The SunBurst attack on SolarWinds revealed a critical truth: traditional code signing alone is no longer enough. Even software with valid signatures can hide compromised processes – creating a dangerous illusion of security.

At the same time, new regulations such as the EU Cyber Resilience Act (CRA) demand verifiable integrity, traceable SBOMs, and auditable development processes.

In this joint webinar, NTT, Thales, and SignPath demonstrate how organizations can close this gap by combining cryptographic expertise, Zero-Trust pipeline integrity, and Hardware Security Modules (HSMs).

You will learn:

• How developing crypto expertise through a Cryptographic Center of Excellence forms the foundation of security.

• How SignPath DevSec360 formalizes development processes into verifiable policies, enforces Zero-Trust checks across CI/CD pipelines, and signs only validated builds.

• How Thales Luna HSMs create a secure root of trust for signing keys.
  
  

Discover how these components together enable end-to-end security for your software supply chain – minimizing risk, ensuring compliance, and strengthening trust in every release.