ABI Research Names CodeSign Secure Among the Code Signing Market Leaders

Two 2026 ABI Research reports recognize our CodeSign Secure platform for CI/CD and IoT code signing, citing its performance, automation, and post-quantum readiness.

We are proud to share that CodeSign Secure, our enterprise code signing platform, has been recognized by ABI Research, a leading global technology intelligence firm, across two newly published market reports on the state of the code signing industry. Both reports, authored by Senior Analyst Aisling Dawson and released in June 2026, name CodeSign Secure among the vendors shaping the code signing market and single it out for the very capabilities that buyers now demand from a modern signing solution.

The two reports, Code Signing and Software Development: Integrating Secure Practices into CI/CD Pipelines and Code Signing and the IoT: Opportunities and Challenges for Code Signing Within the IoT Market, examine where the code signing market is heading and which vendors are best positioned to lead it. In both, CodeSign Secure earns a place in the “Key Companies and Ecosystems” section, the part of each report reserved for the solutions ABI Research sees driving the market forward.

In the CI/CD and DevOps Report: Built for the Latency Sensitive Pipeline

In its software development and CI/CD report, ABI Research describes CodeSign Secure as part of our broader cryptographic services suite and notes that it is well-suited to the latency-sensitive CI/CD pipeline. Several capabilities stood out to the analyst:

• Pre and post hash validation, usable together or independently: This flexibility lets teams balance security and performance without bolting on workarounds.
• Client-side hashing: ABI Research notes that client-side hashing is “increasingly becoming table stakes” for vendor code signing solutions because it limits heavy data transfers and keeps source code on the developer’s machine. CodeSign Secure supports it natively, which also aligns with the sovereignty-oriented requirements ABI flags as a growing buying driver.
• Policy as code enforcement: CodeSign Secure automatically enforces an organization’s code signing policy, only allowing builds that satisfy the required security checks to be signed. ABI Research credits this with easing “pluggability,” making it “a premier option for DevOps.”

The report also positions us as “a frontrunner in terms of signing innovations.” That includes post-quantum cryptography (PQC) signing and expanded Software Bill of Materials (SBOM) and Concise Reference Integrity Manifest (CoRIM) signing aimed at the semiconductor segment, a use case ABI describes us as “one of the only vendors to cater to.” With a license-based commercial model, ABI Research concludes that CodeSign Secure is a cost-efficient and innovative solution, “cementing its market lead.”

In the IoT Report: Flexibility and Compliance Expertise for a Fragmented Market

The IoT report tells a complementary story. ABI Research highlights our origins, founded in 2018 with roots in consultancy, and frames that heritage as a real advantage. Our “unique reputation and expertise across compliance frameworks” is called out as “a solid differentiator for IoT customers,” precisely because the IoT signing landscape is so fragmented across diverging, vertical-specific standards.

On capability, ABI Research notes that CodeSign Secure “caters to a wide set of applications, including secure boot and firmware signing across IoT, Operational Technology (OT), and embedded devices.” And rather than treating our size as a limitation, the report frames it as a strength. As a more agile team, we have “the advantage of a highly flexible and customizable offering, dynamically adding integrations based on customer demand,” exactly what the diverse, heterogeneous IoT market rewards.

This matters because the IoT report identifies firmware as an increasingly prominent, and poorly protected, attack vector, with regulations like the EU Cyber Resilience Act (CRA) and its SBOM mandates poised to push signing adoption sharply upward. Solutions that combine firmware integrity, deployment flexibility, and compliance fluency are the ones ABI expects to win in this space, and that is precisely how we built CodeSign Secure.

A Market Growing on Regulation, Risk, and Quantum

Both reports make clear that code signing is entering a high-growth phase, and the drivers are structural rather than cyclical. On the DevOps side, ABI Research describes a multistage trajectory: cyber incidents and supply chain attacks driving early adoption through 2025; regulation, including shorter certificate lifespans and CNSA 2.0’s quantum safe requirements, accelerating uptake across 2026 and 2027; and a shift toward zero trust architectures and hybrid, HSM as a Service deployments through 2030. On-premises deployments retain the largest share thanks to sovereignty concerns, while services and hybrid models grow fastest.

In IoT, the curve is steeper. ABI Research expects IoT code signing revenue to begin overtaking DevOps revenue around 2028, propelled by the EU CRA’s December 2027 security requirement deadlines, automotive mandates, and the long device lifecycles that make quantum migration an urgent rather than distant problem. The report stresses that firmware is both a rising attack surface and a poorly protected one, with a large share of organizations still lacking robust firmware security.

These are precisely the pressures we designed CodeSign Secure to absorb: automated signing that survives shorter certificate lifespans, flexible deployment for air gapped and constrained environments, native PQC for the quantum transition, and SBOM signing for CRA-aligned compliance. ABI Research’s market view, in other words, reads like a checklist that CodeSign Secure already addresses.

What ABI’s Findings Confirm About CodeSign Secure

Taken together, the two reports validate the design principles behind CodeSign Secure. The market signals ABI Research describes map directly to the capabilities the platform already delivers:

• Performance under pressure: client-side hashing and flexible pre- and post-hash validation keep signing fast even as build volumes and pipeline speed climb.
• Automation over manual signing: policy as code enforcement replaces manual workflows that are prone to error, and that shorter certificate lifespans are rapidly making unsustainable.
• Quantum readiness: native PQC signing helps teams prepare for CNSA 2.0 and the broader post-quantum transition before deadlines arrive.
• Supply chain and compliance coverage: SBOM and CoRIM signing, plus secure boot and firmware signing across IoT, OT, and embedded devices, address the provenance and regulatory demands driving the market.
• Breadth across use cases: recognition in both the DevOps and IoT reports shows CodeSign Secure spans the full code signing market, not just one segment.

What This Means for Security and DevOps Teams

For practitioners evaluating code signing solutions, analyst recognition is more than a marketing milestone. It is a useful shortcut. ABI Research evaluates vendors against the threats and regulatory shifts that teams are actually contending with, so its profiles work as a filter for which capabilities matter most. CodeSign Secure being singled out for client-side hashing, policy as code enforcement, PQC signing, and SBOM and CoRIM support tells buyers that the platform is aligned with where the market is going, not just where it has been.

It also reflects a practical reality. The teams under the most pressure, including those running high-velocity CI/CD pipelines, those shipping firmware to OT and embedded devices that stay in the field for years, and those preparing for the quantum transition, need a signing solution that adapts to their environment rather than forcing them to redesign their workflows. ABI Research’s emphasis on our flexibility, ease of integration, and willingness to add capabilities based on customer demand speaks directly to that need. The result is a solution that lowers the change management burden ABI repeatedly cites as a barrier to adopting external signing solutions.

Looking Ahead

Independent recognition from ABI Research reinforces what our customers already experience: that code signing should be fast, automated, compliant, and ready for what comes next. As certificate lifespans shrink, supply chain threats grow, and the quantum transition accelerates, we will keep investing in the capabilities that earned CodeSign Secure its place among the market leaders.

To learn more about how CodeSign Secure secures CI/CD pipelines, IoT and embedded firmware, and the path to post-quantum signing, explore the platform or reach out to our team for a demonstration.

About the Reports

Both reports are part of ABI Research’s ongoing coverage of digital trust, PKI, and code signing. Code Signing and Software Development (report code PT 3570) examines how secure signing practices integrate into CI/CD pipelines, while Code Signing and the IoT (report code PT 3571) explores the opportunities and challenges of signing across connected, embedded, and operational technology devices. Both were authored by Senior Analyst Aisling Dawson and published in June 2026.

About Encryption Consulting

Founded in 2018, Encryption Consulting is a specialist advisory and solutions firm focused on applied cryptography, PKI, key management, and code signing. Its flagship platform, CodeSign Secure, helps organizations sign software, firmware, and artifacts securely across DevOps, IoT, OT, and embedded environments, with client-side hashing, policy as code enforcement, post-quantum cryptography support, and SBOM and CoRIM signing built in.

Sources

ABI Research, “Code Signing and Software Development: Integrating Secure Practices into CI/CD Pipelines” (PT 3570), June 16, 2026.

ABI Research, “Code Signing and the IoT: Opportunities and Challenges for Code Signing Within the IoT Market” (PT 3571), June 17, 2026.