Use Cases of The Smallstep Platform

Typical use cases for Smallstep include, but not limited to the following:

  • End to end network encryption: Authenticate and encrypt network traffic within your infrastructure. Provision and manage TLS certs for web applications (NGINX, Caddy, Apache httpd, etc.), databases (MySQL, Postgres, MongoDB, etc), browsers, Kubernetes, IoT devices, and more. Issue SSH host and short-lived user certificates.
  • Privileged Access Management: Provision cryptographic identities and fine-grained trust policies for the people, devices, processes, or technology requiring access to workloads for easier detection and monitoring.
    • Get hardware-bound device certificates for Linux, Windows, and mobile devices.
    • Streamline and simplify SSH access with single sign-on SSH
  • Passwordless or Secretless authentication: Shared and long lived authentication credentials (passwords, keys, e.t.c) are major enablers of credential theft and data breaches. Get rid of shared or long lived credentials within your infrastructure, and replace them with ephemeral certificates.
  • IoT/OT: Bootstrap IoT devices with CA trust. Issue device identity certificates and workload certificates to IoT or OT devices, so that all communications are encrypted and authenticated.

Also, from what we’ve heard, here’s how different teams employ Smallstep:

  • Security teams use Smallstep to secure connections to web applications, databases, and Linux servers. We integrate with modern infrastructure-as-code (IaC) tools like Ansible and Terraform.
  • IT teams use Smallstep for device management and modern zero touch provisioning. Smallstep can manage certificates for 802.1x WiFi or VPN authentication, using the latest device attestation workflows and hardware-bound keys.
  • DevOps teams use Smallstep to manage SSH server access and SSO-for-SSH integration using certificates.

You can schedule time with the Smallstep team to learn how the platform can help your project.