Skip to content
Get in touch

Know your cryptographic risks

Catalog your crypto inventory and determine the risks your tech stack presents to your business.
Identity Security Page 02
Protect mission-critical cloud systems without hindering productivity

Gain insights and assess access-related risks

With our risk assessment, you can easily:

  • Get insights into your classical cryptography and your level of post-quantum cryptography (PQC) readiness

  • Identify vulnerabilities and discover rogue, high-risk connections that violate policies and regulations by mapping algorithms

  • Pass audits and ensure compliance with custom recommendations and detailed reports

Discover and mitigate risks

Risk assessment results are presented in a custom report that includes:

  • Audit of your SSH key environment: a comprehensive overview of your current situation (servers, authorizations, keys, policies)

  • Inventory of all active (or potentially active) SSH keys

  • SSH key health analysis, including key algorithms, length, and age

  • Root accounts analysis, e. g. privileged account violations

  • Non-production to production analysis, e. g. non-prod to prod authorizations, non-prod to prod access violations

  • Recommendations to solve and/or remediate your uncovered situation

     
light-bulb-icon

Discovery

  • Discovery and analysis of SSH user keys

  • Discovery and analysis of SSH host keys

  • Discovery of SSH1 keys

  • SSH key trust relationship map

  • Crypto inventory
Certification

Reporting

  • Reporting on SSH key algorithms, size and age

  • Reporting on orphan keys

  • Reporting on the usage of weak cryptographic algorithms

  • SSH server hardening: Reporting on common security pitfalls (SSHv1, password authentication for root accounts, TCP tunneling, agent and X11 forwarding, etc.)

  • Reporting on the usage of deprecated ciphers, MACs and KEX algorithms

 

Priviledged-access-management

Access

  • Access from non-production to production

  • PAM/jump host bypass

  • Reporting on unused SSH key granting access

  • Reporting on keys granting access to forbidden locations

  • Analysis of keys under root and other high-privilege, high-risk user accounts

  • Reporting on transitive trusts including privilege elevation through pivoting

 

Datasheet 4

Recommedations

  • SSH key policy recommendations

  • SSH key security recommendations

  • Recommendations on risk mitigation

Related resources
KuppingerCole Leadership Compass 2025: Secrets Management

KuppingerCole Leadership Compass 2025: Secrets Management

Download the analyst report
Beyond Keyless: Eliminating Standing Privileges with Ephemeral Certificates

Beyond Keyless: Eliminating Standing Privileges with Ephemeral Certificates

Watch the webinar
PrivX PAM Free Trial

PrivX PAM Free Trial

Start the free trial

Talk to our experts about our non-invasive PrivX Insights service for complex SSH environments