Spice Labs Launches 'Amuse Bouche,' a Free Taste of PQC Discovery/Inventory Tools

Security pros can receive a free analysis of their Post-Quantum Cryptography posture in minutes

Security leaders should have an easy way to assess PQC compliance without burdening engineering. We’re granting teams a free taste of our tools to meet the software security challenges they face.”

— David Pollak, CEO and Founder of Spice Labs

SOMERVILLE, MA, UNITED STATES, March 17, 2026 /EINPresswire.com/ -- Spice Labs, a leader in cryptographic visibility and post-quantum readiness, today announced the launch of Amuse Bouche, a complimentary platform designed to give security teams immediate access to high-tier Post Quantum Crypto analysis without the friction of burdening engineering.

Named after the culinary tradition of a "complimentary bite-sized gift," Amuse Bouche allows users to experience the power of Spice Labs’ technology —including the flagship Topographer engine—with no contracts and no credit cards. The platform is built to solve a critical industry challenge: providing a "risk-free taste" of PQC analysis before committing to a full-scale integration.

Because Spice Labs analyzes post-build artifacts, a security team can perform a Post-Quantum Cryptography assessment and gain: a CBOM report, a PQC Static Analysis with Crypto-agility ratings, and a Java Flight Recorder analysis of PQC compliance of actual runtime cryptography calls.

Meeting Urgent Global Compliance Mandates

Amuse Bouche is specifically engineered to help organizations navigate the rapidly accelerating timeline for Post-Quantum Cryptography (PQC) migration. In addition to Gartner designating PQC as a top cybersecurity priority in 2026, Federal and commercial mandates now require immediate action to defend against "harvest now, decrypt later" threats:

* NSA CNSA 2.0: National Security Systems (NSS) must support and prefer PQC algorithms by 2025, with a hard mandate for exclusive use in software and firmware signing by 2030. Starting in 2027, all new NSS acquisitions must be CNSA 2.0 compliant.
* NIST Standards: With the August 2024 finalization of FIPS 203 (ML-KEM), FIPS 204 (ML-DSA), and FIPS 205 (SLH-DSA), organizations now have the official cryptographic blueprints required for compliance.
* OMB M-23-02: U.S. federal agencies are now required to maintain a prioritized inventory of all cryptographic systems to identify quantum-vulnerable algorithms.

Enterprise-Grade Analysis at No Cost

The platform debuts with three distinct "tastings":

* PQC JAR Analyzer: Evaluates Java artifacts for PQC readiness, providing an "Algorithm Agility Score" and prioritized migration recommendations. PQC call tracing combined with crypto-agility ratings provides users with a unique measure for measuring their ability to adopt future advances in quantum-proof algorithms.
* Point-in-Time Vulnerabilities: Allows users to upload a Software Bill of Materials (SBOM) and query the Spice Labs advisory database across historical dates to track how vulnerability exposure changes over time.
* PQC Java Runtime Analyzer: Uses Java Flight Recorder (JFR) data to inventory live cryptographic activity in production environments, identifying "real-world" usage versus static code.

Privacy-First Engineering

Amuse Bouche is built on a "Privacy by Design" framework. To ensure user trust, SBOMs are processed entirely in memory and are never stored on disk or in logs. Uploaded artifacts are deleted immediately following analysis. If a user prefers not to upload corporate data there are 100 sample JAR files and dozens of SBOMs available for testing.

“Security leaders should have an easy way to discover/inventory their PQC compliance without burdening engineering,” said Spice Labs’ founder and CEO, David Pollak. “With Amuse Bouche, we’re granting teams a free taste of our tools necessary to meet the software security challenges they face.”
Users can begin their first analysis immediately by visiting amuse.spicelabs.io.

About Spice Labs
Spice Labs provides a Cryptographic System of Record, replacing guesswork with hard data to enable precise project scoping and faster PQC inventories.
Spice Labs maps deployment artifacts and systems with cryptographic fingerprints, anchoring them to our continuously updated 18 billion node OSS database and enrichment layers to drive confident, fact-based decisions.

With comprehensive maps of your stack, replace guesswork with hard data. This enables faster decisions, reduced risk, and measurable progress across projects.

Our technology surveys containers, virtual machines, and applications, identifying components and relationships even in legacy systems without Software Bill of Materials. This empowers users and consultancies to continuously monitor PQC compliance and plot trends for a data-driven “when will be be compliant,” assessment; ultimately saving time, controlling costs, and strengthening trust.

David Churbuck
Spice Labs
+1 508-360-6147
dcc@spicelabs.io

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.