A recurring free technical briefing series co-hosted by SANS Institute and Applied Quantum. Awareness-level, but built for implementers: protocols, cryptographic inventories, crypto-agility, and the real-world constraints that shape a post-quantum migration.

---

About This Series

This complimentary webcast series is designed for cybersecurity practitioners, architects, and engineers who need a practical understanding of quantum risk and post-quantum cryptography (PQC) — without hand-waving.

Each session is short, focused, and technical enough to help you answer the questions that matter in real environments:

• Where is quantum-vulnerable crypto actually hiding in our systems?

• What changes first: PKI, TLS, VPNs, code signing, device identity, or vendor platforms?

• What breaks when we start testing PQC (performance, MTU, certificates, interoperability, middleboxes)?

• How do we build a migration plan that engineering teams can execute — and leadership can fund?

Format: Free live webcast Duration: ~2 hours Cost: Free Organizer: Applied Quantum, co-hosted with SANS Institute

---

Topics Covered Across the Series

Session topics vary, but the series consistently goes deeper than “quantum breaks RSA.” Expect coverage such as:

• Quantum threat models engineers can use (including “harvest now, decrypt later” and long-lived trust risks)

• NIST PQC standards landscape and what it means for real deployments

• Where PQC shows up in practice (TLS 1.3, mTLS, PKI, VPN, signing, device identity, third-party SaaS/cloud)

• Network and infrastructure impacts (handshake/cert sizes, latency, CPU, MTU/fragmentation, middlebox behavior)

• Cryptographic discovery and inventory (including CBOM concepts and vendor dependency mapping)

• Risk-driven prioritization: how to decide what to migrate first when your inventory is incomplete

• Crypto-agility patterns that survive production (abstraction, policy control, negotiation, safe upgrade/rollback)

• Practical “first steps” and pilot patterns that don’t turn into a lab-only science project

---

What You Will Learn

Across the series, practitioners will leave with:

• A clear view of how quantum risk translates into protocol and platform changes (not just algorithm theory)

• A practical approach to identifying cryptographic dependencies across applications, infrastructure, and vendors

• A realistic picture of what will break (and how to test early to avoid surprise outages later)

• Concrete next steps: what to inventory, what to pilot, what to ask vendors, and how to structure a migration path

• Shared terminology and mental models that reduce friction between engineering, security, and risk stakeholders

---

Why “Wait and See” Breaks Down for Technical Teams

This isn’t a single control change — it’s an enterprise-wide cryptographic migration. Crypto is embedded across libraries, protocols, certificates, devices, vendor stacks, and build pipelines. The hard part is not picking an algorithm; it’s dependency discovery, interoperability testing, performance validation, and coordinated change across teams and suppliers.

If you wait until deadlines (or incidents) force action, you end up migrating under pressure — exactly when brittle crypto dependencies and infrastructure constraints become most expensive.

---

Who Should Attend

This series is designed for:

• Security architects, enterprise architects, and platform architects

• PKI, certificate lifecycle, IAM, and key management owners

• Network/security engineers responsible for TLS termination, VPNs, gateways, and edge infrastructure

• Cloud security, DevSecOps, and SRE teams operating large-scale encryption and mTLS

• Application security and product security teams (especially those owning libraries and CI/CD signing)

• Engineering leaders who need a technical roadmap — not a slide deck

---

Want to Go Deeper?

This free webcast series provides awareness-level coverage for practitioners.

• For executive-focused training and a leadership roadmap, see SEC529: Quantum Security Readiness for Executives (SANS Institute).

• For a much deeper, hands-on program, these topics will be covered in far greater detail in a 5-day course (SEC531) being developed by SANS Institute and Applied Quantum.

---

Frequently Asked Questions

Do I need to attend sessions in order?
No. Sessions are designed to be modular. Attend the topics most relevant to your environment.

Is this hands-on training?
No — these are technical briefings (not labs). The goal is to help you make better architecture and implementation decisions and start testing intelligently.

Will there be a recording?
Sessions are delivered live. Contact us if you need access to recorded material for your team.

Is this really free?
Yes. No payment required. Register with your name and email and you’ll receive joining details.

Can you deliver this privately for our organization?
Yes — we regularly run tailored technical briefings and working sessions for security and engineering teams.

---

No fluff. No hype. Just the technical clarity and next steps practitioners need.