Is your agency doing everything it can to protect against foreign interests from hacking the software that it relies on? From third party software libraries to in-house developed applications to PowerShell scripts, code signing is a necessary component to securing your software infrastructure. Code signing is effective at ensuring that the code you execute comes from where it claims to come from and hasn’t been modified by a third party.
However, hackers know this and they are stealing code-signing private keys to make their malware look legitimate. Signing code is no longer enough to protect against this threat. Agencies need to protect the code signing credentials that they utilize and ensure that they are only ever used for authorized circumstances.
In this webcast we’ll discuss:
- How to ensure that cybercriminals do not steal your code signing credentials
- How code signing is an effective tool to protect against PowerShell modification
- Homeland Security's CISA Alert AA220-006A and what precautions you should take to protect PowerShell scripts from 3rd party modification