DIGICERT® SECURE SOFTWARE MANAGER

Secure. Automate.
Manage. Audit.

Gain full control and visibility over key protection and digitally sign code and
software without interruption or
delay to your business and
development processes.

Secure Code Signing Key Protection for Developers and Users

From office software to mobile apps to supply chain, code vulnerabilities present an enticing opportunity for bad actors to gain access to private personal and business information by taking advantage of vulnerabilities in communication, file transfer, CI/CD and the DevOps process.

Full Private Key Protection. Simple Management Service.

DigiCert Secure Software Manager is built to ensure code signing key protection while delegating cryptographic operations, signing activities and management—all in an easy-to-use platform that gives you the ability to audit and control your full code signing security landscape.

Sign more than code

With DigiCert Secure Software Manager, you can protect and manage everything from containers to images. Our end-to-end key and signing management solution secures communication, DevOps processes and assets—all without interruptions, delays, or the need to give up control of your data.
Software & Applications

Software & Applications

Files

Files

Scripts & XML

Scripts & XML

Firmware

Firmware

Messages

Messages

Containers

Containers

Images

Images

Code

Code

SecureSoftwareManager_ComputerGraphic

Secure a variety of applications and uses

DigiCert Secure Software Manager seamlessly signs high volumes of key certificates with high levels of automation. Our flexible solution easily integrates across a wide variety of use cases.

  • Mobile Apps – Android and iOS
  • Public Trust signing – Microsoft
  • Private Trust signing – Roots dedicated to customer
  • Container and Docker – Customizable options
  • IoT devices – Up and down to devices in the field
SecureSoftwareManager_ComputerGraphic

Protect private key usage and signatures

With DigiCert Secure Software Manager, key access and usage is always in control.

  • Prevent unauthorized use and remediate threats
  • Safely store keys offline for on-demand access
  • View keypairs and associated certificates in suspension pending investigation
  • Monitor 24/7 with reporting and auditing
  • Efficiently manage code signing activities in a single dashboard

Sign faster and easier on more platforms

A wide range of signing and management options make it easy to secure your code.

  • Leverage hash signing to reduce latency and upload times
  • Eliminate the need for your own HSM
  • Make use of options for dedicated and shared private root
  • Integrate and automate code signing with CI/CD processes

End-to-end key management encryption is easy, with strong granular controls over certificates and key pairs, so you can suspend, revoke, or backdate to minimize any negative impact on your delivery process. And, our management platform works for all keys, not just those from DigiCert. Import, export and test sign any certificate from a central interface.

DigiCert Secure Software Manager works with a variety of file types, including

OpenSSL

JAVA

Authenticode

Android

GPG

RPM

Debian

Docker

Nuget

ClickOnce

COMPLIANCE

Sign with compliance

Thanks to code signing, key security and app integrity, your intellectual property is protected. Files are hashed, so nothing is uploaded to the cloud. This makes it easy to meet internal business policies. More, DigiCert strictly adheres to code signing industry requirements like public trust, multi-factor access and HSMs for key storage, so your property and processes are always in compliance.

How DigiCert ensures compliance

  • State-of-the-art data centers power modern PKI
  • Cloud-generated keys can be never be shared, lost or stolen
  • Permission-based access gives you control over who signs apps
  • All traffic is encrypted over HTTPS
  • Cryptographic library standards implemented using PKCS#11, Microsoft CNG/KSP, Apple KryptoTokenKit and others

A more flexible approach

As part of a suite of modern PKI solutions inside DigiCert ONE, DigiCert Secure Software Manager is designed and built to be highly scalable and available.

Enterprise

Deploy on-premises, in-country, cloud or hybrid to meet stringent requirements, regional compliance, custom integrations and air-gapped imperatives.

Infrastructure

Stand up in a fraction of the time with container-based architecture, and enjoy near instantaneous dynamic ICA creation, no matter how many millions of devices you’re managing.

Easy Integration

Easily monitor and manage your entire security ecosystem from a single pane with full administrative tools, including advanced permissions and access controls.

Easy Integration

Mitigate risk and eliminate lapses with automated orchestration, continual updates, optimization and award-winning support.

IS WEAK SECURITY THE HOLE IN YOUR DEVOPS LOOP?

Agility and speed are crucial to the CI/CD process. But so is security. Without the right tools and implementation for best practices for signing, your code, software, and apps are vulnerable to attack.

DigiCert Secure Software Manager is more than a code signing service. It’s a mindset that actually closes the DevOps loop.

Learn more about how DigiCert Secure Software Manager
delivers trust and identity