Code Signing in the Software Supply Chain – Expert Source

By   ISBuzz Team
Writer , Information Security Buzz | May 20, 2021 02:20 am PST

We’re quickly moving toward a reality where everything needs to be signed. Not just the software we buy from third-party vendors, but also the software we build and deploy within our own organizations — everything from PowerShell scripts, Bash scripts, containers, libraries, files, and executables. Thanks to the adoption of CI/CD and build and test automation tools, application and operations teams are moving faster than ever, but that means fewer human eyes with a direct line of sight into what’s happening throughout the pipeline.