Software taggants use standard public key infrastructure (PKI) techniques and were introduced by the Industry Connections Security Group of IEEE in an attempt to control proliferation of malware obfuscated via executable compression (runtime packers).
The concept of a PKI-based system to mitigate runtime packer abuse was introduced in 2010[1][2] and described in a Black Hat Briefings presentation[3] by Mark Kennedy and Igor Muttik.
The term was proposed by Arun Lakhotia (due to its similarities with chemical taggants) who also analyzed the economics of a packer ecosystem.
[4] A software taggant is a form of code signing somewhat similar to Microsoft's Authenticode.
The software taggant project is run by Industry Connections Security Group and has open-source nature - it is hosted on GitHub[5] and relies on OpenSSL.