Digicert® Secure Software Manager

DigiCert Secure Software Manager

Gain full control and visibility over key protection and code signing security without interruption or delay to your DevOps.

Schedule a call

Trust and protection for developers and users

From office software to mobile apps to supply chain, code vulnerabilities present an enticing opportunity for bad actors to gain access to our private personal and business information. In fact, many criminals are also leveraging unprotected code signing keys to compromise software and systems, with vulnerabilities more than doubling year over year.

Full key protection. Simple management.

DigiCert Secure Software Manager is built to ensure code signing key protection while delegating cryptographic operations, signing activities and management—all in an easy-to-use platform that gives you the ability to audit and control your full code signing security landscape.

Sign more than code

With DigiCert Secure Software Manager, you can protect and manage everything from containers to images.

DigiCert Secure Software Manager - protects Software & Applications

Software & Applications

DigiCert Secure Software Manager - protects Files

Files

DigiCert Secure Software Manager - protects Scripts & XML

Scripts
& XML

DigiCert Secure Software Manager - protects Firmware

Firmware

DigiCert Secure Software Manager - protects Messages

Messages

DigiCert Secure Software Manager - protects Containers

Containers

DigiCert Secure Software Manager - protects Images

Images

DigiCert Secure Software Manager - protects Code

Code

Protect key usage

With DigiCert Secure Software Manager, key access and usage is always in control.

  • Prevent unauthorized use and remediate threats
  • Safely store keys offline for on-demand access
  • View keypairs and associated certificates in suspension pending investigation
  • Monitor 24/7 with reporting and auditing
  • Efficiently manage code signing activities in a single dashboard
DigiCert Secure Software Manager - Protect Key Usage

Sign faster and easier on more platforms

A wide range of signing and management options make it easy to secure your code.

  • Leverage hash signing to reduce latency and upload times
  • Eliminate the need for your own HSM
  • Make use of options for dedicated and shared private root
  • Integrate and automate code signing with CI/CD processes

Managing is easy, with strong granular controls over certificates and key pairs, so you can suspend, revoke, or backdate to minimize any negative impact on your delivery process. And, our management platform works for all keys, not just those from DigiCert. Import, export and test sign any certificate from a central interface.

DigiCert Secure Software Manager works with a variety of file types, including

OpenSSL  |  Java  |  Authenticode  |  Android  |  GPG  |  RPM  |  Debian  |  Docker  |  Nuget  |  ClickOnce

Sign with compliance

Thanks to code signing, key security and app integrity, your intellectual property is protected. Files are hashed, so nothing is uploaded to the cloud. This makes it easy to meet internal business policies. More, DigiCert strictly adheres to code signing industry requirements like public trust, multi-factor access and HSMs for key storage, so your property and processes are always in compliance.

How DigiCert ensures compliance

  • State-of-the-art data centers power modern PKI
  • Cloud-generated keys can be never be shared, lost or stolen
  • Permission-based access gives you control over who signs apps
  • All traffic is encrypted over HTTPS
  • Cryptographic library standards implemented using PKCS#11, Microsoft CNG/KSP, Apple KryptoTokenKit and others
DigiCert Secure Software Manager - How DigiCert ensures compliance

A more flexible approach

As part of a suite of modern PKI solutions inside DigiCert ONE, DigiCert Secure Software Manager is designed and built to be highly scalable and available. As part of a suite of modern PKI solutions inside DigiCert ONE, DigiCert Secure Software Manager is designed and built to be highly scalable and available.

Deploy on-premises

Deploy on-premises, in-country, cloud or hybrid to meet stringent requirements, regional compliance, custom integrations and air-gapped imperatives.

Stand up

Stand up in a fraction of the time with container-based architecture, and enjoy near instantaneous dynamic ICA creation, no matter how many millions of devices you’re managing.

Easily Monitor and Manage

Easily monitor and manage your entire security ecosystem from a single pane with full administrative tools, including advanced permissions and access controls.

Mitigate Risk

Mitigate risk and eliminate lapses with automated orchestration, continual updates, optimization and award-winning support.