https://store-images.s-microsoft.com/image/apps.12335.4c6a3957-2ed5-4274-8ca1-50ce4c10ebd7.ae26737f-9ab5-4c02-ac3e-1c92f11fba73.0913a7b7-e60d-4975-8cbb-fb59b5eb4134

Signum SaaS

Keyfactor, Inc.

Signum SaaS

Keyfactor, Inc.

Secure digital signing, without the hassle. Make signing effortless for developers.

Make signing effortless for developers and easy to manage for security.

Protect the integrity of code, containers, and software with secure code signing as a service. With Keyfactor Signum, sensitive keys are protected, policy is automated, and signing is integrated with your tools and build processes.

Whether you build software applications, deploy scripts and containers, or deliver over-the-air (OTA) updates to connected IoT devices, code signing is a critical step to prevent malware spread and protect your business against malicious actors in the software supply chain. However, insecure signing tools and processes leave many organizations vulnerable to attack. All too often, shortcuts result in private keys being stored on workstations, readme files, and build servers where they are susceptible to theft or misuse. Security teams struggle to manage signing keys, where they are stored, and who has access to them. Keyfactor Signum helps security teams safeguard code signing processes with centralized key storage and policy enforcement from a single console, combined with lightweight agents to plugin to platform-native signing tools used in your development or IT environment. By integrating with existing tools, the platform makes it easy for IT teams and developers to sign code without friction, while the security team maintains control over key protection, access, and usage.

Key Features:

  • HSM-backed keys - Generate and store private signing keys in a FIPS 140-2 certified HSM and ensure they never leave the HSM.
  • Policy enforcement - Set granular access controls for signing, such as authorized users, devices, signing tools, time windows, and more.
  • Native - Agents for Windows (KSP) and Linux (PKCS11) are compatible with platform-native tools to enable remote signing.
  • Event logs - Maintain an irrefutable log of all signing key access and usage activities to identify anomalies and simplify audits.
  • Authentication - Integrate with your identity provider (e.g., Azure AD, Okta) to enable SAML, OAuth, or basic authentication.
  • Key attestation - Keyfactor can support customers by generating attestation of the signing keys which will help customers comply with upcoming changes from public CAs.
  • With Signum SaaS, via powerful automation, nothing is provisioned for you until you are ready. Fill out the options with the help of our getting started guide, and Keyfactor automation will handle the rest. Database, HSM, Signum all deployed specifically for your individual deployment. Get started today!


    https://store-images.s-microsoft.com/image/apps.45954.4c6a3957-2ed5-4274-8ca1-50ce4c10ebd7.5977f65e-f34f-4ef1-8287-5167baa81149.61097b6a-0bf6-4d8f-a5bd-38baf8152846
    /staticstorage/f6eb573/assets/videoOverlay_7299e00c2e43a32cf9fa.png
    https://store-images.s-microsoft.com/image/apps.45954.4c6a3957-2ed5-4274-8ca1-50ce4c10ebd7.5977f65e-f34f-4ef1-8287-5167baa81149.61097b6a-0bf6-4d8f-a5bd-38baf8152846
    /staticstorage/f6eb573/assets/videoOverlay_7299e00c2e43a32cf9fa.png
    https://store-images.s-microsoft.com/image/apps.38604.4c6a3957-2ed5-4274-8ca1-50ce4c10ebd7.d4778bee-18d3-4579-b1a9-a4da64e3026c.1edb6586-581f-4dbb-851c-735995ea72c9