DigiCert partners with ReversingLabs to advance software supply chain security
DigiCert integrates ReversingLabs technology into DigiCert® Software Trust Manager to create tamper-proof software delivery
Posted: Thursday, Jun 08
  • KBI.Media
  • $
  • DigiCert partners with ReversingLabs to advance software supply chain security
DigiCert partners with ReversingLabs to advance software supply chain security

(Australia) June 8, 2023 — DigiCert, a leading global provider of digital trust, today announced a partnership with ReversingLabs, a leader in software supply chain security, to enhance software security by combining advanced binary analysis and threat detection from ReversingLabs with DigiCert’s enterprise-grade secure code signing solution. DigiCert customers will benefit from improved software integrity through deep analysis that shows their software is free from known threats like malware, software implants, software tampering and exposed secrets before they securely sign it.


“DigiCert’s partnership with ReversingLabs advances supply chain security through threat detection and secrets protection delivered by automated workflows that seamlessly operate within DevOps environments and CI/CD pipelines,” said Deepika Chauhan, Chief Product Officer at DigiCert. “This newly combined solution protects against software-based vulnerabilities and attacks, helping organisations ensure digital trust and build confidence with their customers.”


“ReversingLabs is excited to partner with DigiCert to help solve software supply chain security issues at all stages of the software development and deployment process,” said Mario Vuksan, CEO and Co-founder at ReversingLabs. “Every DigiCert customer needs to think about the integrity of the software they build, buy or run. Our work together will strengthen the ecosystem and provide organisations with the necessary tools to ensure the trustworthiness of their software.”


“Organisations must take proactive efforts to secure their software supply chain to withstand the continuing and evolving threats of cyberattacks,” said Katie Norton, Senior Research Analyst for IDC’s DevOps & DevSecOps research practices. “Digital trust strategies that centralise, standardise and unify software security practices play a key role in improving resiliency and user trust.”


Weaknessesin the software supply chain have been exploited in recent years, resulting in tampering, malware insertion and other threats to critical business software. A recent ReversingLabs survey found that nearly 90 percent of technology professionals detected significant risks in their software supply chain in the last year. More than 70 percent said that current application security solutions are not providing necessary protections.


“In Asia Pacific, only 38% of firms consider software supply chain risk a key priority; however, more than half have been negatively impacted by between two to five cybersecurity breaches in their supply chain. There is an obvious gap between the need to identify the software supply chain as a point of security risk and putting in resources to improve software security. With APAC firms looking to bolster supply chain defence, adding threat detection to the enterprise-grade secure code signing workflows in Software Trust Manager will help firms in the region address that gap and ensure that their software supply chain is trusted,” said Armando Dacal, Group Vice President APJ, DigiCert


Powered by ReversingLabs, threat detection within DigiCert Software Trust Manager secures the software supply chain through advanced, comprehensive detection of threats such as malware, software tampering, inclusion of secrets and certificate misconfigurations in open-source software, proprietary software, containers and release packages.


Software Trust Manager provides a single workflow that is centrally controlled across the organisation. The solution also generates a comprehensive software bill of materials (SBOM) covering internally developed and third-party software, such as open-source and commercially licensed software. As attacks on the software supply chain increase, threat detection and SBOM generation are becoming increasingly important and the focus of government and industry regulations.


To learn more, visit https://www.digicert.com/software-trust-manager, or read our blog about how Software Trust Manager protects the software supply chain. Also, register for a June 13 webinar on digital trust in software supply chains and AI models.



About DigiCert, Inc.

DigiCert is a leading global provider of digital trust, enabling individuals and businesses to engage online with the confidence that their footprint in the digital world is secure. DigiCert® ONE, the platform for digital trust, provides organisations with centralised visibility and control over a broad range of public and private trust needs, securing websites, enterprise access and communication, software, identity, content and devices. DigiCert pairs its award-winning software with its industry leadership in standards, support and operations, and is the digital trust provider of choice for leading companies around the world. For more information, visit www.digicert.com or follow @digicert.


About ReversingLabs
ReversingLabs protects the modern enterprise from sophisticated software supply chain security attacks, malware, ransomware, and other threats.

The ReversingLabs Software Supply Chain Security Platform analyses any file, binary, or software package, including those that evade traditional security solutions. The hybrid-cloud, privacy centric platform democratises insights across the enterprise, enabling development teams to securely release applications; third-party risk teams to safely procure software; and security operations teams to monitor, isolate and quickly respond to threats.

ReversingLabs data is used by more than 65 of the world’s most advanced security vendors and their tens of thousands of security professionals. ReversingLabs enterprise customers span all industries, leveraging integrations with popular DevSecOps and SOC platforms that enable teams to access the analysis they need to make quick security verdicts, eliminate threats, and release software with confidence.

Share This