Azure Artifact Signing (formerly Trusted Signing) | Microsoft Azure (original) (raw)

• Artifact Signing (formerly Trusted Signing) is a fully managed service that facilitates code signing for developers. The service provides assurances of authenticity and integrity in applications, which enhances security features that prevent and mitigate malware impacts on the Windows OS.
• Code signing is a method to secure applications against tampering and identity falsification. The signature ensures the code has not been modified and provides information about who signed the application.
• An Artifact Signing signature ensures that your application is trusted by providing base reputation on smart screen, user mode trust on Windows, and integrity check signature validation compliant.
• Artifact Signing currently supports public trust, private trust, VBS enclave, and test trust signing.
• Artifact Signing (formerly Trusted Signing) is a fully managed, end-to-end code signing service integrated with Azure. It offers:
  • Enhanced Security: Certificates and private keys are stored in FIPS 140-2 Level 3 compliant HSMs, reducing risk of compromise.
  • Simplified Certificate Management: Certificates are issued from Microsoft managed CAs and subsequently protected and managed by the service.
  • Developer-Friendly Integration: Works seamlessly with Visual Studio, GitHub Actions, and Azure DevOps for streamlined workflows.
  • Modern Windows Security Features: Enables Smart App Control, SmartScreen, and other protections that block unsigned or tampered executables.
  • Scalability and Cost Efficiency: Flexible plans for individuals and enterprises, eliminating infrastructure overhead.
• Trusted Signing has been rebranded as Artifact Signing. The service remains the same in functionality, providing identity validation, certificate profiles, and signing capabilities.
• There is no functional difference—Artifact Signing is simply the new name for Trusted Signing. All existing features remain unchanged.
• If you already use Trusted Signing:
  • Your existing accounts and certificate profiles will continue to work without interruption.
  • Billing and quotas remain the same under your current plan.
  • Portal experience and APIs are unchanged, though references will update to “Artifact Signing.”
  • For an uninterrupted experience, existing customers must update references to Trusted Signing in the client tools. A full list of required changes are available at aka.ms/artifactsigningfaq. New customers don’t need to make any updates.
• Artifact Signing uses consumption-based pricing, and has not changed from the Trusted Signing pricing:
  • Basic Plan: 9.99/monthforupto5,000signatures;9.99/month for up to 5,000 signatures; 9.99/monthforupto5,000signatures;0.005 per additional signature.
  • Premium Plan: 99.99/monthforupto100,000signatures;99.99/month for up to 100,000 signatures; 99.99/monthforupto100,000signatures;0.005 per additional signature.
  • Artifact Signing pricing model remains unchanged from Trusted Signing. Both plans continue to offer the same features as before. For full details, visit the Artifact Signing pricing page here.