The machine and IoT identity platform Keyfactor today announced the launch of Keyfactor Signum, a new code signing as-a-service platform that simplifies the process developers go through to sign code and containers in a secure way, without affecting productivity.
Keyfactor Signum is intended to address the threat of software supply chain attacks that compromise application development pipelines, IT scripts, macros, and more.
This release provides security teams with protection for code signing keys while allowing developers to leverage the same native signing tools they currently use.
“Recent changes made by the CA/B Forum, which are scheduled to go into effect in the next 12 months, mean that organizations are required to generate and store code signing keys in a cryptographic module,” said Ben Dewberry, product manager signing & key management at Keyfactor. “Keyfactor Signum makes it easy to comply with these new requirements, without causing any disruption to developers that need to move quickly.”
With Keyfactor Signum, users gain integration with native tools, secure key storage, policy and governance, and authentication.
To learn more, visit the website.