AppViewX SIGN+ Released
November 15, 2023

AppViewX launched AppViewX SIGN+, a flexible and secure code signing solution that enables DevOps teams to quickly and easily secure their software supply chain.

With multiple deployment options, including code signing as a service, AppViewX SIGN+ seamlessly integrates into DevOps processes to enable frictionless code signing to validate the integrity of software applications and their components.

“The recent CA/Browser (CA/B) Forum requirements for code signing certificates and keys to be stored on secure hardware is in direct response to increasing threats targeting weak code signing processes and critical software supply chain vulnerabilities,” said Ravishankar Chamarajnagar, Chief Product Officer at AppViewX. “Code-signing certificates and keys have become high-value targets for attackers, as evidenced in the SolarWinds compromise. With AppViewX SIGN+, we are offering a fully compliant code signing solution that allows developers to easily sign code, maintain speed and agility, and prove the integrity, validity, and security of code throughout the software development lifecycle.”

Using a centralized and integrated approach, AppViewX SIGN+ simplifies and secures code signing for source code, binaries, containers, and firmware. AppViewX SIGN+ integrates with native signing tools, CI/CD pipelines and workflows to ensure all code is signed before deployment, and meets security and compliance requirements. It also provides full visibility and policy-driven control over private key storage, code-signing certificate management, and access.

AppViewX SIGN+ provides the following capabilities and benefits:

Secure and Protected Code Signing

-Supports private and public code signing certificates for both internal and external use cases
- CA/B Forum compliant private key protection – FIPS 140-2 (and higher) certified HSMs
- Timestamping to support long term validation of signatures
- Supports all standard asymmetric cryptographic algorithms, RSA, ECDSA, and DSA, and is Post-Quantum Cryptography ready

Seamless and Flexible Deployment and Integrations

- Deployment options include on-premises and SaaS offerings for enterprise DevOps teams and outsourced development operations
- Integration with native signing tools and CI/CD pipelines to integrate code signing in build processes
- Option to upload and sign code in the AppViewX SIGN+ console

Code Signing Policy and Access Control

- Centralized control of code signing certificates and private keys
- Role based access control and policy controlled signing to ensure user permissions and authorization and key protection
- Visibility into signing events including usage, signing and audit trails

With flexible deployment and integration options, AppViewX SIGN+ is available now and is part of the AppViewX Digital Trust Platform that includes AppViewX CERT+, AppViewX PKI+, and AppViewX KUBE+ for automating PKI and certificate lifecycle management across complex hybrid multi-cloud environments.

Share this

Industry News

November 21, 2024

Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.

November 21, 2024

Securiti announced a new solution - Security for AI Copilots in SaaS apps.

November 20, 2024

Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.

November 20, 2024

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:

November 20, 2024

Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.

November 20, 2024

Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.

November 19, 2024

OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.

November 19, 2024

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.

November 19, 2024

Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.

November 19, 2024

Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.

November 19, 2024

Rafay Systems announced new platform advancements that help enterprises and GPU cloud providers deliver developer-friendly consumption workflows for GPU infrastructure.

November 19, 2024

Apiiro introduced Code-to-Runtime, a new capability using Apiiro’s deep code analysis (DCA) technology to map software architecture and trace all types of software components including APIs, open source software (OSS), and containers to code owners while enriching it with business impact.

November 19, 2024

Zesty announced the launch of Kompass, its automated Kubernetes optimization platform.

November 18, 2024

MacStadium announced the launch of Orka Engine, the latest addition to its Orka product line.