Linda Ikechukwu

Lock down Jamf MDM enrollment to only verified company-owned devices with Smallstep’s next-gen device identity.

MASQUE is a modern application-layer standard that takes a fresh approach to securing traffic, and here's why we're excited about it.

A tell-it-all guide for small teams like ours looking to automate design workflows, reduce UI development time by 50%, and eliminate the headaches of manual styling.

We asked Smallsteppers for their best advice to stay protected from phishing attempts.

iOS 14 and macOS Sequoia 15 introduces a new privacy feature: randomised MAC addresses for Wi-Fi networks. Hence, if you're still relying on MAC Address Filtering or SSID Hiding to secure your enterprise Wi-Fi network, it's time to rethink your strategy.

Let’s Encrypt, the non-profit Certificate Authority that offers free SSL/TLS certificates for secure HTTPS connections, has announced plans to end OCSP support in favor of CRLs. What are those, and why? Read to find out.

This is the comprehensive in-depth guide on Wi-Fi security you never knew you needed. Learn about the different modes of Wi-Fi authentication (Open, Personal PSK, Enterprise 802.1x) + Wi-Fi encryption grades (WEP, WPA, WPA2, WPA3), how one is superior (or inferior) to the other, and which Wi-Fi network security setup is the most secure.

We surveyed 155 security professionals — across small, medium, and large sized companies — on their plans around certificate usage in 2024. The results reveal that certificates for device identity is where the future is headed.

Discover how Apple Managed Device Attestation (MDA) helps realise Zero Trust Security by guaranteeing secure MDM device enrollment and web application protection.

This article answers important questions for someone who has been hearing about EAP TLS, certificate-based WiFi, RADIUS, and who may have been tasked with building out a proof of concept (POC) and wants to know how to proceed.

Thousands of developers, DevOps, and security professionals trust Smallstep. Discover how three of our open-source community members use step-ca (our open source online certificate authority) to seamlessly incorporate automation into their projects and simplify their workflows.

As Microsoft deprioritizes Active Directory in favor of Entra, the cost of supporting AD CS. It is time to consider migrating your PKI to a modern, consolidated, and robust platform like Smallstep. This tutorial guides you through the process of getting started.

Organisations that still cling to their legacy Public Key Infrastructure (PKI) like Microsoft Active Directory Certificate Services, struggle with inefficiency and security loopholes. If you're still unsure, read this.

You want the easy management of encryption and authentication that Smallstep provides - but you have legacy systems trusting old root certificates. Here's the great news - you can now do it all with bring your own root capabilities at Smallstep.

We are excited to announce that Smallstep is evolving into an end-to-end encryption platform. You can now manage the entire certificate lifecycle for everything within infrastructure, all from one place.

As social engineering and phishing attacks become more prevalent, it's clear that a shift away from legacy forms of authentication is necessary. Learn about alternative phishing-resistant authentication methods you can adopt to better protect your organization.

With phishing attacks on the rise, passwords are no longer a reliable method for granting infrastructure access or authenticating users. It is time to adopt authentication methods that don't rely on shared secrets.

'Provisioners' are crucial to how the Smallstep Platform works, and a faint understanding of what they are and do, is required to effectively use the Smallstep platform and open-source tools to issue and manage certificates.

We've just added EAB to our ACME server. EAB adds more security and control to the process of automating certificate management actions for machines and services using the ACME protocol. Read on to find out what this means for you as a Smallstep user.

Apple MDA, GitHub OIDC, systemd-creds, Passkeys, and Identity-Aware Proxies: Here's a look at some infrastructure security advancements that caught our attention in 2022.

Public web certificate authorities like Let's Encrypt were not designed to support internal use cases. What you need is a private certificate authority.

We’ve launched an ACME Registration Authority quickstart guide to help you easily automate certificate issuance and renewal to endpoints within walled-off networks. Read up on Registration Authorities and why may need them.

Although SSH certificates are the most secure way to regulate SSH access, they are underutilised. They're also frequently confused with X.509 (aka TLS) certificates. This article explains what SSH certificates are, why you should be using them, and how they differ from their more popular X.509 counterparts.