Speakers: Eddie Glenn, Laurent Domenech
Code signing is an effective security measure to ensure the authentication and authorship of a particular piece of signed software. However, recent attacks such as those that occurred at Solarwinds and Codecov are demonstrating that hackers are now targeting intermediate software artifacts in the software build pipeline. To protect against these types of software build attacks, it is necessary for software organizations to protect intermediate artifacts such as source code, software libraries, and build automation scripts. This is often easier said than done because managing and securing code signing keys and certificates is error-prone and time consuming. A recently released integration between GitLab and Venafi’s CodeSign Protect enables software developers to easily sign their intermediate software artifacts without leaving their GitLab CI/CD pipelines.
Get in touch with Sales: bit.ly/2IygR7z
15 авг 2024
