Sign & Verify! How Code Signing Secures the Software Supply Chain



Some fast facts from Gartner:

  • By 2025, 45% of organizations will have experienced attacks on their software supply chains, tripling the numbers from 2021.
  • Half of existing supply-chain attacks are attributed to APTs or well-known attackers.

Digital transformation enables enterprises of all sizes to provide value to their customers in a fast and consistent manner. One crucial consideration of that transformation is the automation and security of software development and deployment (CI/CD) pipelines. These environments present a unique challenge to enterprise security and engineering teams, but code signing technology can help secure your software supply chain from end to end.

 

In this AMA session, we’ll discuss the role code signing plays in securing the software supply chain from cybercriminals, including guidance on signing and verification as baseline security requirements. The conversation will be based around top industry documentation, including NIST SP 800-218, NIST SP 800-190, CNCF Cloud Native Security whitepaper, CNCF Security Best Practices for Software Supply Chain, CIS guidance on Software Supply Chain, and OWASP SAMM.

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


When
Fri, Nov 11, 2022, 10:30am ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Event Sponsors

Venafi


Organizer
SANS Institute


Contact Event Organizer



Return to search results