Join the Chainkit mission to Secure the World’s Software - at the Source!
Decentralized Root Of Trust
The Software Supply Chain is coming increasingly under attack as most companies Digitally Transform. #ShadowHammer is a sobering example of what happens when code provenance and dependency lineage are not part of the Continuous Integration / Continuous Deployment (CI/CD) agile DevOps pipeline.
Overcoming known vulnerabilities in PKI certificate management via Centralized Authority, Chainkit offers a DeCentralized root of trust to harden auditing and governance of software supply chain solutions such as Google’s Grafeas / Kritis and CloudBees Jenkins.
Security By Design
Compliance By Design
As the Internet grew rapidly, interoperability used to be the goal for all Applications, Systems and Data. Blind interoperability is now a vulnerability. Moreover ‘inside jobs’ by cyber criminals attacking our systems via stolen Admin credentials (easily purchased off the DarkWeb) represent an existential cyber threat. These are the types of cyber liabilities none of us can afford.
Adding a snippet of Chainkit code to key modules in your software project creates an Automatic Separation of Duty for the identity running any instance of your software. Comparing the Chainkit Secure out-of-band Journal against internal representation of the Systems and Data in question can instantly detect malware, APTs and other threats at the beginning of the Intrusion Kill Chain. Even by powerful (stolen or otherwise maliciously obtained) Privileged / Admin identities who would otherwise tamper with access logs to remain invisible.
Download our Security Report on Chainkit in the NIST CyberSecurity and MITRE ATT&CK Frameworks: