Software supply chains have become strategic targets for cyberattacks. High-profile incidents, such as the SolarWinds breach in 2020, have revealed the potentially devastating impact of vulnerabilities in the software development and distribution process. To address these threats, automated code-signing solutions, like those offered by SignPath, are gaining traction.
SignPath, an Austrian cybersecurity startup, integrates integrity checks and code-signing mechanisms directly into enterprise CI/CD pipelines. This automation ensures that every software component is authenticated, tamper-proof, and compliant with industry standards. This approach is critical as European and U.S. governments enforce stricter software security requirements through regulations such as the Cyber Resilience Act and Executive Order 14028.
SignPath’s solution, already trusted by companies like Hitachi Energy, Airbus, and SolarWinds, offers both technical and regulatory compliance. By automating integrity checks, it mitigates the risks of malicious backdoors or compromised software infiltrating supply chains. This also bolsters customer trust in the software products, a crucial factor for vendors in today’s security-conscious market.
With a €5M Series A investment led by TIN Capital, SignPath plans to expand its operations across Europe and the United States. “Securing software supply chains is no longer optional; it’s a necessity,” says Stefan Wenig, CEO and CTO of SignPath. The company aims to use the funding to scale its team and meet the growing demand for robust supply chain security solutions.
