Cryptographic Compliance
Generate a Cryptographic Bill of Materials (CBOM) from container filesystems. Inventories algorithms, certificates, keys, and protocols for compliance audits and quantum readiness.
Schedule with the Agent
# Weekly cryptographic inventory
reel.io/schedule: |
0 3 * * 0 | export cbom
reel.io/s3-bucket: "compliance-evidence"
One-Shot with the CLI
Run a crypto inventory from your terminal — no agent required.
# Scan an image
reel export cbom nginx:latest
# Scan a running container
reel export cbom --container my-nginx
What Gets Detected
| Category | Details |
|---|---|
| Algorithms | Encryption, hashing, and signature algorithms in use |
| Certificates | X.509 certificates with expiration and algorithm analysis |
| Protocols | TLS/SSH protocol versions with cipher suite decomposition |
| Key Materials | Private keys, public keys, and key files on disk |
Output: CycloneDX JSON with cryptographic extensions.
Schedule Examples
# Full filesystem scan — weekly (comprehensive, slower)
0 3 * * 0 | export cbom
# Common paths only — daily (faster, covers /etc/ssl, /etc/pki)
0 3 * * * | export cbom --common-paths-only
# Include system CA trust store
0 3 * * 0 | export cbom --include-system-cas