IS YOUR CODE SECURE?
Code Signing with Engage HSMs Protects the integrity of your software
Learn More
Hardware Security Modules
Make your data, applications, and cryptographic keys safe with HSMs
Learn More
Hardware Security Modules
Make your data, applications, and cryptographic keys safe with HSMs
Learn More
Hardware Security Modules
Make your data, applications, and cryptographic keys safe with HSMs
Learn More
Are the Keys to your "Kingdom" Secure?

BlackVault HSMs excel at Cryptographic Key Generation, Protection and Storage

Learn More
Are the Keys to your "Kingdom" Secure?

Engage Black HSMs excel at Cryptographic Key Generation, Protection and Storage

Learn More
Are your Digital Certificates at Risk?
Engage Certificate Authority, with integrated HSM, keeps certificates secure
Learn More
Are your Digital Certificates at Risk?
Learn More
Engage Certificate Authority, with integrated HSM, keeps certificates secure
previous arrowprevious arrow
next arrownext arrow
Slider

Do you Trust your Software? Code Signing Technology Can Help

Engage Software Security

Can you trust everything that is on the Internet? Are you apprehensive about downloading new applications?  We all know someone who has been bit by malicious code. We also know the damage to a company’s reputation when it is reportedly their code that was infiltrated.

The ability of users to trust code that is published on the Internet is a major challenge facing the software industry. Large organizations deploying business applications must decide what software to trust. Building this trust requires a sure way through which users can verify the identity of a code publisher and verify that the code has not been changed since its release.

Code Signing is a technology that can significantly reduce the level of risk and minimize user exposure to malicious code. It identifies the publisher of signed software and verifies that it has not been tampered with before users download software to their PCs. As a result, end users can make a more informed decision as to whether to download code.

Most code signing applications store the signing key within the server that is performing the code signing function. Even if it is stored encrypted, it must be unencrypted within memory for a period of time. Protecting keys within Hardware Security Modules (HSM) provides physical and logical barriers to attack that do not exist with a software-only security solution. The keys never exist in an unencrypted form outside the HSM and all operations with the keys occur within the HSM.

BlackVault CA Pic 3x5 96dpi

The BlackVault CYNR is an appliance specifically designed for code and document signing.  

It is a self-contained device integrated directly with a HSM along with built-in controls including a touch screen display and smart card reader for administration and operation of the unit. 

The BlackVault CYNR can be readily configured to require a quorum of trusted individuals with unique ‘M of N’ 2-factor authentication smart cards to be present to authorize signing of code or documents. The signing keys never appear in the clear outside of the tamper-resistant module.  The device also includes a USB port that is used to provide the code modules that are to be signed.  External software libraries are not required for signing so the solution is not dependent upon OS platform integrations.

Is it time to step up the security of your code signing practices?  Engage Black is here to help!

 

Engage logo 990000 rev 2.000
9565 Soquel Drive Dr,
Aptos, CA 95003
 
Telephone: +1-831-688-1021
Toll Free : +1-877-ENGAGE4
Designed, Fabricated, and Assembled
in America icon
Supported Worldwide

© 1989-2025 Engage Communication, Inc. All Rights Reserved.