openPR Logo
Press release

Keyfactor and Thales Address Code Signing Cyber-Attacks Targeting Businesses

06-17-2019 05:09 PM CET | IT, New Media & Software

Press release from: MRB Public Relations

Security leaders announce industry-first code signing product

CLEVELAND, Ohio, June 17, 2019 – Keyfactor, a leading provider of secure digital identity management solutions, today announced a new integration with Thales that combines Keyfactor’s code signing platform with the high-assurance key protection of Thales’ SafeNet Cloud HSM On-Demand. The result of this partnership, KeyfactorTM Code Assure, delivers secure code signing to software vendors, mobile app developers, enterprise IT organizations, and manufacturers of IoT devices.
“We’re seeing a rise in threats against code signing operations, like the recent ASUS hack where attackers exploited code to plant and deploy malware when businesses ran standard updates,” said Jordan Rackie, Chief Executive Officer at Keyfactor. “These attacks erode the fabric of trust that consumers and business users alike place in software publishers and device manufacturers. This partnership and our highly integrated, hybrid approach uphold digital trust, making end-to-end protection against evolving code signing-based attacks simpler for innovative DevOps teams and software providers.”
Code signing certificates are used to digitally sign applications, drivers and software, allowing end users to verify the authenticity of the publisher. Cyber-attackers can forge and compromise vulnerable certificates and keys, often planting malware that detonates once a firmware or software update is installed on a user’s system. Recent research pegs the cost of code signing certificate and key misuse at $15 million and estimates a 29 percent likelihood that organizations will experience code signing incidents over the next two years.
“Complete protection and control of code signing keys is challenging for most businesses, especially as infrastructure and development teams are widespread across the globe,” said Ted Shorter, Chief Technology Officer and Co-founder at Keyfactor. “Faster release cycles and frequent code changes in DevOps environments leave security teams fighting to keep pace. Thales and Keyfactor designed Keyfactor Code Assure to empower innovators, enabling them to secure code signing at the speed of DevOps.”
Keyfactor Code Assure stores all code signing certificates from disparate network locations (i.e. developer workstations, build servers, and thumb drives) in a centralized and secure HSM, Thales’ SafeNet Cloud HSM On-Demand. Once inside, the certificates never leave the vault. Only developers with the right access can request code signage, where it is then signed and returned to the user. Access controls ensure that only developers with the right privileges can sign software and firmware during the time windows designated by the certificate owner.
“The Keyfactor platform has many applications for helping secure the Internet of Things, manufacturing, connected automobiles as well as code signing. The flexibility of these cloud solutions means customers can move their enterprise services to the cloud and get all the benefits of owning PKI while minimizing the risks,” said Todd Moore, Senior Vice President of Encryption Products at Thales.
Gartner Inc., a research and advisory firm, recommends companies “leverage code repositories by enabling signing and time stamping code when it’s checked in to build up a history over time that can inform specific secure coding behaviors.”*
Keyfactor Code Assure has already been adopted by Fortune 500 leaders that value security and trust as utmost priority. This integration allows these organizations to:
• Defend their business and users against the rising threat of code signing hacks
• Get complete visibility and control of keys and certificates for security teams
• Enable DevSecOps with simple and secure workflows for developers
• Deploy with zero disruption to existing SDLC or build processes
• Support secure code signing of virtually any code, anywhere – including Windows binaries, Java, IoT firmware, and more
• Empower distributed development teams with a unique, patented technology to sign code from build servers and workstations – without the private keys ever leaving the auditable, protected confines of a Hardware Security Module (HSM)
For more information on Keyfactor Code Assure, please visit www.keyfactor.com/keyfactor-code-assure
-30-
*Gartner, Solution Comparison for PKI, April 26, 2019

Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Keyfactor Media Contact
Sarah Hance
sarah.hance@keyfactor.com
216.785.2291

MRB Public Relations Media Contact
Michael Becce
mbecce@mrb-pr.com
732.758.1100
2 East Main Street, Freehold, NJ 07728

About Keyfactor
Keyfactor is a leading provider of secure digital identity management solutions that enable organizations to confirm authenticity and ensure the right things are interacting in the right ways in our connected world.

From an enterprise managing millions of devices and applications that affect people’s lives every day to a manufacturer aiming to ensure its product will function safely throughout its lifecycle, Keyfactor empowers global enterprises with the freedom to master every digital identity. Its clients are the most innovative brands in industries where trust and reliability matter most.

This release was published on openPR.

Permanent link to this press release:

Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release Keyfactor and Thales Address Code Signing Cyber-Attacks Targeting Businesses here

News-ID: 1778064 • Views: 654

More Releases from MRB Public Relations

Digital Defense, Inc. and UTSA Partnership Facilitates Cybersecurity Career Read …
(San Antonio, July 23, 2019) – Digital Defense, Inc. and The University of Texas at San Antonio (UTSA) Department of Computer Science jointly announced today a partnership that will provide students and faculty with access to an award-winning cloud-based information security platform to further enrich the students’ cybersecurity education. UTSA students and faculty will be able to utilize Digital Defense’s flagship Frontline.Cloud™ platform to evaluate the security posture of applications, systems
SQUAN Launches New Technical Division to Serve Complex Network Infrastructure Co …
Former Verizon Rockstar, Anand Gandhi, Joins SQUAN to Lead New Wireless Technology Division Englewood, New Jersey – July 1, 2019 – SQUAN, an industry leader specializing in telecommunications design/build services for network infrastructure, announced today the appointment of Anand Gandhi as CTO and leader of its newest division, SQUAN Technology. As CTO of SQUAN’s wireless technology division, Gandhi will develop and grow the technology group by expanding engineering services to
Imagination Park Executes Agreement to Bring Augmented Reality Experiences to Fl …
Metro Group Miami working closely with Leaders of the Florist Marketplace Vancouver, CANADA – June 27, 2019 – Imagination Park Technologies Inc. (CSE: IP) (OTC: IPNFF), the company bringing augmented reality (AR) experiences to consumers and retailers, today announced that Field of Flowers in Davie, Florida has signed a deal that will look to bring unique augmented reality experiences to consumers in South Florida. Field of Flowers is among the largest
Siemplify Enhances Security Operations Platform with Advanced Crisis Management …
Version 5.0 continues the evolution of the leading independent SOAR platform, from tactical actions to strategic objectives that benefit the entire organization NEW YORK and TEL AVIV, Israel – June 6, 2019 – Siemplify, the leading independent provider of security orchestration, automation and response (SOAR), today released a new version of its security operations platform. Version 5.0 continues to raise the bar for end-to-end security operations management, adding new capabilities

All 5 Releases


More Releases for Keyfactor

IoT IAM Market Share 2021: Global Trends, Key Players, Industry Analysis Report …
The IoT IAM Market size is expected to grow at an annual average of 33% during 2021-2027. The simple and significant changes brought by Internet of Things (IoT) vendors that show promise for better and better security solutions for identity and access management (IAM) systems are expected to change the game of the global market. (Get 15% Discount on Buying this Report) A full report of IoT IAM Market is available
Probe Station Market Size, Share, Development by 2025
LP INFORMATION recently released a research report on the Probe Station market analysis, which studies the Probe Station's industry coverage, current market competitive status, and market outlook and forecast by 2025. Global “Probe Station Market 2020-2025” Research Report categorizes the global Probe Station market by key players, product type, applications and regions,etc. The report also covers the latest industry data, key players analysis, market share, growth
MicropositionerMarket to Witness Robust Expansion by 2025
MicropositionerMarket to Witness Robust Expansion by 2025 LP INFORMATION recently released a research report on the Micropositionermarket analysis, which studies the Dynamic Light Scattering (DLS) Analysis's industry coverage, current market competitive status, and market outlook and forecast by 2025. Global “ Global MicropositionerMarket Growth 2020-2025 ” Research Report categorizes the global Dynamic Light Scattering (DLS) Analysis market by key players, product type, applications and regions,etc. The report
Coronavirus (COVID-19) Impact on Low Temperature Probe Station Market Status, Pl …
LOS ANGELES, United States: The report titled, Global Low Temperature Probe Station Market is recently published by QY Research. The analysts and researchers have performed primary as well as secondary research on a large scale with the help of various methodologies like Porter’s Five Forces and PESTLE Analysis. Get the Sample of this Report with Detail TOC and List of Figures@https://www.qyresearch.com/sample-form/form/1896331/global-low-temperature-probe-station-market Key trends and opportunities that may emerge in the near future have
Cryogenic Probe Station Market 2020 Growth Factors, Challenges, Opportunities, S …
LOS ANGELES, United States: The report titled, Global Cryogenic Probe Station Market is recently published by QY Research. The analysts and researchers have performed primary as well as secondary research on a large scale with the help of various methodologies like Porter’s Five Forces and PESTLE Analysis. Get the Sample of this Report with Detail TOC and List of Figures@https://www.qyresearch.com/sample-form/form/1896330/global-cryogenic-probe-station-market Key trends and opportunities that may emerge in the near future have been
IoT IAM Market Growth Set to Surge Significantly during 2027 | Amazon Web Servic …
IoT IAM Market Forecast to 2027 - COVID-19 Impact and Global Analysis by Component (Solution, Services); Security Type (Network Security, Endpoint Security, Application Security, Cloud Security, Others); Deployment Type (On-Premise, Cloud-Based); Industry (BFSI, Automotive, Healthcare, Telecom and IT, Manufacturing, Public Sector and Utilities, Retail and Consumer Goods, Others) and Geography The IoT IAM market is driven by factors such as rise in adoption of BYOD trend, rise in frequency of cybersecurity