Tuesday, February 18, 2020

Learn more on March 11th during a live webinar with Device Authority and Venafi

Device Authority, a global leader in Identity and Access Management (IAM) for the Internet of Things (IoT), today announced its latest software release, KeyScaler 6.6 which includes the code signing and secure updates solution for IoT as part of the Venafi Machine Identity Protection Development Fund, previously announced on Oct 31st 2019.

IoT devices are usually updated automatically without direct end user intervention.  Because of this, software updates can be a key target for cybercriminals to add malicious code.  These updates could be used to gather sensitive customer information and/or change the operating behavior of the device damaging the IoT vendors reputation. Without code signing, the IoT device vendor cannot guarantee that delivered updates isn’t modified by third parties.

Using their sponsorship from Venafi, Device Authority has developed a new turn-key code signing and secure update delivery solution for KeyScaler. Powered by Venafi’s Next-Gen Code Signing platform, the solution helps automate and connect security policy and controls to secure the code signing and update delivery process.

Device Authority’s KeyScaler platform also provides an automated solution to provision unique certificates, signed by a pre-configured Certificate Authority, to IoT devices – without requiring any human intervention. Additionally, Device Authority has created a new Certificate Authority service connector for the Venafi Platform. This will allow KeyScaler customers to use the Venafi platform as a source for certificate issuance.

“Code signing machine identities are the keys to the kingdom for attackers that target high-value IoT devices. Compromised code signing certificates can be used to hold a fleet of devices for ransom and open the door malicious updates,” said Kevin Bocek, vice president of security strategy and threat intelligence for Venafi. “Using the power of the cloud, Device Authority is providing IoT developers with an innovative, seamless and distributed way to get software and firmware signed safely. The powerful combination of Venafi Next-Gen Code Signing and KeyScaler is one more example of the Machine Identity Protection Fund in action. We’re delivering on our vision of a world in which all machine identities are secure and protected.”

Venafi Next-Gen Code Signing and Device Authority KeyScaler integrate seamlessly to secure your organization’s code signing and update delivery process for IoT devices. This provides value to organizations in many industries (such as healthcare, industrial, automotive, smart connected devices) by delivering:

  • Automated code signing certificate lifecycle which eliminates the requirement for software teams to manage this themselves
  • Secure code signing and update delivery activities through policy enforcement
  • Trusted and validated IoT device updates

“Being accepted into Venafi’s development fund was a huge success for Device Authority. We have completed the development and integration over the last couple of months and now have a credible code signing and secure updates solution which enterprises can leverage today,” said Darron Antill, CEO of Device Authority.



Sign up to webinar on March 11th: IoT Security 101: Why a secure code signing process is critical for IoT

Download the Solution Brief

Watch a Demo Video

Venafi’s Machine Identity Protection Global Summit

Venafi’s Marketplace


About Device Authority

Device Authority is a global leader in Identity and Access Management (IAM) for the Internet of Things (IoT); focused on medical / healthcare, industrial and smart connected devices. Our KeyScaler™ platform provides trust for IoT devices and the IoT ecosystem, to address the challenges of securing the Internet of Things. KeyScaler uses breakthrough technology including Dynamic Device Key Generation (DDKG) and PKI Signature+ that delivers unrivalled simplicity and trust to IoT devices. This solution delivers automated device provisioning, authentication, credential management, policy based end-to-end data security/encryption and secure updates.

With offices in Fremont, California and Reading, UK, Device Authority partners with the leading IoT ecosystem providers, including AWS, DigiCert, Gemalto, HID Global, Microsoft, nCipher Security, PTC, Thales, Venafi, Wipro and more. Keep updated by visiting www.deviceauthority.com, following @DeviceAuthority and subscribing to our BrightTALK channel.