Garantir Blog

In this post, learn more about satisfying the requirements of three new frameworks for securing the software supply chain: Google’s SLSA Framework, Microsoft’s SCIM Framework, and CNCF’s Software Supply Chain Best Practices.

Enterprises have a wide array of resources to protect: file shares, email servers, production systems, databases, source code repositories, DevOps tools, and more. If key-based authentication is enforced for all of these different resources, and...

Garantir is pleased to announce new automated certificate management capabilities in the GaraSign product. The GaraSign approach enables the enterprise to centrally secure all private keys and streamline the certificate orchestration process.

Managing access to files and documents that have been downloaded and stored on end-user workstations is difficult. Check out this blog post to learn how to overcome this challenge.

Security controls like MFA and device authentication can be applied at the transport layer, which eliminates the need to modify web applications or the servers that host enterprise resources like email, files, data, and so...

Bring-your-own-device (BYOD) policies are becoming the new norm and, in combination with several recent events, the risk of a data breach via a stolen device or an insider threat is a cause for concern. Learn...

This post describes security controls that an enterprise can deploy to prevent and detect attackers who are attempting to insert malware into a software's code base.

Device authentication is a core component of a zero trust architecture and should always be enforced in addition to strong user authentication. Learn more about implementing device authentication in this post.

To ensure strong security, a code signing system must verify that the code being signed precisely matches the code in the repository. In this post, learn how to deploy such a system using a technique...