels of PQC readiness within your Fortanix Key Insight connections.

Figure 4: PQC vulnerability by keys
The chart displays the following hierarchical structure and interactive features:
The center of the chart represents the root level (for example, All Connections).
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection Type (Cloud, On-Premises, External Key Source)
Specific connections for each connection type. For example, AWS and Azure for cloud connection.
Individual Keys
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe keys, if available.
For example, you can view the number of on-premises keys that are vulnerable.
Figure 5: Hover over a specific key type
Select any root or parent node at any level within the hierarchy to view a chart specific to that parent node.
For example, if you click On-Prem, you can see details related to the on-prem keys in a separate chart.
NOTE
You cannot select the lowest-level node from the center in the hierarchy to drill down further.
Green segments represent PQC safe (ready) keys.
Red segments indicate PQC-vulnerable keys.
NOTE
If the entire chart is red, all your keys are PQC-vulnerable.
If the entire chart is green, all your keys are PQC-safe (quantum-safe).
Mixed segments show a combination of both, depending on the proportion of key types.
You can drill down into specific keys to identify where vulnerabilities exist.
On the right side of the Sunburst chart, you can see the PQC readiness details for each connection with the following details:

Figure 6: Access PQC right side panel
Cloud Connections: This section displays the following:
Total number of Azure and AWS connections in your Fortanix Key Insight account.
Click each connection (AWS or Azure) to view the list of onboarded AWS or Azure connections.
From the list, select an AWS or Azure connection to navigate to its corresponding Keys page.
Click BACK TO KEYS to navigate back.
Total number of Vulnerable accounts and subscriptions in the cloud connections.
Total number of Vulnerable regions in the cloud connections.
Total number of Vulnerable keys in the cloud connections.
On-Premises Connections: This section displays the following:
Total number of on-premises connections in your Fortanix Key Insight account.
Click the count of scanner connections to navigate to the list of onboarded on-premises connections.
From the list, select an on-premises connection to navigate to its corresponding Resources page.
Click BACK TO RESOURCES to navigate back.
Total number of Vulnerable keys within your on-premises connections.
External Key Source: This section displays the following:
Total number of Fortanix DSM connections in your Fortanix Key Insight account. Click the external key source connection count to navigate to the list of onboarded external key source connections.
Total number of Vulnerable keys within your Fortanix DSM connections.
The data displayed in the right-side panel updates based on your selection or drill down in the Sunburst chart.
For example, if you select Cloud connections in the Sunburst chart, the details panel will display the following information:

Figure 7: Data displayed according to the drill down
Use the breadcrumbs or click BACK TO ALL KEYS to navigate to the immediate parent or return to the main chart whenever required.
4.2.2 PQC Vulnerability by Services or Resources
The PQC Vulnerability by Services/Resources Sunburst chart in Fortanix Key Insight visually represents the distribution of services or resources across various levels of PQC readiness within your Fortanix Key Insight cloud and on-premises connections.

Figure 8: PQC Vulnerability by services or resources
The chart displays the following hierarchical structure and interactive features:
The center of the chart represents the root level (for example, All Connections).
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection Type (Cloud, On-Premises, External Key Source)
Specific connections for each connection type. For example, if it is cloud, it will be AWS or Azure.
Individual services or resources
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe services or resources, if available.
For example, you can view the number of on-premises resources that are quantum safe.
Figure 9: Hover over a specific resource type
Select any root or parent node at any level within the hierarchy to view the chart specific to that parent node.
For example, if you click On-Prem, you can see the details related to the on-prem resources in a separate chart.
NOTE
You cannot select the lowest-level node from the center in the hierarchy to drill down further.
The External connection details will not be displayed, as it does not support services or resources.
Green segments represent PQC safe (ready) resources or services.
Red segments indicate PQC-vulnerable resources or services.
NOTE
If the entire chart is red, all your services or resources are PQC-vulnerable.
If the entire chart is green, all your services or resources are PQC-safe (quantum-safe).
Mixed segments show a combination of both, depending on the proportion of services or resource types.
You can drill down into a specific service or resource to identify where vulnerabilities exist.
On the right side of the Sunburst chart, you can see the PQC readiness details for each connection with the following details:

Figure 10: Access PQC by the services side panel
Cloud Connections: This section displays the following:
Total number of Azure and AWS connections in your Fortanix Key Insight account.
Click each connection (AWS or Azure) to view the list of onboarded AWS or Azure connections.
From the list, select an AWS or Azure connection to navigate to its corresponding Services page.
Click BACK TO SERVICES to navigate back.
Total number of Vulnerable accounts and subscriptions in the cloud connections.
Total number of Vulnerable regions in the cloud connections.
Total number of Vulnerable services in the cloud connections.
On-Premises Connections: This section displays the following:
Total number of on-premises connections in your Fortanix Key Insight account.
Click the count of scanner connections to navigate to the list of onboarded on-premises connections.
From the list, select an on-premises connection to navigate to its corresponding Resources page.
Click BACK TO RESOURCES to navigate back.
Total number of Vulnerable resources within your on-premises connections.
The data displayed in the right-side panel updates based on your selection or drill down in the Sunburst chart.
For example, if you select Cloud connections in the Sunburst chart, the details panel will display the following:

Figure 11: Data displayed according to the drill down
Use the breadcrumbs or click BACK TO ALL SERVICES/RESOURCES to navigate to the immediate parent or return to the main chart whenever required.
4.2.3 PQC Vulnerability by Certificates
The PQC Vulnerability by Certificates Sunburst chart in Fortanix Key Insight visually represents the distribution of certificates across various levels of PQC readiness within your Fortanix Key Insight AWS connections.
NOTE
PQC data related to certificates is accessible only if you have onboarded an AWS cloud connection that includes scanned certificates.

Figure 12: Access PQC vulnerability by certificates
The chart displays the following hierarchical structure and interactive features:
The center of the chart represents the root level (for example, Cloud connections).
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection Type (AWS)
Individual certificates
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe certificates, if available.
For example, you can view the number of AWS certificates that are vulnerable.
Figure 13: Hover over a specific certificate
Select any root or parent node at any level within the hierarchy to view the chart specific to that parent node.
For example, if you click AWS, you can see the details related to the AWS certificates in a separate chart.
NOTE
You cannot select the lowest-level node from the center in the hierarchy to drill down further.
Certificate data for External, On-Premises, and Azure connections will not be displayed, as these connection types do not currently support certificates in Fortanix Key Insight.
Green segments represent PQC safe (ready) certificates.
Red segments indicate PQC-vulnerable certificates.
NOTE
If the entire chart is red, all your certificates are PQC-vulnerable.
If the entire chart is green, all your certificates are PQC-safe (quantum-safe).
You can drill down into a specific certificate to identify where vulnerabilities exist.
On the right side of the Sunburst chart, you can see the PQC readiness details for each connection with the following details:

Figure 14: Access PQC through the certificates side panel
Cloud Connections: This section displays the following:
Total number of AWS connections in your Fortanix Key Insight account.
Click each AWS connection to view the list of onboarded AWS connections.
From the list, select an AWS connection to navigate to its corresponding Certificates page.
Click BACK TO CERTIFICATES to navigate back.
Total number of Vulnerable accounts in the cloud connections.
Total number of Vulnerable regions in the cloud connections.
Total number of Vulnerable certificates in the cloud connections.
The data displayed in the right-side panel updates based on your selection or drill down in the Sunburst chart.
For example, if you select AWS connections in the Sunburst chart, the details panel will display the following:

Figure 15: Drill Down data in certificates
Use the breadcrumbs or click BACK TO ALL CERTIFICATES to navigate to the immediate parent or return to the main chart whenever required.
5.0 PQC Central – AWS Connection
Select your AWS connection from the CLOUD section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.
NOTE
PQC data related to certificates is accessible only if you have onboarded an AWS cloud connection that includes scanned certificates.

Figure 16: Access the AWS PQC overview
The AWS PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys, certificates, and services within the selected AWS connection, as detailed in the following sections:
5.1 Post Quantum Readiness – AWS Connection
This section provides a summary of all vulnerability parameters for the selected AWS connection and displays the counts for the following:
The percentage of your AWS assets that are quantum safe.
The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable.
Total number of Vulnerable keys out of the overall AWS keys.
Total number of Vulnerable certificates out of the overall AWS certificates.
Total number of Vulnerable services out of the overall AWS services.
NOTE
Click the number of vulnerable keys, certificates, or services to navigate to their respective list view.
Count of the selected connection if it is identified as vulnerable.
Total number of Vulnerable accounts in the selected AWS connection.
5.2 PQC Vulnerability by Cryptographic Assets – AWS Connection
This section allows users to visualize PQC vulnerabilities by keys, certificates, and services for an AWS connection using the Sunburst chart.
5.2.1 PQC Vulnerability by Keys – AWS Connection
The PQC Vulnerability by Keys Sunburst chart visually represents the distribution of keys across various levels of PQC readiness within your AWS connection.
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (AWS)
Individual keys
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe keys, if available.
For example, you can view the number of AES 256 keys that are quantum safe.
You cannot select any node from the center in the hierarchy to drill down further.
Green segments represent PQC-safe (ready) keys.
Red segments indicate PQC-vulnerable keys.
On the right side of the Sunburst chart, you can see the PQC readiness details for the AWS connection with the following details:
AWS Connection: This section displays the following:
Total number of AWS connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate to the AWS Connection section.
Select the AWS connection to navigate to its corresponding Keys page.
Click BACK TO KEYS to navigate back.
Total number of Vulnerable accounts. Click the accounts count to navigate to the accounts list.
Total number of Vulnerable regions. Click the regions count to navigate to the regions list.
Total number of Vulnerable keys. Click the keys count to navigate to the keys list view.
Keys by Type: This section displays a list of keys categorized by type, along with the total count for each type and their color-coded PQC readiness status.
5.2.2 PQC Vulnerability by Services – AWS Connection
The PQC Vulnerability by Services Sunburst chart visually represents the distribution of services across various levels of PQC readiness within your AWS connection.

Figure 17: AWS PQC vulnerability by services
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (AWS)
Individual services
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe services, if available. For example, you can view the number of S3 services that are quantum safe.
You cannot select the lowest-level node from the center in the hierarchy to drill down further.
Green segments represent PQC safe (ready) services.
Red segments indicate PQC-vulnerable services.
On the right side of the Sunburst chart, you can see the PQC readiness details for the AWS connection with the following details:
AWS Connection: This section displays the following:
Total number of AWS connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate to the AWS Connection section.
Select the AWS connection to navigate to its corresponding Services list page.
Click BACK TO SERVICES to navigate back.
Total number of Vulnerable accounts. Click the accounts count to navigate to the accounts list.
Total number of Vulnerable regions. Click the regions count to navigate to the regions list.
Total number of Vulnerable services. Click the services count to navigate to the list view.
Services by Type: This section displays a list of services categorized by type, along with the total count for each type and their color-coded PQC readiness status.
5.2.3 PQC Vulnerability by Certificates - AWS Connection
The PQC Vulnerability by Certificates Sunburst chart visually represents the distribution of certificates across various levels of PQC readiness within your AWS connection.

Figure 18: AWS PQC vulnerability by certificates
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (AWS)
Individual certificates
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe certificates, if available.
For example, you can view the number of RSA 2048 certificates that are quantum safe.
You cannot select any node from the center in the hierarchy to drill down further.
Green segments represent PQC-safe (ready) certificates.
Red segments indicate PQC-vulnerable certificates.
On the right side of the Sunburst chart, you can see the PQC readiness details for the AWS connection with the following details:
AWS Connection: This section displays the following:
Total number of AWS connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate to the AWS Connection section.
Select the AWS connection count to navigate to its corresponding Certificates page.
Click BACK TO CERTIFICATES to navigate back.
Total number of Vulnerable accounts. Click the accounts count to navigate to the accounts list.
Total number of Vulnerable regions. Click the regions count to navigate to the regions list.
Total number of Vulnerable certificates. Click the certificate count to navigate to the certificates list.
Certificates by Type: This section displays a list of certificates categorized by type, along with the total count for each type and their color-coded PQC readiness status.
6.0 PQC Central – Azure Connection
Select your Azure connection from the CLOUD section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.
.png?sv=2022-11-02&spr=https&st=2025-08-08T12%3A10%3A51Z&se=2025-08-08T12%3A47%3A51Z&sr=c&sp=r&sig=alWR50AkZHVd8XU8YFDNFtdut%2FOeA%2FHk93Wsl9JFYGg%3D)
Figure 19: Access the Azure PQC overview
The Azure PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys and services within the selected Azure connection, as detailed in the following sections:
6.1 Post Quantum Readiness – Azure Connection
This section provides a summary of all vulnerability parameters for the selected Azure connection and displays the counts for the following:
The percentage of your Azure assets that are quantum safe.
The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable.
Total number of Vulnerable keys out of the overall Azure keys.
Total number of Vulnerable services out of the overall Azure services.
NOTE
Click the number of vulnerable keys or services to navigate to their respective list view.
Count of the selected connection if it is identified as vulnerable.
Total number of Vulnerable subscriptions in the selected Azure connection.
6.2 PQC Vulnerability by Cryptographic Assets – Azure Connection
This section allows users to visualize PQC vulnerabilities by keys and services for an Azure connection using the Sunburst chart.
NOTE
The Group by: Certificates radio button is disabled because currently Fortanix Key Insight does not support certificates for Azure connections.
6.2.1 PQC Vulnerability by Keys – Azure Connection
The PQC Vulnerability by Keys Sunburst chart visually represents the distribution of keys across various levels of PQC readiness within your Azure connection.
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (Azure)
Individual keys
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe keys, if available.
For example, you can view the number of RSA 4096 keys that are quantum vulnerable.
You cannot select any node from the center in the hierarchy to drill down further.
On the right side of the Sunburst chart, you can see the PQC readiness details for the Azure connection with the following details:
Azure Connection: This section displays the following:
Total number of Azure connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate to the Azure Connection section.
From the list, select a connection to navigate to its corresponding Keys page.
Click BACK TO KEYS to navigate back.
Total number of Vulnerable subscriptions. Click the subscription count to navigate to the list.
Total number of Vulnerable regions. Click the region’s count to navigate to the region list.
Total number of Vulnerable keys. Click the key count to navigate to the key list view.
Keys by Type: This section displays the list of keys categorized by type, along with the total count for each type and their color-coded PQC readiness status.
6.2.2 PQC Vulnerability by Services – Azure Connection
The PQC Vulnerability by Services Sunburst chart visually represents the distribution of services across various levels of PQC readiness within your Azure connection.

Figure 20: Azure PQC vulnerability by services
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (Azure)
Individual services
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe services, if available.
For example, you can view the number of Storage Accounts services that are quantum vulnerable.
You cannot select the lowest-level node from the center in the hierarchy to drill down further.
On the right side of the Sunburst chart, you can see the PQC readiness details for the Azure connection with the following details:
Azure Connection: This section displays the following:
Total number of Azure connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate to the Azure Connection section.
From the list, select a connection to navigate to its corresponding Services list page.
Click BACK TO SERVICES to navigate back.
Total number of Vulnerable subscriptions. Click the subscriptions count to navigate to the list.
Total number of Vulnerable regions. Click the regions count to navigate to the regions list.
Total number of Vulnerable services. Click the services count to navigate to the services list view.
Services by Type: This section displays a list of services categorized by type, along with the total count for each type and their color-coded PQC readiness status.
7.0 PQC Central – On-Premises Connection
Select your on-premises connection from the ON-PREMISES section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.
.png?sv=2022-11-02&spr=https&st=2025-08-08T12%3A10%3A51Z&se=2025-08-08T12%3A47%3A51Z&sr=c&sp=r&sig=alWR50AkZHVd8XU8YFDNFtdut%2FOeA%2FHk93Wsl9JFYGg%3D)
Figure 21: Access the on-premises PQC overview
The On-Premises PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys and services within the selected on-premises connection, as detailed in the following sections:
7.1 Post Quantum Readiness – On-premises Connection
This section provides a summary of all vulnerability parameters for the selected on-premises connection and displays the counts for the following:
The percentage of your on-premises assets that are quantum safe.
The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable.
Total number of Vulnerable keys out of the overall on-premises keys.
Total number of Vulnerable resources out of the overall on-premises resources.
NOTE
Click the number of vulnerable keys or resources to navigate to their respective list view.
Count of the selected connection if it is identified as vulnerable.
7.2 PQC Vulnerability by Cryptographic Assets – On-Premises Connection
This section allows users to visualize PQC vulnerabilities by keys and resources for an on-premises connection using the Sunburst chart.
NOTE
The Group by: Certificates radio button is disabled because currently Fortanix Key Insight does not support certificates for on-premises connections.
7.2.1 PQC Vulnerability by Keys – On-Premises Connection
The PQC Vulnerability by Keys Sunburst chart visually represents the distribution of keys across various levels of PQC readiness within your on-premises connection.
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (Databases)
Individual keys
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe keys, if available.
For example, you can view the number of AES 256 keys that are quantum safe.
You cannot select any node from the center in the hierarchy to drill down further.
On the right side of the Sunburst chart, you can see the PQC readiness details for the on-premises connection with the following details:
On-Premises Connection: This section displays the following:
Total number of on-premises connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate to the On-Prem Connection section.
Select the connection to navigate to its corresponding Keys page.
Click BACK TO KEYS to navigate back.
Total number of Vulnerable keys. Click the keys count to navigate to the keys list view.
Keys by Type: This section displays a list of keys categorized by type, along with the total count for each type and their color-coded PQC readiness status.
7.2.2 PQC Vulnerability by Resources – On-Premises Connection
The PQC Vulnerability by Resources Sunburst chart visually represents the distribution of resources across various levels of PQC readiness within your on-premises connection.

Figure 22: On-Premises PQC vulnerability by resources
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (Databases)
Individual resources
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe services, if available.
For example, you can view the number of MSSQL databases that are quantum vulnerable.
You cannot select the lowest-level node from the center in the hierarchy to drill down further.
On the right side of the Sunburst chart, you can see the PQC readiness details for the on-premises connection with the following details:
On-Premises Connection: This section displays the following:
Total number of on-premises connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate On-Prem Connection section.
Select the connection to navigate to its corresponding Resources list page.
Click BACK TO RESOURCES to navigate back.
Total number of Vulnerable resources. Click the resources count to navigate to the resources list view.
Resources by Type: This section displays the list of resources categorized by type, along with the total count for each type and their color-coded PQC readiness status.
8.0 PQC Central – External Key Source Connection
Select your external key source connection from the EXTERNAL KEY SOURCE section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.
.png?sv=2022-11-02&spr=https&st=2025-08-08T12%3A10%3A51Z&se=2025-08-08T12%3A47%3A51Z&sr=c&sp=r&sig=alWR50AkZHVd8XU8YFDNFtdut%2FOeA%2FHk93Wsl9JFYGg%3D)
Figure 23: Access the external key source PQC overview
The external key source PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys within the selected external key source connection, as detailed in the following sections:
8.1 Post Quantum Readiness – External Key Source Connection
This section provides a summary of all vulnerability parameters for the selected external key source connection and displays the counts for the following:
The percentage of your external key source assets that are quantum safe.
The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable.
Total number of Vulnerable keys out of the overall external key source keys.
NOTE
Click the number of vulnerable keys to navigate to their respective list view on the Keys page.
Count of the selected connection if it is identified as vulnerable.
8.2 PQC Vulnerability by Cryptographic Assets – External Key Source Connection
This section allows users to visualize PQC vulnerabilities by keys and services for an external key source connection using the Sunburst chart.
NOTE
The Group by: Services and Group by: Certificates radio buttons are disabled because currently Fortanix Key Insight does not support services and certificates for an external key source connection.
8.2.1 PQC Vulnerability by Keys – External Key Source Connection
The PQC Vulnerability by Keys Sunburst chart visually represents the distribution of keys across various levels of PQC readiness within your external key source connection.
The chart displays the following hierarchical structure and interactive features:
Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:
Connection type (DSM)
Individual keys
Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe keys, if available.
For example, you can view the number of AES 256 keys that are quantum safe.
You cannot select any node from the center in the hierarchy to drill down further.
On the right side of the Sunburst chart, you can see the PQC readiness details for the external key source connection with the following details:
External Key Source Connection: This section displays the following:
Total number of DSM connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down.
Click the connection to navigate to the DSM Connection section.
Select the connection to navigate to its corresponding Keys page.
Click BACK TO KEYS to navigate back.
Total number of Vulnerable keys. Click the keys count to navigate to the keys list view.
Keys by Type: This section displays the list of keys categorized by type, along with the total count for each type and their color-coded PQC readiness status.