CipherShift365 -- Product Description

In one breath

Today's encryption relies on math that a sufficiently powerful quantum computer is expected to break. Governments and standards bodies have already published the replacement encryption and have begun requiring organisations to find and fix their vulnerable cryptography. CipherShift365 is a platform that finds the at-risk cryptography buried inside a company's software, helps them replace it with the new quantum-safe standards, and then watches to make sure it does not quietly creep back in. Built specifically for organisations running on Microsoft's .NET and Azure technology.

The problem, in everyday terms

Almost everything digital is protected by encryption: online banking, medical records, signed contracts, software updates, the padlock in your browser. Much of that protection depends on public-key cryptography (RSA, ECC) that is extremely hard for today's computers to crack -- but not for a future quantum computer.

A large enough quantum computer does not exist yet. The threat is still real today:

"Harvest now, decrypt later." An attacker does not need a quantum computer today to benefit from one tomorrow. They can record encrypted data now and decrypt it years later once the hardware catches up.

Any information with a long shelf life -- patient records, legal agreements, intellectual property, government data -- is effectively exposed today.

The good news: the fix exists. After an eight-year international competition, NIST finalised the first quantum-safe encryption standards on 13 August 2024 -- ML-KEM, ML-DSA, and SLH-DSA. The hard part is no longer which algorithms to use. The hard part is finding every place your old cryptography is hiding and replacing it without breaking anything.

Why this is urgent now

a) Legal and contractual requirements

In the United States, federal agencies must inventory cryptography and plan migration under OMB M-23-02 (18 November 2022), with obligations running annually toward a 2035 target. National Security Memorandum 10 (May 2022) sets a transition deadline of 2030 for national security systems. These requirements flow downhill to suppliers and contractors.

b) Buyers are asking for proof

A "cryptographic inventory" is becoming standard in security questionnaires. The Cryptography Bill of Materials (CBOM), an open OWASP/CycloneDX standard, provides the machine-readable format.

c) The replacement technology is shipping

As of the November 2025 release, .NET 10 ships native support for NIST post-quantum algorithms via System.Security.Cryptography, backed by Windows and OpenSSL. The capability is here -- what is missing is a way to systematically apply it across a real estate.

Who it is for

CipherShift365 is aimed at .NET / Windows / Azure-heavy organisations in regulated sectors -- financial services, healthcare, government, and defence-adjacent suppliers.

It is delivered in a services-led way: Compass produces the credible inventory and roadmap that opens the conversation; Vault and Guardian are the tools used to carry it out.

What it intentionally does not do (at first)

• It does not reinvent cryptographic algorithms -- it uses the standardised, trusted ones.
• It does not yet scan non-.NET languages, broad network/cloud infrastructure, or macOS.
• It does not run as a shared multi-customer cloud service -- everything stays inside the customer's own environment unless they explicitly opt in to share data.