Digital Trust for:
Enterprise IT, PKI & Identity
Code & Software Signing
Documents & eSignatures
IoT & Connected Devices
Explore these pages to discover how DigiCert is helping organizations establish, manage and extend digital trust to solve real-world problems.
Industry Standards for Security & Trust
DevSecOps is a security function within a DevOps team that is responsible for defining and implementing corporate security policy as it relates to software development and engineering processes. DevSecOps may be responsible for guiding decisions around code signing, data privacy, software supply chain, and other activities that govern security of systems and data.
Key sharing refers to a practice of storage and use of the same signing keys among members of a development organization. While convenient for fast access, this practice opens the security risk for key theft and misuse and expands the threat vector for intentional or unintentional damage. Lost or stolen private keys can impact productivity, pulling team members away from priority projects to do remediation. Key sharing can also result in older application versions becoming distrusted.
HSM stands for Hardware Security Model. An HSM is a physical computing device that is specifically designed to safeguard and manage digital keys.
The PKCS#11 refers to both the standard (Public-Key Cryptography) and the API to interact with cryptographic tokens. The standard defines the interface to cryptographic tokens such as hardware security modules (HSM) and smart cards. The API defines commonly used cryptographic object types (such as X.509 certificates) and the functions needed to create/generate, modify, use, and delete these objects.
KSP stands for Key Storage Provider, and it provides key storage and retrieval for private keys.
In some instances, when a file needs to be signed, the signing service requires that the entire source file be uploaded to the service for processing and signing. With hash signing, only the hash of the source file is uploaded to the signing service. This eliminates the network latency involved in uploading a large file and it increases security in the signing process, because the source code does not leave the development environment.
© 2024 DigiCert, Inc. All rights reserved.
Legal Repository Audits & Certifications Terms of Use Privacy Center Accessibility Cookie Settings