CodeLock™ is a patent-pending revolutionary approach to securing software.
CodeLock™ has been described by the CISO of one of the Big 5 Silicon Valley Tech Titans as “the most important invention in cybersecurity since Public Key Cryptography.”
CodeLock™ was developed by the Data Scientists, AI Engineers, Software Developers, and Cybersecurity Professionals at ProtectedBy.AI. The members of our team have decades of collective experience developing cutting-edge solutions for the U.S. Intelligence, Defense, and Security Agencies, Fortune 500 companies, financial services firms, and SMBs.
The Next Generation in Cybersecurity Protection
If you are a CISO, CTO, CIO, or CEO charged with keeping your organization cyber safe, your life has become more challenging over the past few years than could have been imaginable even a decade ago.
Malware, ransomware, cyberattacks of all kinds are on the rise – and globally, there is a shortfall of 3.2 million qualified cyber-warriors you can call on for support. As a result, you are left shorthanded, outgunned, and outpaced in the hacking arms race by monetarily motivated attackers from all corners of the globe. And while some organizations are attacked millions of times per month, the bad guys only have to win once – and it can be game over.
What are you going to do when that one-in-a-million attack inevitably does get through? Can you afford to take the chance that your company, customers, and country will not be immeasurably harmed?
CodeLock™ is a patent-pending, first of its kind, defense against cyberattacks.
What Is CodeLock™ ?
CodeLock™ creates an inviolable network of security sensors that can be embedded into any software running on your servers. The CodeLock™ algorithm inserts specialized “digital signatures” at predetermined locations throughout an entire body of code – effectively creating containers of code that are then sealed, signed, and linked together.
Through this simple process, CodeLock™ infallibly protects every line of code you produce. From small utility functions to multi-million-character operating systems, CodeLock™ keeps your software safe.
Consider this… Approximately $60 billion is spent annually on cybersecurity to keep hackers out. But CodeLock™ is the only technology that automates the process of detecting malware once it has gotten past your perimeter.
Every worthwhile physical security system has two primary components; perimeter protection to detect intruders trying to make it past your walls, windows, and doors. But the second critical dimension – motion detection – has been missing from cybersecurity. Until now.
When cyber-intruders make it past your firewalls – as they inevitably will – what are you going to do?
If any malware, ransomware, virus, or bot is surreptitiously inserted into the software you create for your company or customers… If even a single character in millions of lines of code is changed without your permission…
The Yin & Yang of CodeLock™
The CodeLock™ platform has two primary dimensions:
CodeLock™ is all about accountability; what is known in the parlance of software development and cybersecurity as nonrepudiation.
The Developer Interface requires programmers to confirm their identity through multiple mechanisms – including tiered passwords, multi-factor authentication, digital foot-printing, and biometrics. The entire login process takes less than 20 seconds – and it ensures absolute user authentication and verification.
CodeLock™ is programming language agnostic and fully integrable to the workflow of any software development efforts – whether your TPM approach is based on waterflow, agile, scrum, ITIL (or anarchy). The platform can connect to and accommodate all major repositories – including Git, GitHub, BitBucket, AWS, Azure, networked drives – and can be easily configured to accommodate any proprietary system, whether open or permissioned.
The user-friendly UX and fully documented SDK and APIs are so simple to follow anyone who has written “Hello, Word!” in any Turing complete language will be able to navigate CodeLock™ in a matter of minutes. As an additional value adding features, CodeLock™ gives supervisors full transparency into the software development lifecycle, providing previously unavailable insights into the rate, quality, and timing of coder commits.
Think of this aspect of CodeLock™ as your ever-vigilant Security Operations Center on a single screen. Accessible from anywhere, on any device (PC, laptop, tablet, smartphone), the Alert Monitor is your early warning system; a capability that can be configured to send emails, texts, and even pre-recorded calls to anyone you designate.
The CodeLock™ Alert Monitor is specifically designed for non-tech execs – the often brilliant women and men who run some of the most technologically sophisticated companies across a wide-range of industries, but who do not have the time, patience, or inclination to have to delve into the code.
In addition to the ability to monitor every project in your organization, CodeLock™ comes with the option of an Integrated Dashboard that can be configured to provide organizations the ability to monitor the projects of any of their vendor companies. For agencies and organizations that are increasingly requiring all software running in their ecosystem to be CodeLock™ Certified, this platform provides a meta-monitoring capability that alerts you, at precisely the same time – in real-time – in the event your vendor’s software ever experiences an insertion attack.
The CodeLock™ Value Proposition
In addition to proving unparalleled "Peace of Mind Through
Superior Technology ©",
CodeLock™ provides exceptional value in two complementary ways:
The bulletproof nonrepudiation features built into CodeLock ensures your developers sign every line of code that they write. With incidences of insider threats, sabotage, and cyber-espionage on the rise, the consensus among our clients is that the comfort of knowing CodeLock™ level accountabilities are in place is priceless.
While we all hope to avoid malfeasance or even mistakes… As the old saying goes, hope is not a strategy. How much more soundly will you sleep knowing CodeLock™ is vigilantly monitoring your systems 24/7/365?
Providing CodeLock™ Certified Software gives you a rapid way to differentiate your software and services. In a post-SolarWinds world, why spend inordinate hours trying to convince clients why your software product won’t be the source of the next supply-chain disaster?
Whether you decide to pass the minimal per-project costs of CodeLock™ through to your clients at cost or as a premium feature is completely up to you. Or do you simply attribute those miniscule costs to goodwill and use the CodeLock™ seal of approval as a way to show your clients you care about their cyber-safety?
- 10 Developers
- 1 Group Project
- 10 Developers
- 1 Group Project
Need More Than 50 Developers and/or 5 Group Projects Licenses?
Contact Us for a Discounted Price
CodeLock™ integrates immutable nonrepudiation into the digital signatures used to ensure code integrity and developer accountability by ascribing multi-factor vetted credentials to all users authorized to update, change, or otherwise modify any aspect of an overall corpus, or any constituent corpora, of code.
The digital signatures are likewise coded to incorporate datetime stamps and any relevant provenance information through referenced records. Simply said: Developers are inextricably and forever linked to the code they create – and no one outside your organization will ever be able to forge convincing credentials.
CodeLock™ supports verification without dependence on third parties, thereby increasing security and reducing or negating the possibility of interception and man-in-the-middle (MitM) attacks.
Encrypted digital signatures are uniquely and inextricably linked to individual developers – biometrically, via multi-factor authentication (MFA) and one-time password (OTP) protocols, and through authorized control systems from your organization’s leadership. This ensures only authorized personnel can contribute to commits for your Git, whether those repositories are hosted in the cloud or on premise. The authenticity of any software is likewise instantly verifiable by any developer, supervisor, or client.
CodeLock™ is designed to simultaneously support an unlimited number of authorized users, which provides the additional benefit of serving as a decentralized platform for securing and storing code that can be instantaneously vetted and securely accessed by as many developers as you authorize, working from anywhere and on any device with a secure internet connection.
CodeLock™ proprietary digital signatures support configurable layers of transparency.
Authorized users can be provided with access to the underlying codebase, the digital signature, and/or a binary yes/no report on the integrity of digital signature matches. The information provided to each user may be based on the user’s authorization level or credentials, thereby supporting configurable transparency to different types of users.
CodeLock™ enables instant, real-time and continuous, auditability.
Any and all discrepancies between the distributed digital signatures and digital signatures generated by one or more nodes are instantly disclosed upon receipt of the code and generation of the digital signatures at the one or more nodes.
The chaining nature of the CodeLock™ digital signature structure instantaneously discloses nodes along the chain which have been corrupted (e.g., received code which has been tampered with, altered, or changed in any way).
CodeLock™ supports a “Smart Contract” capability, which can be incorporated into business processes and procedures.
Similar to blockchains, the digital signature data structure utilized by the CodeLock™ system operates as a vehicle for transmitting Smart Contracts by enabling secure and transparent sharing of digital signatures that are immutable once added to the digital signature data structure.
In an April 2021 publication titled Defending Against Software Supply Chain Attacks, the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) warn against the devastating impact that can be caused when “a cyber threat actor infiltrates a software vendor’s network and employs malicious code to compromise the software before the vendor sends it to their customers.” The report notes, “These types of attacks affect all users of the compromised software and can have widespread consequences for government, critical infrastructure, and private sector software customers.”
CodeLock™ is the first – and only – solution that enables Software Developers and their customers to continually assess and monitor the security of software obtained through supplier relationships; fulfilling and exceeding recommendations from the NIST Cyber Supply Chain Risk Management (C-SCRM) framework and the Secure Software Development Framework (SSDF).
Talk to a Human
We like computers, algorithms, and robots as much as anyone (okay, maybe a bit more than most) – but we also know there are times when you just want to talk to a real live, honest to goodness, knowledgeable human being.Contact Us