Integrating Secure Code Signing in the CI/CD Pipeline

Presented by

Ryan Sanders, Sr. Dir Product & Customer Mktg & Eric Mizell, VP of Field Engineering Keyfactor; Brandon Dunlap, Moderator

About this talk

Code signing is a powerful method to protect the integrity of containers, artifacts, and software across the continuous integration and continuous deployment (CI/CD) pipeline. However, signing is more than just certificates and signatures. It’s about integrating the sign and verify process into your pipeline while keeping sensitive keys secure and in the right hands. If signing processes aren’t secure, it opens the door to malware, exploits, and supply chain attacks. On January 31 at 1:00 p.m. Eastern / 10:00 a.m. Pacific, join (ISC)² and Keyfactor to learn how your organization can take steps toward integrating fast and secure signing within your CI/CD pipeline. We’ll discuss: - Where code signing fits into the CI/CD pipeline - Best practices for signing key protection and policy control - Recommended methods for safeguarding your organization’s keys.

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (126)
Subscribers (6762)
Keyfactor is the machine and IoT identity platform for modern enterprises. The company helps security teams manage cryptography as critical infrastructure by simplifying PKI, automating certificate lifecycle management, and enabling crypto-agility at scale. Companies trust Keyfactor to secure every digital key and certificate for multi-cloud enterprises, DevOps, and embedded IoT security.