Blog

Blog

Find & Continuously Monitor Your Kubernetes Environment for Unwanted Docker Images

    CodeNotary is the only decentralized, secure and blockchain based Kubernetes solution out there to guarantee the integrity of...
Read More
2 Replies
Blog

Security? With What Time? My Continuous Integration Backlog is Overflowing

    There are numerous security measures a developer can perform but nearly half (48%) of all developers say they...
Read More
Blog

Dos and Don’ts in Ethereum Parity Aura Genesis

    Blockchain is such a new innovation that holds unknown potential, it’s still very much a journey and not...
Read More
Blog

Free Continuous Integrity Verification of your Docker Containers

    In our last blog (here), we showed how to sign and verify your build code. With an established...
Read More
Blog

Code Signing Certificates’ Journey of Pain #3: When Even Signing Isn’t Enough

This is the third blog of the series and hopefully the last one as I am confident to have gone...
Read More
Blog

Verify the Integrity of a Docker Image for Free with CodeNotary

With CodeNotary you can finally verify that your Docker images are safe, untampered, and authentic. Thanks to blockchain technology and...
Read More
Blog

Protect Yourself from the Recent dockerhub.com Attack

Last week's dockerhub.com attack affects hundreds of thousands of accounts and exposes their containers to malicious code. We at CodeNotary...
Read More
Blog

Can GPG Secure the Software Industry?

    Code signing is important for proving the integrity and authenticity of software but can GPG secure the Software...
Read More
Blog

Jenkins Build Deployment Pipeline: A How To for Ensuring Integrity

    In this blog, we will briefly touch on the importance of DevOps having strong security, current hole in...
Read More
Blog

The Failure of the Certificate Revocation List (CRL)

  SHAttered: Cracks in Certificate Revocation List Protocols and How to Move Beyond Their Limitations   Overview When cybercriminals mask...
Read More
Blog

Can a Chrome Extension Protect Me from Malware Better Than Google and Digital Certificates Do?

  Today, when you look for a well-known application on Google, you are more than likely to find dozens of...
Read More
10 Replies
Blog

What the ASUS Software Updates Hijack Teaches Us About the Risks of Software Supply Chains

  What is ASUS ShadowHammer supply chain attack? On March 25th, Motherboard reported that hackers managed to hijack ASUS, the...
Read More
News

Opvizor using CodeNotary integrity for Snapwatcher latest release

Just last week Opvizor released the latest version of Snapwatcher. Instead of signing it with a digital certificate, Opvizor decided to...
Read More
Blog

The Distributed Ledger Technology at the Center of the Code Signing Disruption

Ever since the software industry witnessed the introduction of code signing, software users have learned to rely on digital certificates...
Read More
Blog

Stop paying for code signing certificates again with CodeNotary

Quite a bold statement you might wonder. But that is our goal for all non-commercial projects. The whole certificate authority...
Read More
Blog

The granularity of Digital Certificates

We all know how painful, cumbersome and complex a process it is to obtain a digital certificate to sign your...
Read More
Blog

Developers unite against the expensive and cumbersome code signing certificates!

We could write this blog post in my favorite Windows text editor, Notepad++.  And I bet millions of other users...
Read More
Blog

The Code Signing Certificates’ Journey of Pain: The Saga Continues

Incredibly, after nearly 3 weeks of back and forth, we finally find a way to get the certificate approval process...
Read More
Blog

Avoid the Digital and Code Signing Certificates’ Journey of Pain

Moshe and Dennis co-founded vChain, the company that created CodeNotary </>, out of their frustration with digital and code signing...
Read More
News

vChain, the global standard for enabling high-integrity, verifiable software distribution, opens its European research and development center in Vienna.

vChain offers a de-centralized trust verification platform for software publishers enabling businesses for the first time to authoritatively assert the...
Read More