Unlocking Zero Trust Security: Apple MDA for MDM Device Enrollment and Web Application SecurityBy Linda IkechukwuDiscover how Apple Managed Device Attestation (MDA) helps realise Zero Trust Security by guaranteeing secure MDM device enrollment and web application protection.See more
Certificate Based Wifi Authentication With RADIUS and EAP-TLSBy Linda IkechukwuThis article answers important questions for someone who has been hearing about EAP TLS, certificate-based WiFi, RADIUS, and who may have been tasked with building out a proof of concept (POC) and wants to know how to proceed.See more
How Step-CA is Revolutionizing Automated Certificate Management By Linda IkechukwuThousands of developers, DevOps, and security professionals trust Smallstep. Discover how three of our open-source community members use step-ca (our open source online certificate authority) to seamlessly incorporate automation into their projects and simplify their workflows.See more
How to Bring Your Own Root from AD CS to SmallstepBy Linda IkechukwuAs Microsoft deprioritizes Active Directory in favor of Entra, the cost of supporting AD CS. It is time to consider migrating your PKI to a modern, consolidated, and robust platform like Smallstep. This tutorial guides you through the process of getting started.See more
Migrate From Microsoft AD CSBy Linda IkechukwuOrganisations that still cling to their legacy Public Key Infrastructure (PKI) like Microsoft Active Directory Certificate Services, struggle with inefficiency and security loopholes. If you're still unsure, read this.See more
Modernize Your Legacy PKI with Bring Your Own RootBy Linda IkechukwuYou want the easy management of encryption and authentication that Smallstep provides - but you have legacy systems trusting old root certificates. Here's the great news - you can now do it all with bring your own root capabilities at Smallstep.See more
Making PKI Easier: What you need to know about Smallstep's new UIBy Linda IkechukwuWe are excited to announce that Smallstep is evolving into an end-to-end encryption platform. You can now manage the entire certificate lifecycle for everything within infrastructure, all from one place.See more
Prevent phishing with end to end encryptionBy Linda IkechukwuAs social engineering and phishing attacks become more prevalent, it's clear that a shift away from legacy forms of authentication is necessary. Learn about alternative phishing-resistant authentication methods you can adopt to better protect your organization.See more
Why passwords and OTPs suck By Linda IkechukwuWith phishing attacks on the rise, passwords are no longer a reliable method for granting infrastructure access or authenticating users. It is time to adopt authentication methods that don't rely on shared secrets.See more
Manage, configure, and inspect all of your certificate authority provisioners in one placeBy Linda Ikechukwu'Provisioners' are crucial to how the Smallstep Platform works, and a faint understanding of what they are and do, is required to effectively use the Smallstep platform and open-source tools to issue and manage certificates.See more
ACME EAB—What Is It, and How Do We Use It at Smallstep?By Linda IkechukwuWe've just added EAB to our ACME server. EAB adds more security and control to the process of automating certificate management actions for machines and services using the ACME protocol. Read on to find out what this means for you as a Smallstep user.See more
5 Infrastructure Security Advancements You May Have Missed in 2022By Linda IkechukwuApple MDA, GitHub OIDC, systemd-creds, Passkeys, and Identity-Aware Proxies: Here's a look at some infrastructure security advancements that caught our attention in 2022.See more
3 Reasons Why You Shouldn't Use Public CAs for Internal InfrastructuresBy Linda IkechukwuPublic web certificate authorities like Let's Encrypt were not designed to support internal use cases. What you need is a private certificate authority.See more
The deal with Registration Authorities, and what they do for you with Smallstep Certificate ManagerBy Linda IkechukwuWe’ve launched an ACME Registration Authority quickstart guide to help you easily automate certificate issuance and renewal to endpoints within walled-off networks. Read up on Registration Authorities and why may need them.See more
SSH vs. X.509 CertificatesBy Linda IkechukwuAlthough SSH certificates are the most secure way to regulate SSH access, they are underutilised. They're also frequently confused with X.509 (aka TLS) certificates. This article explains what SSH certificates are, why you should be using them, and how they differ from their more popular X.509 counterparts.See more