PQC Central - User Interface Components

1.0 Introduction

This article describes the user interface (UI) features of the Post-Quantum Cryptography (PQC) Central on Fortanix Key Insight.

2.0 Terminology References

For Fortanix Key Insight - PQC Central concepts and supported features, refer to PQC Central Concepts.

3.0 Access PQC Central UI

Users can access the PQC Central dashboard after adding an AWS, Azure, On-Premises, External Key Source (Fortanix DSM), or Vendor Application connection in Fortanix Key Insight.

After a connection is onboarded, you can access the PQC Central feature in the Fortanix Key Insight left navigation panel for the following connection types:

• All Connections: The PQC Central dashboard displays PQC readiness details for all connections within your Fortanix Key Insight account.

• Individual Connections: The PQC Central dashboard also displays the PQC readiness status and associated details for the following individual connection types:

  • Cloud

    • Amazon Web Services (AWS)

    • Azure

  • On-premises

    • Database

  • External Key Source

    • Fortanix DSM (SaaS and On-premises)

  • Vendor Application

    • CyberArk (SaaS and On-premises)

Click MANAGE CONNECTIONS to navigate to the Connections page.

For more information on how to manage different connections, refer to the following:

• Cloud: Getting Started With Cloud Connection

• On-Premises: Getting Started With On-Premises Connection

• External Key Source: Getting Started With External Key Source Connection

• Vendor Application: Getting Started with Vendor Application Connection

NOTE

• If an individual connection or all connections in your Fortanix Key Insight account were last scanned before the Fortanix Key Insight 25.04 release and have not been rescanned, the PQC dashboard will not display any data, even when you select All Connections or a specific connection type from the connection switcher. To view the latest PQC information, perform a Rescan for each connection to populate the appropriate data.

• If you add, edit, or remove any connections on the Fortanix Key Insight Connections page, the PQC data for all connections will be automatically updated and displayed accordingly.

3.1 Access PQC Central Feature Tour

The PQC Central feature tour appears only once, when you first access and launch PQC Central in Fortanix Key Insight, regardless of whether you are a new or existing user.

This introductory guide is designed to help new users quickly become familiar with the feature.

It consists of five concise walkthrough steps that highlight the core functionality of PQC Central, providing a brief overview of the user interface and navigation.

• Click NEXT at the end of each step to proceed. Click PREVIOUS to navigate to the previous step if required.

• At the final step, click FINISH to complete and close the feature tour.

4.0 Quantum Readiness Classification Criteria

This section describes how the Quantum Readiness percentage is calculated and how keys, services/resources, and certificates are classified as quantum safe or quantum vulnerable.

4.1 Quantum Readiness Percentage Calculation

The readiness percentage represents the proportion of cryptographic assets that are considered quantum safe within a connection or across all connections.

The percentage is calculated for all connections or the individual connections using the following formula:

total= keysTotal + resourcesTotal + certificatesTotal;

vulnerableTotal = keysVulnerableCount + resourcesVulnerableCount + certificatesVulnerableCount;

percentage = (((total - vulnerableTotal) / total) * 100)

For example, as shown in Figure 3:

• Total Keys (keysTotal) = 279

• Total Services/Resources (resourcesTotal) = 118

• Total Certificates (certificatesTotal) = 9

• Total Vulnerable Keys (keysVulnerableCount) = 85

• Total Vulnerable Services/Resources (resourcesVulnerableCount) = 27

• Total Vulnerable Certificates (certificatesVulnerableCount) = 9

Therefore, the percentage is (((279+118+9) - (85+27+9))/(279+118+9)) * 100 = 70%

NOTE

• If the calculated percentage has a decimal value of 0.5 or higher, it is rounded up to the next whole number. Otherwise, it is rounded down to the previous whole number.

  For example:

  • If the calculated percentage is 70.5%, the displayed value will be 71%.

  • If the calculated percentage is 70.4%, the displayed value will be 70%.

• The formula is valid for all available values. If certain values are not applicable or unavailable, consider using 0 where appropriate.

  For example, for an external key source connection, the values of resourcesTotal and resourcesVulnerableCount will be 0.

4.2 Quantum Safe Cryptographic Assets Calculation

For each connection or across all connections, certain key types are classified as quantum safe according to standards defined by National Institute of Standards and Technology (NIST).

• The following key types will be displayed as quantum safe ( ):

  • AWS: HMAC 224, HMAC 256, HMAC 384, HMAC 512, AES 256.

  • Azure: None of the key types.

  • On-premises: AES 256

  • External Key Source (Fortanix DSM): Leda Beta, Round5 Beta, LMS, MLDSA Beta, MLKEM Beta, AES and HMAC with sizes ≥ 256 bits.

  All other key types will be displayed as quantum vulnerable ().

• A service or resource is marked as quantum safe only if it is encrypted using only quantum-safe key(s). Otherwise, it is marked as quantum vulnerable.

• A certificate is marked as quantum safe only if the associated key algorithm is quantum safe. Otherwise, it is marked as quantum vulnerable.

5.0 Quantum Readiness - All Connections

Select All Connections from the connection switcher to view PQC data across all connections in your Fortanix Key Insight account. The dashboard will display consolidated PQC readiness information for every onboarded connection.

The All Connections PQC Central overview page provides a summary of PQC-vulnerable and PQC-safe keys, certificates, services, and resources across all connections, as outlined in the following sections:

5.1 Post Quantum Readiness

This section provides a summary of all vulnerability parameters and displays the counts for the following:

• The percentage of your assets that are quantum-safe. The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable. For more information on how to calculate the PQC readiness percentage, refer to Section 4.1: Quantum Readiness Percentage Calculation.

• Total number of Vulnerable keys out of the overall key count.

• Total number of Vulnerable certificates out of the overall certificate count.

• Total number of Vulnerable services and resources out of the overall services or resources count.

• Total number of Vulnerable connections out of the overall connection count.

• Total number of Vulnerable accounts and subscriptions out of the overall account or subscription count.

5.2 PQC Vulnerability by Cryptographic Assets

This section provides a Sunburst chart and a right-side summary panel that enables users to view PQC vulnerabilities across cryptographic assets, including keys, certificates, and services or resources.

NOTE

• The data displayed in the right-side panel updates dynamically based on the selection or drill-down performed in the Sunburst chart.

  For example, if you select Cloud connections in the Sunburst chart, the right-side panel displays only the cloud (AWS and Azure) information.

• In the Sunburst chart,

  • You cannot select the lowest-level node from the center in the hierarchy to drill down further.

  • If the entire chart appears Red, all your cryptographic assets are PQC-vulnerable.

  • If the entire chart appears Green, all your cryptographic assets are PQC-safe (quantum-safe).

    For more information on how cryptographic assets are assesssed for quantum safety, refer to Section 4.2: Quantum Safe Cryptographic Assets Calculation.

5.2.1 PQC Vulnerability by Keys

Sunburst Chart:

The PQC Vulnerability by Keys Sunburst chart in Fortanix Key Insight visually represents the distribution of keys across different levels of PQC readiness within your Fortanix Key Insight connections.

The chart displays the following hierarchical structure and interactive features:

• The center of the chart represents the root level (for example, All Connections).

• Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

  • Connection Type (Cloud, On-premises, External Key Source)

    • Specific connections for each connection type. For example, AWS and Azure for cloud connection.

      • Individual Keys

• Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe keys, if available.

  For example, you can view the number of on-premises keys that are vulnerable.

• Select any root or parent node at any level within the hierarchy to view a chart specific to that parent node.

  For example, if you click On-Prem, you can see details related to the on-prem keys in a separate chart.

• Green segments represent PQC safe (ready) keys.

• Red segments indicate PQC-vulnerable keys.

• Mixed segments show a combination of both, depending on the proportion of key types.

• You can drill down into specific keys to identify where vulnerabilities exist.

Right-Side Panel:

The right side of the Sunburst chart displays a summary of cryptographic asset connections and their PQC vulnerability status across different environments.

It includes the following sections:

• Cloud Connections

• On-Premises Connections

• External Key Source Connections

• The Cloud Connections section displays the following information:

  • Total number of Azure and AWS connections in your Fortanix Key Insight account.

    Perform the following steps:

    1. Click each connection (AWS or Azure) to view the list of onboarded AWS or Azure connections.

    2. From the list, select an AWS or Azure connection to navigate to its corresponding Keys page.

    3. Click BACK TO KEYS to navigate back.

  • Total number of Vulnerable accounts and subscriptions in the cloud connections.

  • Total number of Vulnerable regions in the cloud connections.

  • Total number of Vulnerable keys in the cloud connections.

• The On-Premises Connections section displays the following information:

  • Total number of on-premises connections in your Fortanix Key Insight account.

    Perform the following steps:

    1. Click the count of scanner connections to navigate to the list of onboarded on-premises connections.  

    2. From the list, select an on-premises connection to navigate to its corresponding Resources page.

    3. Click BACK TO RESOURCES to navigate back.

  • Total number of Vulnerable keys within your on-premises connections.

• The External Key Source section displays the following information:

  • Total number of Fortanix DSM connections in your Fortanix Key Insight account. Click the external key source connection count to navigate to the list of onboarded external key source connections.

  • Total number of Vulnerable keys within your Fortanix DSM connections.

5.2.2 PQC Vulnerability by Services or Resources

Sunburst Chart:

The PQC Vulnerability by Services/Resources Sunburst chart in Fortanix Key Insight visually represents the distribution of services or resources across various levels of PQC readiness within your Fortanix Key Insight cloud and on-premises connections.

The chart displays the following hierarchical structure and interactive features:

• The center of the chart represents the root level (for example, All Connections).

• Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

  • Connection Type (Cloud, On-Premises, External Key Source)

    • Specific connections for each connection type. For example, if it is cloud, it will be AWS or Azure.

      • Individual services or resources

• Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe services or resources, if available.

  For example, you can view the number of on-premises resources that are quantum safe.

• Select any root or parent node at any level within the hierarchy to view the chart specific to that parent node.

  For example, if you click On-Prem, you can see the details related to the on-prem resources in a separate chart.

• Green segments represent PQC safe (ready) resources or services.

• Red segments indicate PQC-vulnerable resources or services.

• Mixed segments show a combination of both, depending on the proportion of services or resource types.

• You can drill down into a specific service or resource to identify where vulnerabilities exist.

Right-Side Panel:

The right side of the Sunburst chart displays a summary of cryptographic asset connections and their PQC vulnerability status across different environments.

It includes the following sections:

• Cloud Connections

• On-Premises Connections

• The Cloud Connections section displays the following information:

  • Total number of Azure and AWS connections in your Fortanix Key Insight account.

    Perform the following steps:

    1. Click each connection (AWS or Azure) to view the list of onboarded AWS or Azure connections.

    2. From the list, select an AWS or Azure connection to navigate to its corresponding Services page.

    3. Click BACK TO SERVICES to navigate back.

  • Total number of Vulnerable accounts and subscriptions in the cloud connections.

  • Total number of Vulnerable regions in the cloud connections.

  • Total number of Vulnerable services in the cloud connections.

• The On-Premises Connections section displays the following information:

  • Total number of on-premises connections in your Fortanix Key Insight account.

    Perform the following steps:

    1. Click the count of scanner connections to navigate to the list of onboarded on-premises connections.  

    2. From the list, select an on-premises connection to navigate to its corresponding Resources page.

    3. Click BACK TO RESOURCES to navigate back.

    NOTE

    • The on-premises connection displays Containers and Source Code PQC data along with Database information. However, drilldown functionality is not supported for Containers and Source Code.

    • The connection details panel does not display vulnerable resource details for on-premises connections.

5.2.3 PQC Vulnerability by Certificates

Sunburst Chart:

The PQC Vulnerability by Certificates Sunburst chart in Fortanix Key Insight visually represents the distribution of certificates across various levels of PQC readiness within your Fortanix Key Insight AWS and Vendor application connections.

NOTE

PQC data related to certificates is available only when an AWS or Vendor Application connection with scanned certificates is onboarded. Certificate data is not displayed for External Key Source, On-Premises, or Azure connections, as these connection types currently do not support certificates in Fortanix Key Insight.

The chart displays the following hierarchical structure and interactive features:

• The center of the chart represents the root level (for example, Cloud connections).

• Each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

  • Connection Type (AWS or Vendor Application (such as CyberArk))

    • Individual certificates

• Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe certificates, if available.

  For example, you can view the number of AWS certificates that are vulnerable.

• Select any root or parent node at any level within the hierarchy to view the chart specific to that parent node.

  For example, if you click AWS, you can see the details related to the AWS certificates in a separate chart.

• Green segments represent PQC safe (ready) certificates.

• Red segments indicate PQC-vulnerable certificates.

• You can drill down into a specific certificate to identify where vulnerabilities exist.

Right-Side Panel:

The right side of the Sunburst chart displays a summary of cryptographic asset connections and their PQC vulnerability status across different environments.

It includes the following sections:

• Cloud Connections

• Vendor Applications

• The Cloud Connections section displays the following information:

  • Total number of AWS connections in your Fortanix Key Insight account.

    Perform the following steps:

    1. Click each AWS connection to view the list of onboarded AWS connections.

    2. From the list, select an AWS connection to navigate to its corresponding Certificates page.

    3. Click BACK TO CERTIFICATES to navigate back.

  • Total number of Vulnerable accounts in the cloud connections.

  • Total number of Vulnerable regions in the cloud connections.

  • Total number of Vulnerable certificates in the cloud connections.

• The Vendor Applications section displays the following information:

  • Total number of vendor application connections (For example, CyberArk (SaaS and On-premises) in your Fortanix Key Insight account. Click the count to navigate to the list of onboarded vendor application connections.

  • Total number of Vulnerable Certificates within your vendor applications connections.

6.0 Quantum Readiness - Individual Connections

You can select any of the following connections from the connection switcher to analyze the PQC readiness of that connection in Fortanix Key Insight:

• AWS connection

• Azure connection

• On-premises connection

• External Key Source (Fortanix DSM) connection

• CyberArk connection

NOTE

• In the PQC dashboard, click the number of vulnerable keys, certificates, or services to navigate to their respective list views.

• In the Sunburst chart:

  • Nodes at the center of the hierarchy cannot be selected for further drill-down.

  • Hover over any segment at any level in the hierarchy to highlight its association with the parent and root nodes, along with the total count of PQC-vulnerable or PQC-safe keys, if available.

    For example, you can view the number of RSA 4096 keys that are quantum vulnerable.

  • If the entire chart appears Red, all your cryptographic assets are PQC-vulnerable.

  • If the entire chart appears Green, all your cryptographic assets are PQC-safe (quantum-safe).

    For more information on how cryptographic assets are assesssed for quantum safety, refer to Section 4.2: Quantum Safe Cryptographic Assets Calculation.

6.1 AWS Connection

Select your AWS connection from the CLOUD section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.

The AWS PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys, certificates, and services within the selected AWS connection, as detailed in the following sections:

NOTE

PQC data for certificates is available only if an AWS cloud connection with scanned certificates has been onboarded.

• Post Quantum Readiness: This section provides a summary of all vulnerability parameters for the selected AWS connection and displays the counts for the following:

  • The percentage of your AWS assets that are quantum safe.

    The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable. For more information on how to calculate the PQC readiness percentage, refer to Section 4.1: Quantum Readiness Percentage Calculation.

  • Total number of Vulnerable keys out of the overall AWS keys.

  • Total number of Vulnerable certificates out of the overall AWS certificates.

  • Total number of Vulnerable services out of the overall AWS services.

  • Count of the selected connection if it is identified as vulnerable.

  • Total number of Vulnerable accounts in the selected AWS connection.

• PQC Vulnerability by Cryptographic Assets: This section enables users to visualize PQC vulnerabilities for the selected AWS connection based on the option selected under Group By: in the UI (Keys, Services, or Certificates).

  • Sunburst Chart: The Sunburst chart visually represents the distribution of keys, services, or certificates across PQC readiness levels within the selected AWS connection, based on the Group By: option selected in the UI.

    In the chart, each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

    • Connection type (AWS)

      • Individual keys, services, or certificates

  • Right-Side Panel: The right side of the Sunburst chart displays the following information based on the option selected under Group By: in the Sunburst chart:

    • The AWS Connection section:

      • Total number of AWS connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down. Select the AWS connection to navigate to its corresponding list view (keys, services, or certificates).

      • Total number of Vulnerable accounts. Click the accounts count to navigate to the accounts list.

      • Total number of Vulnerable regions. Click the regions count to navigate to the regions list.

      • Total number of Vulnerable Keys, Vulnerable Services, or Vulnerable Certificates. Click the count to navigate to the corresponding list view.

    • The Keys by Type, Services by Type, or Certificates by Type section: This section displays a list of assets categorized by type, along with the total count for each type and their color-coded PQC readiness status.

6.2 Azure Connection

Select your Azure connection from the CLOUD section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.

The Azure PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys and services within the selected Azure connection, as detailed in the following sections:

• Post Quantum Readiness: This section provides a summary of all vulnerability parameters for the selected Azure connection and displays the counts for the following:

  • The percentage of your Azure assets that are quantum safe. For more information on how to calculate the PQC readiness percentage, refer to Section 4.1: Quantum Readiness Percentage Calculation.

    The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable.

  • Total number of Vulnerable keys out of the overall Azure keys.

  • Total number of Vulnerable services out of the overall Azure services.

  • Count of the selected connection if it is identified as vulnerable.

  • Total number of Vulnerable subscriptions in the selected Azure connection.

• PQC Vulnerability by Cryptographic Assets: This section enables users to visualize PQC vulnerabilities for an Azure connection based on the option selected under Group By: in the UI (Keys or Services).

  NOTE

  The Group by: Certificates option is disabled because currently Fortanix Key Insight does not support certificates for Azure connections.

  • Sunburst Chart: The Sunburst chart visually represents the distribution of keys or services across PQC readiness levels within the selected Azure connection, based on the Group By: option selected in the UI.

    In the chart, each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

    • Connection type (Azure)

      • Individual keys or services

  • Right-Side Panel: The right side of the Sunburst chart displays the following information based on the option selected under Group By: in the Sunburst chart:

    • The Azure Connection section:

      • Total number of Azure connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down. Select the Azure connection to navigate to its corresponding list view (keys or services).

      • Total number of Vulnerable subscriptions. Click the subscription count to navigate to the list.

      • Total number of Vulnerable regions. Click the region’s count to navigate to the region list.

      • Total number of Vulnerable Keys or Vulnerable Services. Click the count to navigate to the corresponding list view.

    • The Keys by Type or Services by Type section: This section displays a list of assets categorized by type, along with the total count for each type and their color-coded PQC readiness status.

6.3 On-premises Connection

Select your on-premises connection from the ON-PREMISES section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.

The On-Premises PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys and services within the selected on-premises connection, as detailed in the following sections:

• Post Quantum Readiness: This section provides a summary of all vulnerability parameters for the selected on-premises connection and displays the counts for the following:

  • The percentage of your on-premises assets that are quantum safe.

    The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable. For more information on how to calculate the PQC readiness percentage, refer to Section 4.1: Quantum Readiness Percentage Calculation.

  • Total number of Vulnerable keys out of the overall on-premises keys.

  • Total number of Vulnerable resources out of the overall on-premises resources.

  • Count of the selected connection if it is identified as vulnerable.

• PQC Vulnerability by Cryptographic Assets: This section enables users to visualize PQC vulnerabilities for an on-premises connection based on the option selected under Group By: in the UI (Keys or Resources).

  NOTE

  The Group by: Certificates option is disabled because currently Fortanix Key Insight does not support certificates for on-premises connections.

  • Sunburst Chart: The Sunburst chart visually represents the distribution of keys or services across PQC readiness levels within the selected on-premises connection, based on the Group By: option selected in the UI.

    In the chart, each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

    • Connection type (On-premises)

      • Individual keys or resources

  • Right-Side Panel: The right side of the Sunburst chart displays the following information based on the option selected under Group By: in the Sunburst chart:

    • The On-Premises Connection section:

      • Total number of on-premises connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down. Select the on-premises connection to navigate to its corresponding list view (keys or resources).

      • Total number of Vulnerable keys. Click the count to navigate to the list.

    • The Keys by Type or Resources by Type section: This section displays a list of assets categorized by type, along with the total count for each type and their color-coded PQC readiness status.

  NOTE

  • The on-premises connection displays Containers and Source Code PQC data along with Database information. However, drilldown functionality is not supported for Containers or Source Code.

  • The connection details panel does not display vulnerable resource details for on-premises connections.

6.4 External Key Source Connection

Select your external key source connection from the EXTERNAL KEY SOURCE section of the connection switcher drop down to view its associated PQC data. The dashboard will then display the consolidated PQC readiness information for the selected connection.

The external key source PQC overview page provides a summary of PQC-vulnerable and PQC-safe keys within the selected external key source connection, as detailed in the following sections:

• Post Quantum Readiness: This section provides a summary of all vulnerability parameters for the selected external key source connection and displays the counts for the following:

  • The percentage of your external key source assets that are quantum safe.

    The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable. For more information on how to calculate the PQC readiness percentage, refer to Section 4.1: Quantum Readiness Percentage Calculation.

  • Total number of Vulnerable keys out of the overall external key source keys.

  • Count of the selected connection if it is identified as vulnerable.

• PQC Vulnerability by Cryptographic Assets: This section enables users to visualize PQC vulnerabilities for an external key source connection based on the option selected under Group By: in the UI (Keys).

  NOTE

  The Group by: Services and Group by: Certificates options are disabled because currently Fortanix Key Insight does not support services and certificates for an external key source connection.

  • Sunburst Chart: The Sunburst chart visually represents the distribution of keys or services across PQC readiness levels within the selected external key source connection, based on the Group By: option selected in the UI.

    In the chart, each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

    • Connection type (DSM)

      • Individual keys

  • Right-Side Panel: The right side of the Sunburst chart displays the following information based on the option selected under Group By: in the Sunburst chart:

    • The External Key Source section:

      • Total number of external key source connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down. Select the external key source connection to navigate to its corresponding keys list view.

      • Total number of Vulnerable keys. Click the count to navigate to the list.

    • The Keys by Type section: This section displays a list of assets categorized by type, along with the total count for each type and their color-coded PQC readiness status.

6.5 CyberArk Connection

Select your CyberArk (SaaS or On-premises) connection from the VENDOR APPLICATIONS section of the connection switcher drop down to view its associated PQC data. The dashboard displays the consolidated PQC readiness information for the selected connection.

The CyberArk PQC overview page provides a summary of PQC-vulnerable and PQC-safe certificates within the selected CyberArk connection, as detailed in the following sections:

• Post Quantum Readiness: This section provides a summary of all vulnerability metrics for the selected CyberArk connection and displays the counts for the following:

  • The percentage of your CyberArk assets that are quantum safe.

    The percentage is represented using a color-coded scale, where all green indicates 100% PQC-safe, and all red indicates 100% PQC-vulnerable. For more information on how to calculate the PQC readiness percentage, refer to Section 4.1: Quantum Readiness Percentage Calculation.

  • Total number of Vulnerable certificates out of all scanned CyberArk certificates.

  • Count of the selected connections if it is identified as vulnerable.

• PQC Vulnerability by Cryptographic Assets: This section enables users to visualize PQC vulnerabilities for a CyberArk connection based on the option selected under Group By: in the UI (Certificates).

  NOTE

  The Group by: Keys and Group by: Services/Resources options are disabled because Fortanix Key Insight currently does not support keys or services/resources for CyberArk connections.

  • Sunburst Chart: The Sunburst chart visually represents the distribution of keys or services across PQC readiness levels within the selected CyberArk connection, based on the Group By: option selected in the UI.

    In the chart, each concentric ring moves outward to represent increasing levels of granularity, displaying the following hierarchy:

    • Connection type (CyberArk)

      • Individual certificates

  • Right-Side Panel: The right side of the Sunburst chart displays the following information based on the option selected under Group By: in the Sunburst chart:

    • The CyberArk Connection section:

      • Total number of CyberArk connections. This value is always 1, as only one connection can be selected at a time from the connection switcher drop down. Select the CyberArk connection to navigate to its corresponding keys list view.

      • Total number of Vulnerable certificates. Click the count to navigate to the list.

    • The Certificates by Type section: This section displays a list of assets categorized by type, along with the total count for each type and their color-coded PQC readiness status.