Securing your Azure DevOps Ecosystem – Part 2

Securing your Azure DevOps Ecosystem, Jenkins and Kubernetes (AKS) – Part 2 The first part of the series about securing your Azure DevOps ecosystem covered Jenkins and the integration of CodeNotary into your Jenkins pipeline. That way you an easily notarize everything that gets produced in your very own pipeline. If you want to double […]

Jenkins Build Deployment Pipeline: A How To for Ensuring Integrity

    In this blog, we will briefly touch on the importance of DevOps having strong security, current hole in DevOps security aka DevSecOps, Jenkins Automation’s role in the build process, and with a technical walkthrough on how to integrate the vChain CodeNotary tool with your Jenkins build deployment pipeline to ensure its integrity.   […]

The Failure of the Certificate Revocation List (CRL)

  SHAttered: Cracks in Certificate Revocation List Protocols and How to Move Beyond Their Limitations   Overview When cybercriminals mask themselves in a cloak of trust utilizing stolen, legitimate credentials in order to infect entities, programs, and code, the world has more often than not turned to utilize a certificate revocation list (CRL). The CRLs […]

Opvizor using CodeNotary integrity for Snapwatcher latest release

Just last week Opvizor released the latest version of Snapwatcher. Instead of signing it with a digital certificate, Opvizor decided to use CodeNotary for integrity verification. Like other software vendors, Opvizor grew tired of paying $500 for a digital certificate to sign a low price range product. Just a few days before, in an interview with […]

The Distributed Ledger Technology at the Center of the Code Signing Disruption

Ever since the software industry witnessed the introduction of code signing, software users have learned to rely on digital certificates and GPG to verify the integrity and identity of software. Little questions were raised concerning the security of the certificates and GPG themselves. The “severe” scrutiny of the software publisher by the certificate authority and […]

Stop paying for code signing certificates again with CodeNotary

Quite a bold statement you might wonder. But that is our goal for all non-commercial projects. The whole certificate authority industry likes to make money on the back of non-commercial projects. They typically lure you into a free code signing certificate for 1 to 3 years and then there comes payday. If you don’t go […]