Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Code Signing

Windows 11 Security Measures: Safeguarding Home and Small Business PCs

When it comes to the security of YOUR home and small business PCs, you must rely on something other than a dedicated IT team like large corporations do. The responsibility falls on your shoulders, making prioritizing security from the outset essential. Waiting until after a catastrophic incident is too late. We created this guide to help you establish a strong security baseline and proactively tackle the most critical issues. This comprehensive guide goes beyond the Windows 11 operating system itself.

ChatGPT in Cyber Security: Need for Threat Detection and Mitigation

To develop practical solutions, it is crucial first to identify the primary threats that arise from the widespread use of ChatGPT. This article aims to analyze these emerging risks, discuss the necessary training and tools for cybersecurity professionals to respond effectively, and emphasize the importance of government oversight to prevent AI usage from undermining cybersecurity efforts. The emergence of ChatGPT brings both awe-inspiring possibilities and significant concerns regarding cybersecurity.

Best Code Signing Certificate Providers[CA] to Get Code Signing Cert

As we step into 2023, it becomes crucial for developers and organizations to identify the best code signing certificate providers who can offer top-notch security solutions without compromising affordability. At SignMyCode, we understand the significance of digital signing in safeguarding software applications from tampering, malware injection, and unauthorized modifications.

What is Key Attestation for Code Signing Certificates?

A lot has changed in the world of Code Signing since the month of June. And you must be curious about it too! The blog will explain key attestation, supporting hardware, and the pros and cons of using this method to deliver code signing certificates. New guidelines for distributing code signing certificates went into effect on June 1, 2023, to increase security. One of the most significant improvements requires the delivery of certificates using safe Hardware Security Modules (HSMs.

Top Best Practices for Storing X.509 Private Keys

Public Key Infrastructure (PKI) plays a vital role in managing the public keys utilized by networks. It’s used for public-key encryption, identity management, certificate distribution, and revocation. The foundation of a PKI system lies in asymmetric cryptography involving a pair of public and private keys. Safeguarding the X509 private key is an essential aspect of PKI management.

How to Order or Renew DigiCert Code Signing Certificates?

DigiCert is a reputable Certificate Authority (CA) that offers code signing certificates for ensuring software application integrity and security. Whether you are a developer looking to order a new code signing certificate or an existing certificate holder seeking to renew, DigiCert provides a seamless process to meet your needs. This article will guide you through the seamless steps of ordering or renewing your DigiCert code signing certificate.

How to Generate CSR and Key Attestation using YubiKey Manager for Code Signing Certificates

Want an additional layer of security for your software or app? YubiKey is a hardware that offers safe authentication and encryption for creating and authenticating private keys. Private keys generated by YubiKey devices may be secured such that they never leave the device, making them impenetrable to hackers. Due to New CA/B, If you are using an existing token such as YubiKey (FIPS Series), then here is the quick and easy guide that will help you to generate private key, CSR and Attestation Certificate in YubiKey using YubiKey Manage.

How to Sign .EXE File Using YubiKey Manager? - Detailed Guide from SignMyCode.com

Learn how to sign windows executables using YubiKey! Whenever you are individual software developer or a organization needs to publish software, code signing gets performed. It helps to build a trustworthy relationship with end-users, as signed software eliminates Unknown Publisher Warnings. According to new CA/Browser policies, every certificate owner needs to store the private key in a hardware token. And the token must align with FIPS standards. Otherwise, the certificate will not get issued.

DigiCert Code Signing Changes: New Private Key Storage & API Modifications

Beginning on June 1, 2023, at 00:00 UTC, industry standards will mandate that private keys for code signing certificates must be stored on hardware that meets specific security certifications such as FIPS 140 Level 2, Common Criteria EAL 4+, or an equivalent standard. This requirement applies to all new code signing certificate requests and requests for renewal and reissue of existing certificates.