Smallstep

04/18/2025

ICYMI 📣📣📣

Smallstep was selected as a Top 10 Finalist for the RSAC's 20th Annual Innovation Sandbox Contest. Known as a platform for cybersecurity's boldest new innovators, the competition selects the most promising companies in the field. We're elated to be recognized with this group of all-stars for our innovative approach to device identity! Join us as we showcase our technology to the world 🌎 at RSAC 2025

Find all the details here:

Smallstep, a rising cybersecurity startup, has been named one of the Top 10 Finalists for the 20th annual RSAC™ 2025 Conference Innovation Sandbox contest fo...

03/21/2025

We are doing a BIG thing. Smallstep will be on the show floor at this year's RSAC Conference at the Moscone Center in San Francisco for the very first time 🎉

If you plan to be in town for the Cybersecurity Event of the Year, stop by to see us at Booth 2445 in the South Expo Hall 👀

⏰ Set a reminder to stop by on April 30th from 4:30pm - 6pm for the Booth Pub Crawl. Look for our sponsor balloon and grab some swag!

02/20/2025

🔽 Are we finally seeing the end of VPNs? Or do they still have a place in enterprise security?

We’ve seen it over and over—compromised VPN credentials lead to full network breaches. And once inside, attackers can scan for vulnerabilities, steal data, and move laterally.

The problem?

VPNs trust too much. They assume that if you have the credentials, you should have access. But who holds the key to a lock should matter.

That’s why companies like Apple are excited about MASQUE Network Relays—a more secure, faster, and fine-grained way to manage remote access. Instead of granting network-wide access, MASQUE Network Relays:
🔒 Verifies device identity before allowing a connection
🔎 Restricts access to only specific applications, not entire subnets
⚡ Uses QUIC & HTTP/3 for better security and lower latency

Read the full breakdown here 👉 https://hubs.ly/Q03556FD0

01/08/2025

Secure your most sensitive resources with high-assurance device authentication.

Smallstep’s seamless Okta SSO integration provides the strongest guarantee that your Okta apps are accessible only from trusted devices 🔒

Our cross-platform desktop application issues cryptographic IDs bound to each device’s hardware, ensuring that credentials cannot be transferred to another device. This method significantly reduces the attack surface for sensitive resources.

Click here for the data sheet 👉 https://hubs.ly/Q031N7x80

12/24/2024

'Twas the night before Christmas, all was calm, all was bright,
The security team was sleeping, delighted by the quiet night.
For they had trusted in Smallstep, with confident cheer,
Knowing their corporate data was strongly protected all year.

They dreamt of secure SaaS Apps, Wi-Fi, and VPNs all night
Knowing their dashboards, databases, and PII were locked up tight.
They lay dreaming of intellectual property, stored safe and snug,
While Smallstep kept guard, devices secure as a bug in a rug.

There’s a new standard in protection, called ACME DA,
We developed with Apple and Google, a trustworthy way.
With checks on hardware, offering a guarantee,
Helping your team sleep soundly, as peaceful as can be.

Pledging support for Mac, Windows, and Linux too-
Smallstep is at the helm, ensuring a comprehensive point of view.
No fretting over cyber threats, no nightmares of attacks,
Only verified hardware can gain access, keeping the peace intact.

Everything was orderly, device inventory was tracked,
While hardware-bound credentials checked their integrity was fact.
Smallstep worked continuously, a trustworthy guide.
The security ecosystem was integrated, all platforms fortified.

No matter what it is: Github, Wi-Fi, or VPN,
Every resource is guarded, again and again.
Be it public SaaS or internal web apps, you know,
The on-call team can rest easy, wherever they may go.

Working with MDM solutions like Jamf, Intune, and Workspace ONE,
Smallstep makes security seamless, and twice the fun!
Removing suspicious devices, and flagging others that fail,
The platform also revokes credentials, confirming security will prevail.

So, snug in their beds, they sleep without fear,
Knowing Smallstep has them covered far and near.
With corporate resources secure, and no threat of a midnight rush,
'Twas indeed a peaceful Christmas night, quite serene and lush.

Happy Holidays from all of us at Smallstep! 🎄✨

10/31/2024

It's the last day of month!

We asked Smallsteppers to share some actionable tips on what users can do to stay safe online and protect themselves from phishing. 🎣

Here are 3 you can start RIGHT NOW:
1. Enable 2FA everywhere you can!
2. Use a password manager. (No one has time to remember all those unique, strong strings of characters anyway!)
3. Update your software. (We know, we know. Waiting for that reboot is not our idea of fun either.)

Don't even get us started on number 5! 👀
Head on over to the blog to read if you are guilty...
https://hubs.ly/Q02WwQ1y0

09/25/2024

Smallstep is headed to Oktane 2024! Chat one-on-one with product experts, and see how you can Raise the Bar on Device Trust. Get a demo of Smallstep + Okta in action and snag yourself some exclusive swag 🙌

With Smallstep + Okta you can get the strongest possible guarantee that your Okta apps are only available on trusted devices. Smallstep's cross-platform desktop application issues every authorized device a cryptographic ID that’s bound to the device’s silicon. Unlike a security token or a key file, it cannot be brought to another device. This feature strongly constrains any attack surface area involving sensitive resources.

⏰ Set a reminder to join us for the Device Trust Bar at Booth #21 on Wednesday, October 16th at 3:00pm. Happy hour is on us!

08/22/2024

We've created a lightweight Okta® SSO integration for device identity, that offers the strongest possible guarantee that your Okta® apps are only available on trusted devices. Now you can lock down your most sensitive resources with next-gen device authentication🔒 But how does it work?

Our cross-platform desktop application issues every authorized device a cryptographic ID that’s bound to a device’s silicon. Unlike a security token or a key file, it cannot be brought to another device. This feature strongly constrains any attack surface area involving sensitive resources.

Check out the demo from Carl Tashian on the Smallstep blog:

Issue and renew identities for all your hardware, software, and people with Smallstep.