The governed agent already understands your cryptography, secrets, sensitive data, AI privacy boundaries, and ownership. It analyzes your environment and tells you exactly what stands between you and migration.
No configuration. No provider selection. No scan wizard. One click.
Discovering your environment…
✓ Assessment complete
Assessment completed in 2 minutes 14 seconds
391 assets analyzed across 8 connected systems.
Your environment is ready for post‑quantum migration.
2 systems need your approval before conversion.
Executive Summary
We analyzed your environment and found 391 cryptographic assets. Nearly all are ready for automated post-quantum migration. Two production systems require your approval because they could affect live traffic. Sensitive workloads and credentials have already been identified and will remain protected throughout the migration. No unauthorized agent activity occurred during the assessment.
Safe Assessment
✓ No production systems were modified
✓ No cryptography was changed
✓ No credentials were exposed
✓ This was a read-only assessment
Recommendation
Based on your environment, I recommend automatically migrating:
✓ Migrate automatically
✓ 284 RSA keys
✓ 67 ECC keys
✓ 389 certificates
These assets present low migration risk.
Before proceeding, I'd like your approval for:
⚠ Needs your approval
⚠ Customer Portal
⚠ VPN Gateway
Reason: these systems could affect production traffic.
Estimated Automation
389
Automatic
2
Requires approval
0
Manual
You only need to make two decisions.
Why I recommended this
Customer Portal
• Handles production traffic
• 4 dependent systems
• Certificate expires in 11 months
• Low migration risk
→ Recommended after your approval
VPN Gateway
• Terminates all remote production access
• 6 dependent systems
• Rekey requires a maintenance window
• Low migration risk
→ Recommended after your approval
What we found
391assets discovered
284 RSA keys, 67 ECC keys, and 389 certificates across your infrastructure. The vast majority are ready for automated migration with no action from you.
14credentials need to be secured before migration
These will automatically be protected by H33-Key during migration. Your applications keep working — the secret is simply never exposed again.
7workloads contain sensitive data
These workloads will execute without exposing plaintext to AI. The data stays encrypted end-to-end, even while it's being processed.
Recommended actions
ImmediateThese prevent migration today
Customer Portal · VPN Gateway — internet-facing, with regulated data behind them. Approve these first.