ML-KEM key encapsulation
ML-KEM-768 is wired as one half of the TLS 1.3 hybrid key exchange. The CycloneDX CBOM lists the exact primitive ID an auditor can match against the FIPS validation list.
Compliance postureNIST FIPS 203 NIST FIPS 204 NIST FIPS 205 SOC 2 / ISO 27001 GDPR · HIPAA · PCI CycloneDX 1.6 TLS 1.3 only
Designed for the audit you haven't been asked for yet.
Compliance officers don't want our claims — they want artifacts. Scrutari ships them on day one.
ML-DSA digital signatures
ML-DSA verification is wired into the JWT family dispatch and the post-quantum auth path. The gateway emits a per-family counter so operators can prove that real PQ-signed traffic is reaching the data plane.
SLH-DSA stateless hash signatures
SLH-DSA is recognised in the cryptography policy registry as a fallback signature primitive for environments that prefer hash-based over lattice-based signatures. Disabled by default in v1; enabled per-tenant via configuration.
Aligned controls
The gateway's audit log captures every administrative action with a tamper-resistant cursor, every cert lifecycle event lands in an at-least-once outbox, and the TLS posture exceeds NIST SP 800-52 Rev 2's transport guidance. Auditors get a documented, queryable record that maps cleanly onto the standard control families.
Industry overlays
The transport, audit, and CBOM properties layer cleanly onto industry-specific overlays: GDPR Article 32 (encryption appropriate to the risk), HIPAA §164.312(e)(1) (transmission security), PCI DSS Req 4 (encrypted transmission of cardholder data). The gateway is the encryption boundary; your compliance team owns the mapping.
Cryptography Bill of Materials
A single GET /admin/cbom endpoint returns the full cryptographic surface in machine-readable form: primitives, modes, key sizes, source references. Diff two releases to see exactly when a primitive changed; export to your SBOM ingestion pipeline.
No classical-only fallback
The serving listener pins the kx_groups list to ML-KEM-768 hybrid by default. Classical-only clients are structurally rejected at handshake time — there is no version-down or group-down path an attacker can negotiate the gateway into.
Move your TLS posture to post-quantum before the timeline moves you.
Scrutari is in early access for enterprise SaaS teams who've been told to have a migration plan by their largest customers and don't want to rebuild their TLS stack to get there. We'd like to talk to yours.