Some fast facts from Gartner:
Digital transformation enables enterprises of all sizes to provide value to their customers in a fast and consistent manner. One crucial consideration of that transformation is the automation and security of software development and deployment (CI/CD) pipelines. These environments present a unique challenge to enterprise security and engineering teams, but code signing technology can help secure your software supply chain from end to end.
In this AMA session, we’ll discuss the role code signing plays in securing the software supply chain from cybercriminals, including guidance on signing and verification as baseline security requirements. The conversation will be based around top industry documentation, including NIST SP 800-218, NIST SP 800-190, CNCF Cloud Native Security whitepaper, CNCF Security Best Practices for Software Supply Chain, CIS guidance on Software Supply Chain, and OWASP SAMM.