Grid Columns
The grid presents one row per cryptographic finding. All columns support sorting, filtering, and reordering.| Column | Description |
|---|---|
| Type | Category of the finding: Algorithm, Protocol, Certificate, or Key |
| Finding / Class | Finding class identifier (e.g., crypto/algorithm/hashing/md5, crypto/certificate/expired) |
| Component | Binary component in which the material was found |
| Severity | Risk level assigned to the finding |
| Confidence | How certain BTP is that it identified the correct algorithm and its exact parameters — uses the same five-level scale as all other findings (see Accuracy & Confidence) |
| Reachability | Whether the cryptographic material is accessible from a public entry point in the binary (see Reachability Analysis); applies to algorithms and protocols |
| PQC Status | Post-quantum compliance classification per NIST IR 8547: compliant, non-compliant, or acceptable until a specified date |
Algorithm Findings
Algorithm findings identify cryptographic algorithm implementations in the analyzed binary. Each finding includes:- Algorithm class and detected parameters (key size, mode of operation)
- Component name and offset where the implementation was found
- Function addresses associated with the cryptographic code
- Reachability result
- PQC compliance status
Certificate Findings
Certificate findings expose X.509 certificates embedded in the image. The finding detail view provides:- Issuer and Subject - certificate authority and the entity the certificate was issued to
- Origin - component path within the image where the certificate was found
- Validity period - not-before and not-after dates
- Expiration status - whether the certificate has expired
- Signature algorithm - algorithm used to sign the certificate
- Public key algorithm and size - e.g., RSA-2048, EC P-256
- Self-signed flag - whether the certificate is self-signed
crypto/certificate/expired, crypto/certificate/invalid, crypto/certificate/self-signed, crypto/certificate/untrusted) carry severity ratings. Certificates without issues are recorded as artefact/crypto-certificate-material and are informative.
Key Findings
Key material findings record cryptographic keys embedded in the binary:- Key type - RSA, EC, Ed25519, post-quantum, or other
- Key size / parameters - bit-length or parameter set
- Location - component path and offset within the image
- Classification - private key vs. public key
secret/private-key or secret/encryption-key, which carry elevated severity due to the risk of key exposure.
Filtering and Searching
Quick column filters:- Filter by Type to narrow to Algorithms, Protocols, Certificates, or Keys.
- Filter by Finding / Class by class prefix - e.g.,
crypto/algorithm/hashingfor hashing algorithms,crypto/certificatefor certificate findings. - Filter by PQC Status to isolate quantum-vulnerable findings for migration planning.
- Filter by Severity to surface only weak or deprecated materials.
Generating Reports
- PQC Compliance Report
- CBOM
Click the Generate button in the tab to produce a PDF or JSON report listing all quantum-vulnerable algorithm instances with NIST IR 8547 migration guidance.See PQC Compliance Report for report contents and format details.
Related
- Cryptographic Detection - How detection works
- Algorithm Compliance Reference - Compliance status for all algorithm classes
- Finding Classes Reference - Full list of
crypto/*classes - Accuracy & Confidence in Findings
- Reachability Analysis
- PQC Compliance Report
- CBOM Export