www.EncryptionConsulting.com
www.EncryptionConsulting.com/MyCodeSigner
Supports digital code-signing for multiple file formatsSecures & manages private keys for code-signing with HSM’sSupports Malware and Virus scans for the added security before signing the codeDriven by flexible and customizable policies and approval workflowsMulti deployments options with on-premise, private cloud or SaaS optionsQuick implementation by seamless integrations with the existing build processes
A secure and flexible code-signing solution
When a software/script/macro is downloaded and during its installation or execution you see a popup saying, “Are you sure you want to run this?” or “Do you want to allow the following program to make changes to this computer” then that means code-signing is in action. Code-Signing Solution plays an important role as it can enable identification of a legitimate software v/s a malware or a rogue code.
Code-signing is a process that confirms the authenticity and originality of digital information especially a software code assuring this digital information is not a malicious code and establishes the legitimacy of the author. It also provides assurance that this piece of digital information has not changed or had been revoked after it has been digitally signed.
High assurance method to protect private code-signing keys in HSM
Configurable Malware and Virus scans before code-signing
Multi-factor authentication for the enhanced security
Faster Implementation and Automation
Configurable policies for signing different types of code
Configurable approval workflows for the control and transparency
Support for integrating with your choice of SIEM for audit reports
REST API, allowing for custom integrations and requirements.
Overview
Featuresat a Glance
MyCodeSigner provides a secure and flexible solution to your code-signing needs.The features include: The keys are protected by your choice of HSM.Customizable policies and workflows can be defined to secure and streamline the process of job submission and approvals.Support for virus and malware scans before signing the code.Built-in support for signing Windows, Linux, Macintosh, Docker and Android/iOS apps. The framework is extendable to include specific code or document not directly supported by the solution.MyCodeSigner is developed on an open REST API, allowing for custom integrations and requirements.
MyCodeSigner Solution
www.EncryptionConsulting.com/MyCodeSigner
Copyright © 2019 - All Rights Reserved - Encryption Consulting LLC
The private keys of the code-signing certificate can be stored in HSM to eliminate risks associated with stolen, corrupted or misused keysRobust access control system and can be integrated with LDAP and customizable workflows to mitigate risks associated with granting wrong access to unauthorized users allowing them to sign code with malicious certificatesCustomizable workflows and policies to improve adoption of the solution can enable different business teams to have their own workflow for code-signingValidation of code against virus and malwares before digitally signing will mitigate risks associated with signing a malicious code
MyCodeSignermitigates the risks associated with code signing
Windows files like .exe, .dll, .msi, .cab, .ocx
RPM on Linux
Jar files
Mac OS software
Andorid and iOS apps
Docker images
Supported File TypesUtimaco HSM
Thales HSM
nCipher HSM
AWS Cloud HSM
Azure Key Vault
Supported HSMs
MyCodeSigner is designed to provide the most secure code-signing capabilities and built-in support to customize your code-signing workflow as per the latest security standards. The open architecture framework provides the utmost flexibility to implement at the customer environments without altering their existing build processes, be it traditional SDLC, Agile or DevOps. The product seamlessly integrates with your on-premise systems and provides the easy to use interface to manage and operate code-signing within the organization.
solution architecture
www.EncryptionConsulting.com
Sign with confidence
Info SecAdmins
SMTP Server
MyCodeSignerClient
Build Server 1
CorporateActive Directory
Code-Signing JobsWork�ows
Job Submitters
Job Approvers
My CodeSignerApplication
HSMMyCodeSigner Server
Windows Build Servers
OROn Premise
HSM
Cloud HSM
AuditDatabase
Code SigningPrivate
Keys
HSM Client
Build Server 2
MyCodeSignerClient
Build Server 1
Build Server 2
Build Server 1
Unix Build Servers Macintosh Build Servers
MyCodeSignerClient
Build Server 2
On-premise model
MyCodeSigner server and client modules will be installed locally.
Solution can be integrated with any existing HSM’s available locally to store keys.
Hybrid model
MyCodeSigner server and client modules will be installed locally within the customer premise and the
private keys for signing certificates can be stored on cloud HSM and vice-versa.
SaaS model
Fully SaaS model where the organizations subscribe to MyCodeSigner services online.
Deployment Options
Encryption Consulting is a dedicated consulting firm that focuses on providing all the aspects of Encryption such as PKI, Hardware Security Module, Code-Signing, Enterprise key management, Transparent Data encryption, Element level format preserving encryption and Tokenization. At Encryption Consulting, we provide encryption services that help organizations to achieve the triad of Confidentiality, Integrity and Availability.
MyCodeSigner helps organizations stay ahead of the curve by providing a secure code-signing solution with tamper proof dtorage for the keys and complete visibility and control of change.
why MyCodesigner
About Encryption Consulting
Encryption Consulting LLC. 130 N Preston Rd, Prosper, TX 75078, USA |+1- 469-815-4136 | [email protected] CONFIDENTIALITY. INTEGRITY. AVAILABILITY.Find us:“EncryptionConsulting” on