Secure digital signing, without the hassle.

Make signing effortless for developers and easy to manage for security.

Protect the integrity of code, containers, and software with secure code signing as a service. With Keyfactor Signum, sensitive keys are protected, policy is automated, and signing is integrated with your tools and build processes.

Try It Now on Azure

Download Datasheet

Sign with

Protect access to sensitive signature keys, without disrupting IT workflows and build processes.
Keyfactor Signum integrates with the signing tools your teams already use.

Protect sensitive keys

Generate and store sensitive private signing keys in a centralized, FIPS 140-2 certified hardware security module (HSM) in the cloud.

Enforce policy

Define granular access and usage policies for private signing keys, and authenticate users and build servers for signing with a full audit trail.

Make it invisible

Integrate with platform-native signing tools to protect access to private signing keys, without changing workflows.

Make signing simple.
One platform, any tool.

Forget manual, error-prone signing processes. Keyfactor Signum integrates with IT workflows and CI/CD tools to provide efficient signing without slowing down development.

Integrate with signing tools via lightweight Windows and Linux agents that are quick to install on build servers or developer workstations.

Maintain centralized control while enabling decentralized code signing for remote application teams, wherever they are.

Mitigate attacks and prevent unauthorized signing.

Code signing is a powerful tool — if it’s secure. Prevent unauthorized access and use of signing keys with authentication and policy workflows.

Prevent unauthorized signing by configuring user roles and permissions and authenticating developers and build servers before signing.

Automate policy enforcement by defining key usage permissions based on specific users, groups, devices, time and location, or signing tool.

Securely manage keys.
Simplify compliance.

Code signing keys are high-value targets. Keyfactor Signum ensures that private keys never leave the HSM and access is restricted.

Use the built-in FIPS 140-2 certified HSM to generate and store private keys, without having to install on-premise hardware.

Generate key attestation to comply with CA/B forum requirements to verify that keys are stored and generated in an HSM.

See who signed what,
where, and when.

No guesswork, no chasing down developers. Rest assured that only the right code is signed with the right key at the right time and place.

Centralize management of code signing certificates, policies, and permissions in a single dashboard.

Simplify audits with a complete event log of usage and access to code signing private keys.

Key features

HSM-backed keys

Generate and store private signing keys in a FIPS 140-2 certified HSM and ensure they never leave the HSM.

Policy enforcement

Set granular access controls for signing, such as authorized users, devices, signing tools, time windows, and more.

Native integration

Agents for Windows (KSP) and Linux (PKCS11) are compatible with platform-native tools to enable remote signing.

Event logs

Maintain an irrefutable log of all signing key access and usage activities to identify anomalies and simplify audits.

Authentication

Integrate with your identity provider (e.g., Azure AD, Okta) to enable SAML, OAuth, or basic authentication.

Key attestation

Keyfactor can support customers by generating attestation of the signing keys, which will help customers comply with upcoming changes from public CAs.

Download Datasheet

Ready to
get started?

Protect your code signing keys, prevent unauthorized signing, and enable
developers to move fast. Watch a 30-minute recorded demo or request a
demo with an expert.

Try It Now on Azure

Enterprise

Keyfactor EJBCA

Keyfactor Command

Keyfactor Command for IoT

Keyfactor Signum

Keyfactor SignServer

Identity-first security

Open Source

EJBCA Community

SignServer Community

BouncyCastle Support

Keyfactor GitHub

Developer Community

Identity-first security

Developer Community

IoT

Automotive

Medical

Telecom

Industrial IoT

Smart Home

Watch a Demo

Enterprise

Prevent Outages

Modernize PKI

Secure DevOps

Enable Zero Trust

Achieve Crypto-Agility

Explore Integrations

Watch a Demo

Explore Integrations

Company

About Keyfactor

Careers

Partners

Newsroom

Contact us

Latest News

Keyfactor Wins 2023 Fortress Cyber Security Award for Second Consecutive Year

May 31, 2023

Resources

Case Studies

Data Sheets

Solution Briefs

White Papers

Reports

Watch a Demo

Blog

Events & Webinars

Education Center

Explore Integrations

Watch a Demo

Explore Integrations

Secure digital signing, without the hassle.

Make signing effortless for developers and easy to manage for security.

Sign with

Protect sensitive keys

Enforce policy

Make it invisible

Make signing simple. One platform, any tool.

Mitigate attacks and prevent unauthorized signing.

Securely manage keys. Simplify compliance.

See who signed what, where, and when.

Key features

HSM-backed keys

Policy enforcement

Native integration

Event logs

Authentication

Key attestation

Ready to get started?

Make signing simple.
One platform, any tool.

Securely manage keys.
Simplify compliance.

See who signed what,
where, and when.

Ready to
get started?