In addition to making secure key management for code signing part of the development processes, Secure Software Manager makes delegation, signing and management auditable.
Secure Software Manager – built on the DigiCert One PKI management platform – includes command line tools for easy integration with CI/CD systems, RESTful APIs for custom integrations, simultaneous signing of Docker containers and software code, and automatic signing of packages, binaries and containers on every merge to master when authorised.
This reduces the risk of key theft and misuse, and helps protect intellectual property.
It also supports secure private key management in hardware security modules, deployment via SaaS or on a public or private datacentre, and centralised user management with role-based permissions and single sign-on.
An audit trail of signing activity is maintained for forensics and accountability purposes.
"Secure Software Manager meets customers where they need to be, whether on-premises, in the cloud, or in hybrid environments through the DigiCert One platform," said DigiCert senior vice president of product Brian Trzupek.
"Our customers can enjoy complete automation or tailor the solution to support the degree of functions they require and be assured of seamless integration with their familiar CI/CD tools and processes."
Secure Software Manager is available immediately.