Smallstep focuses predominantly on automated certificate management for internal systems in order to automate certificate administration and secure infrastructures. This is an area that organizations are still grappling to get a hold of, and the move toward microservices has exacerbated this further. Using TLS to secure the communication between your microservices can require hundreds of thousands of certificates, and if organizations are not implementing best practices around certificate management, this can be challenging.
In this episode of TFiR Let’s Talk, Swapnil Bhartiya sits down with Mike Malone, Founder and CEO of Smallstep Labs, to discuss some of the challenges organizations are facing with certificate management and some of the common mistakes that are being made. Malone goes into their recent announcement of the general availability of their Certificate Manager toolkit and how it is helping organizations simplify the process for developers.
Key highlights from this video interview are:
- Securing large software systems continues to be problematic. Malone feels that there has been a maturation of processes and techniques over the past 10 years or so. He discusses how distributed systems have evolved as we move more towards cloud-native environments.
- Smallstep focuses on automated certificate management for internal systems. The company focuses on authentication. Malone discusses how cryptographic authentication can be used instead of IP addresses in order to secure cross cloud communication.
- Although X.509 certificates have been around for a while, they have not been applied on such a large scale before. However, using TLS to secure all the communication between your microservices can require hundreds of thousands of certificates. Malone discusses how automation is being used to solve these problems.
- Malone describes the main mistakes he sees developers make, such as certificate management and the need to build best practices around generating keys. He explains how Smallstep tools help simplify this process.
- Smallstep’s core technology is open source with a large community built around it. The company offers professional support services as well as lots of documentation and tutorials around best practices and implementations. Malone explains one of the key use cases they have, ACME-based certificate management.
- Malone shares his top tips for how organizations can improve their certificate management posture. He discusses the open source Certificate Management toolchain and what it offers. He also goes into detail about the hosted instance of their open source Certificate Management toolchain that adds in enterprise features, which is now GA.
The summary of the show is written by Emily Nicholls.