Smallstep for DevOps

Enhance your security posture by connecting and monitoring all your workloads, devices and people at scale with Smallstep. Lock down all your resources from VMs to k8s clusters, AD CS migrations, and more with our flexible PKI solutions.

Contact us
background graphic
Cross-platform coverageCross-platform coverage
Seamless integration
Certificate iconEliminate credential theft
Real-time device inventory
IDP integration
Static keys iconNo more static keys
Graphic of abstract code

Built on open foundations

Smallstep is built on a foundation of proven open source software. Smallstep’s step-ca server is relied on by 78 of Fortune 100 companies to secure company resources. We believe critical cryptographic code is more trustworthy when it's out in the open.

Learn more
SSH keys

SSH like a professional

Who wants to manually gather, ship, and rotate SSH public keys for all your users and hosts? Smallstep delivers an end-to-end SSH workflow that combines modern identity providers with short-lived SSH certificates and flexible access control. Enhance your SSH workflows with hardware-backed device identity.

Learn more
Github login screen with Smallstep modal showing status

Secure your SaaS with Smallstep

Stop relying on user credentials. Smallstep’s hardware-bound device certificates add a second layer of trust to every SaaS login–without added friction. Every user login is tied to an approved machine, providing true Zero Trust across SaaS apps like Salesforce, GitHub, Dropbox, and more. Lock down critical data without disrupting your team’s workflow.

Learn more
Kubernetes logo graphic

Securing Kubernetes

Kubernetes can be a complicated beast, with a lot of configuration and resources to manage. It's challenging to secure this workload while wrangling the other moving pieces of your cluster. Regardless of the network hierarchy and policies in place, automating security by design will always make your cluster and its workloads safer and more reliable. Smallstep has tailor-made tools and workflows for managing certificates in and around Kubernetes.

Learn more
Certificates are at the center of multiple features

More than just a CA

A Certificate Authority is only one piece of the puzzle required to accomplish security at scale. A modern, robust Certificate Authority is the heart of the Smallstep platform, but is only the first step. And, it's no easy task to put the rest together. Smallstep can help you choose: to fork, or not to fork?

Graphic of step certificate code

Open Source transition to hosted Step CA Pro

Designed for mission-critical DevOps use cases, Step CA Pro is a drop in replacement for step-ca. Step CA Pro provides advanced features and compliance options not available to open source users. Get full control over the CA and root signing keys, while reaping the benefits of our cloud-based integrations and management interface.

Cover image of the white paper

Get the Data Sheet

Step CA Pro unlocks Device Identity to ensure that only trusted devices can access your enterprise's most sensitive resources. Our collaboration with Google and Apple on the ACME Device Attestation (ACME DA) standard, allows the strongest possible guarantee of a device's identity, preventing credential exfiltration, phishing, and impersonation attacks.

Download
background gradient
Inventory list view UI

Learn more about the platform

The Smallstep platform helps mitigate numerous cybersecurity threats – from phishing to advanced hardware attacks – without impacting end-user workflows.

Learn more
gradient background

Leading the industry in Zero Trust for devices

Empower your teams to work at the pace and scale of modern engineering.

Book a demo