How can similar attacks be prevented?This process could be made more secure by requiring the key stored within the HSM to use some kind of multi-factor authentication.- Jonathan Kline   star lab logo

Securely signing release packages is not an easy undertaking, Kline says, but particularly in light of the SolarWinds breach, it remains an altogether security-crucial aspect of software development and software release, if the industry is to protect itself from another SolarWinds, that is.

Scott Shadley, Vice President of Marketing at NGD Systems, a manufacturer of state-of-the-art computational storage drives (CSDs) and also a Trenton Systems technology partner, explained how NGD's drives can protect your sensitive data.Jonathan Kline, Chief Technical Officer at cybersecurity software company Star Lab, a Wind River company, and a Trenton Systems technology partner, stresses the importance of signing release packages securely but admits that there's no one-size-fits-all solution.One possible approach to securely signing software uses an offline approach combined with some form of hardware security module (HSM).Our CSDs actually leverage the security protocols of self-encrypting data.