PQLens › Blog
The PQC Countdown
Crypto inventory, without the hype
The regulator is the deadline, not the quantum computer. Deep dives on cryptographic inventory, PQC migration and audit evidence — every date linked to its primary source.
You don't know what cryptography you're running (and neither does anyone else)
The hard part of a cryptographic inventory isn't migration — it's discovery. A tour of the ten places crypto hides, and why grepping for AES finds none of the interesting ones.
PCI DSS 12.3.3: how to build the cryptographic inventory your QSA will ask for
PCI DSS 12.3.3 has required a documented cryptographic inventory since March 2025. Here is exactly what it asks for, what a good one looks like, and how to build one in an afternoon.