Events Join us for Encryption Consulting Conference 2021 - product updates, workshops & more Register Now

Code Signing

Home » Code Signing

Code Signing Solution - CodeSign Secure

CodeSign Secure provides a secure and flexible solution to your code-signing needs for all Operating Systems, including Windows, Linux, Macintosh, Docker, and Android/iOS apps. Digitally signed code ensures that the software running on computers and devices can be trusted and has not been tampered with in transit.

Code signing is a process to confirm the authenticity and originality of digital information, such as a piece of software code. It assures this digital information is valid and establishes the legitimacy of the author. CodeSign Secure works to protect your data-in-transit while authenticating the signer to the receiver.

Request a FREE quote today

An Encryption Consulting representative will contact you shortly


    CodeSign Secure’s Features

    CodeSign Secure currently has the following features implemented:

    • The keys used to sign are protected by your choice of HSM, – nCipher, Utimaco, or Safenet
    • Policies and workflows are defined to secure and streamline your job submission and approval process
    • Your existing virus and malware scans can be integrated systematically
    • Developed on an open REST API, allowing for custom integrations and requirements.
    • CodeSign Secure supports signing Windows, Macintosh, Docker, APK, JAR, and RPM packages
    HashiCorp Vault Strategy
    ×

    The private keys of the code-signing certificate can be stored in an HSM to eliminate the risks associated with stolen, corrupted, or misused keys.

    Client-side hashing ensures build performance and avoids unnecessary movement of files to provide a greater level of security

    The command line signing tool provides a faster method to sign requests in bulk

    Robust access control systems can be integrated with LDAP and customizable workflows to mitigate risks associated with granting wrong access to unauthorized users, allowing them to sign code with malicious certificates

    Support for customized workflows of an “M of N” quorum with multi-tier support of approvers

    Support for InfosSec policies to improve adoption of the solution and enable different business teams to have their own workflow for Code Signing

    Validation of code against UpToDate antivirus definitions for virus and malware before digitally signing it will mitigate risks associated with signing malicious code