Code Signing Solution

Prevents harmful software code

Harmful code is today a real threat to users and organizations alike, as criminal groups and even governments use malicious software to steal and monitor data, extort money or empty your bank account.

To digitally sign executable files such as applications, libraries and drivers is an important part of security whenever software is being distributed over insecure networks (internal or the Internet) or stored on untrusted media. Digitally signed code ensures that the software running on computers and devices is trusted and unmodified.

Enables safe applications for smart devices

Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The most common use of code signing is to provide security when deploying software, for example installing and updating applications on your computer, on your smart phone or tablet or your home appliances, such as smart TV or network router.

The digital signature on the software is used to verify the identity of the author of the software and that the software has not been modified. With this verified, the system (computer, mobile, industrial system etc) can allow the software to be installed.

Central is superior

Instead of managing a myriad of distributed “code signing islands” where each team has its own solution, using a central code signing solution simplifies administration, improves security and lowers cost.

Central code signing solution using SignServer

From different locations the auditor and the developers easily access the same central code signing server.

 

Easy to control

With a centralized signing solution the code signing capabilities are easily controlled from a single location, and the risk of code signing keys being lost or stolen is significantly decreased. The cost of keeping signing keys under control is lowered.

Policy and Audit compliance

Using a central code signing solution makes it easy to achieve and enforce a strict audit record of who signed what. Some organizations demand this because of external audit requirements. While others need it to maintain trust in their brand, where maintaining good policy and audit records assure that the users of their products are not exposed to unnecessary risks of malicious software.

Protection of Signing Keys

A primary reason to use a secure, centralized code signing solution, is to keep code signing keys protected. The keys are kept securely in a Hardware Security Module (HSM), mitigating the risk of any key being stolen or used illegitimately.

Our Competitive solution for Code Signing

PrimeKey Code Signing Appliance is a central code signing solution that helps you keep secure control of your code signing keys, and also provides a centrally managed and audited single service for all your code signing needs. It allows different project members, or systems, to authenticate and share the same well protected code signing key and certificate when signing, and at the same time provides audit records of who signed what.