Serves as foundation for company’s software supply chain security products

HOUSTON--(BUSINESS WIRE)--Codenotary, leaders in software supply chain protection, today announced it has been granted a U.S. patent for data retention in a cryptographically verifiable, immutable database that is designed to ensure long-term integrity, transparency, and auditability of digital records.

The newly issued patent protects Codenotary’s approach to securely storing, indexing, and validating data using append-only transaction logs and cryptographic verification, enabling organizations to detect tampering, prove authenticity, and maintain trusted histories of software artifacts and metadata – even at massive scale and with high performance.

“This patent formalizes the architectural foundation behind Codenotary’s trust platform,” said Moshe Bar, CEO and co-founder, Codenotary. “As AI-generated software, SBOM mandates, and regulatory pressure accelerate, the ability to prove what existed, when it existed, and that it hasn’t been altered is becoming mission-critical.”

Built for Modern Software and AI Supply Chains

The invention addresses a fundamental challenge in distributed systems: how to efficiently maintain immutable, verifiable records without sacrificing performance or scalability. The patented design enables high-throughput writes while preserving cryptographic integrity through verifiable transaction histories and indexed value logs.

“The software supply chain has become a primary security risk, as over 70% of modern applications rely on third-party and open-source components and supply-chain attacks have surged more than 300%, forcing enterprises to adopt new trust models based on continuous verification, SBOMs, and policy-driven pipelines,” said Paul Nashawaty, practice lead and principal analyst, theCUBE Research. “Immutable data records provide a permanent, auditable history that cannot be altered without detection, acting as a key requirement for secure supply chains.”

This technology underpins Codenotary’s product line, including immutable Software Bill of Materials (SBOM) notarization, software provenance tracking, and compliance-ready audit trails. These capabilities are increasingly required worldwide by government agencies and regulated industries.

Use cases for the patented technology include:

Software Bills of Materials (SBOMs) that cannot be retroactively altered;

AI model and dataset provenance, ensuring trustworthy training and inference inputs;

Compliance and forensic auditing for regulated environments;

Long-term digital evidence preservation.

“As software becomes the backbone of every critical system—from AI pipelines to national infrastructure – trust can no longer be assumed,” Bar added. “This patent reinforces our commitment to making trust mathematically provable.”

Powering Codenotary Products at Global Scale

This patented technology is a core foundation of Codenotary software supply chain offerings, such as Trustcenter and Guardian. For security teams and auditors, speed is essential. When verifying whether an artifact has been compromised, answers are needed in minutes, not days. Codenotary’s dual-proof technology enables rapid verification even across massive datasets spanning billions of software artifacts – delivering confidence at the scale modern enterprises require.

Codenotary’s technology provides mathematically proven immutability, to guarantee the veracity of information stored in software attestations. This is in contrast with conventional database approaches that can be modified or manipulated.

The full patent can be accessed by searching for U.S. Patent No. 12,530,6852 titled “Data Retention in a Cryptographically Verifiable Immutable Database” via the United States Patent and Trademark Office website.

About Codenotary

Used by hundreds of customers worldwide – including the world’s leading banks, governments, and defense organizations – Codenotary delivers technology that protects the entire software development lifecycle. Codenotary brings easy-to-use trust and integrity into modern software pipelines through advanced AI models that recognize attack patterns instantaneously. Codenotary can be deployed in minutes and integrates with modern CI/CD platforms. For more information, visit https://www.codenotary.com.

Joe Eckert for Codenotary

Eckert Communications

jeckert@eckertcomms.com