Identify company-owned devices with ease

Ensure that access to financial data, code repositories, PII and other sensitive resources is only possible from trusted, company-managed devices.


Neutralize security threats by binding access to hardware

Smallstep integrates with everything

Our new workload and device collections to seamlessly integrate with almost anything in your tech stack.


I know at which point who has access to what server which I really liked, and my auditors liked.

Jimmy Passemard, Chief Information Security Officer at Kameleoon

Smallstep is a very powerful yet simple to use toolchain.

J. Hunter Hawke, Cybersecurity Analyst at KCF Technologies

Smallstep SSH is exactly what we needed. Significantly reducing the work required to manage SSH keys.

Joe Doss

We were building out new environments, and I didn't want to manage SSH Keys if I could help it.

James Legg, Platform and Infrastructure Engineering Lead at Conversocial

Sane defaults and opinionated playbooks to get you started

Built by the brightest minds in cryptographic comms for distributed systems, step-ca provides the infrastructure, automations, and workflows to securely create and operate a private certificate authority.

Read the docs


STEP CLI is the command-line tool for developers and security professionals to configure, operate, and automate the Smallstep toolchain.

Loved by developers

Join our Discord channel to learn and share with other open source users.

Learn PKI basics

Our blog and quick start guides have everything you need to learn the basics of PKI and begin your implementation.

Built on the Leading Open Source Certificate Toolchain

See how Smallstep can secure your organization