DIGICERT® SECURE SOFTWARE MANAGER
Gain full control and visibility over key protection and digitally sign code and
software without interruption or
delay to your business and
Secure Code Signing Key Protection for Developers and Users
From office software to mobile apps to supply chain, code vulnerabilities present an enticing opportunity for bad actors to gain access to private personal and business information by taking advantage of vulnerabilities in communication, file transfer, CI/CD and the DevOps process.
Full Private Key Protection. Simple Management Service.
DigiCert Secure Software Manager is built to ensure code signing key protection while delegating cryptographic operations, signing activities and management—all in an easy-to-use platform that gives you the ability to audit and control your full code signing security landscape.
Sign more than code
With DigiCert Secure Software Manager, you can protect and manage everything from containers to images. Our end-to-end key and signing management solution secures communication, DevOps processes and assets—all without interruptions, delays, or the need to give up control of your data.
Software & Applications
Scripts & XML
Secure a variety of applications and uses
DigiCert Secure Software Manager seamlessly signs high volumes of key certificates with high levels of automation. Our flexible solution easily integrates across a wide variety of use cases.
- Mobile Apps – Android and iOS
- Public Trust signing – Microsoft
- Private Trust signing – Roots dedicated to customer
- Container and Docker – Customizable options
- IoT devices – Up and down to devices in the field
Protect private key usage and signatures
With DigiCert Secure Software Manager, key access and usage is always in control.
- Prevent unauthorized use and remediate threats
- Safely store keys offline for on-demand access
- View keypairs and associated certificates in suspension pending investigation
- Monitor 24/7 with reporting and auditing
- Efficiently manage code signing activities in a single dashboard
Sign faster and easier on more platforms
A wide range of signing and management options make it easy to secure your code.
- Leverage hash signing to reduce latency and upload times
- Eliminate the need for your own HSM
- Make use of options for dedicated and shared private root
- Integrate and automate code signing with CI/CD processes
End-to-end key management encryption is easy, with strong granular controls over certificates and key pairs, so you can suspend, revoke, or backdate to minimize any negative impact on your delivery process. And, our management platform works for all keys, not just those from DigiCert. Import, export and test sign any certificate from a central interface.
DigiCert Secure Software Manager works with a variety of file types, including
Sign with compliance
Thanks to code signing, key security and app integrity, your intellectual property is protected. Files are hashed, so nothing is uploaded to the cloud. This makes it easy to meet internal business policies. More, DigiCert strictly adheres to code signing industry requirements like public trust, multi-factor access and HSMs for key storage, so your property and processes are always in compliance.
How DigiCert ensures compliance
- State-of-the-art data centers power modern PKI
- Cloud-generated keys can be never be shared, lost or stolen
- Permission-based access gives you control over who signs apps
- All traffic is encrypted over HTTPS
- Cryptographic library standards implemented using PKCS#11, Microsoft CNG/KSP, Apple KryptoTokenKit and others
A more flexible approach
As part of a suite of modern PKI solutions inside DigiCert ONE, DigiCert Secure Software Manager is designed and built to be highly scalable and available.
Deploy on-premises, in-country, cloud or hybrid to meet stringent requirements, regional compliance, custom integrations and air-gapped imperatives.
Stand up in a fraction of the time with container-based architecture, and enjoy near instantaneous dynamic ICA creation, no matter how many millions of devices you’re managing.
Easily monitor and manage your entire security ecosystem from a single pane with full administrative tools, including advanced permissions and access controls.
Mitigate risk and eliminate lapses with automated orchestration, continual updates, optimization and award-winning support.
IS WEAK SECURITY THE HOLE IN YOUR DEVOPS LOOP?
Agility and speed are crucial to the CI/CD process. But so is security. Without the right tools and implementation for best practices for signing, your code, software, and apps are vulnerable to attack.
DigiCert Secure Software Manager is more than a code signing service. It’s a mindset that actually closes the DevOps loop.