Blog

Blog

What is Docker and How Does It Work?

    In March 2013, Docker was released as open source software and made its debut to the public. Originally,...
Read More
Blog

Zombie Infestation, Software Developer Tools, & the MS Visual Studio Attack

    In what can be seen as an ironic twist of fate, digital security firms Kaspersky and ESET reported...
Read More
Blog

How CodeNotary Can Protect You From Using Compromised Container Images

  The above video to use CodeNotary to sign a Docker container image. Be sure to note how the video...
Read More
Blog

The Problem with Using a Download Link

    There is a common misconception that HTTPS is protecting files on websites. As HTTPS is only encrypting communication...
Read More
Blog

Staying Safe When Pulling from Maven Central and Other Repos

    Maven works well, especially if you don’t want to rewrite a program from scratch every time you start...
Read More
Blog

Find & Continuously Monitor Your Kubernetes Environment for Unwanted Docker Images

    CodeNotary is the only decentralized, secure and blockchain based Kubernetes solution out there to guarantee the integrity of...
Read More
Blog

Security? With What Time? My Continuous Integration Backlog is Overflowing

    There are numerous security measures a developer can perform but nearly half (48%) of all developers say they...
Read More
Blog

Dos and Don’ts in Ethereum Parity Aura Genesis

    Blockchain is such a new innovation that holds unknown potential, it’s still very much a journey and not...
Read More
Blog

Free Continuous Integrity Verification of your Docker Containers

    In our last blog (here), we showed how to sign and verify your build code. With an established...
Read More
Blog

Code Signing Certificates’ Journey of Pain #3: When Even Signing Isn’t Enough

This is the third blog of the series and hopefully the last one as I am confident to have gone...
Read More
Blog

Verify the Integrity of a Docker Image for Free with CodeNotary

With CodeNotary you can finally verify that your Docker images are safe, untampered, and authentic. Thanks to blockchain technology and...
Read More
Blog

Protect Yourself from the Recent dockerhub.com Attack

Last week's dockerhub.com attack affects hundreds of thousands of accounts and exposes their containers to malicious code. We at CodeNotary...
Read More
Blog

Can GPG Secure the Software Industry?

    Code signing is important for proving the integrity and authenticity of software but can GPG secure the Software...
Read More
Blog

Jenkins Build Deployment Pipeline: A How To for Ensuring Integrity

    In this blog, we will briefly touch on the importance of DevOps having strong security, current hole in...
Read More
Blog

The Failure of the Certificate Revocation List (CRL)

  SHAttered: Cracks in Certificate Revocation List Protocols and How to Move Beyond Their Limitations   Overview When cybercriminals mask...
Read More
Blog

Can a Chrome Extension Protect Me from Malware Better Than Google and Digital Certificates Do?

  Today, when you look for a well-known application on Google, you are more than likely to find dozens of...
Read More
Blog

What the ASUS Software Updates Hijack Teaches Us About the Risks of Software Supply Chains

  What is ASUS ShadowHammer supply chain attack? On March 25th, Motherboard reported that hackers managed to hijack ASUS, the...
Read More
News

Opvizor using CodeNotary integrity for Snapwatcher latest release

Just last week Opvizor released the latest version of Snapwatcher. Instead of signing it with a digital certificate, Opvizor decided to...
Read More
Blog

The Distributed Ledger Technology at the Center of the Code Signing Disruption

Ever since the software industry witnessed the introduction of code signing, software users have learned to rely on digital certificates...
Read More
Blog

Stop paying for code signing certificates again with CodeNotary

Quite a bold statement you might wonder. But that is our goal for all non-commercial projects. The whole certificate authority...
Read More