Smallstep Selected as Top 10 Finalist for RSAC™ 2025 Conference 20th Annual Innovation Sandbox Contest

Smallstep Recognized for the World’s First Device Identity Platform™

Smallstep, a rising cybersecurity startup, has been named one of the Top 10 Finalists for the 20th annual RSAC™ 2025 Conference Innovation Sandbox contest for its work delivering cross-OS, high-assurance device identity for enterprise customers to protect access to sensitive company resources like PII, SaaS apps, SSH, Git, Wi-Fi, and more. Smallstep will present its technology to a panel of renowned industry judges and a live in-person audience on Monday, April 28 at RSAC 2025 Conference at the Moscone Center in San Francisco.

The RSAC™ Innovation Sandbox contest, celebrating its 20th anniversary in 2025, has become the world’s premier showcase for the cybersecurity startup community as promising young cybersecurity companies showcase their groundbreaking technologies and compete for the title of “Most Innovative Startup.” The competition is widely recognized as a catapult for success as the Top 10 Finalists have collectively celebrated more than 90 acquisitions and received $16.4 billion in investments over the last 19 years. Smallstep will have three minutes to pitch the panel of judges before a question-and-answer round. For the first time, each of the Top 10 Finalists in 2025 will receive a $5 million investment to drive cybersecurity innovation.

“As we enter a new age of threats, innovation and new technologies are critical to achieving a safer society,” said Cecilia Marinier, Vice President, Innovation & Scholars, RSAC. “The RSAC™ Innovation Sandbox contest is an unparalleled opportunity for both the industry and the entrepreneur to highlight industry-changing solutions, companies, and entrepreneurs.”

At the core of Smallstep's offering is ACME Device Attestation, an IETF standard co-developed with Google, that enables organizations to implement crucial Zero Trust principles with device identity. With traditional security models focusing on user identity, Smallstep addresses the often-neglected but significant chore of verifying and managing device identities. Ensuring that only trusted and known devices can access sensitive resources, Smallstep helps organizations minimize uncertainty and significantly reduce the attack surface created by passwords. Smallstep’s offering provides the tools to know "who and what to trust," enabling cryptographic verifications to attest to device authorization and user authenticity. This capability is essential for validating access into sensitive internal networks and resources, a cornerstone of Zero Trust security.

This approach to device security is fueling growth across enterprise markets. The company has nearly tripled its revenue and customer base in the last year, a clear indicator of the demand for this type of solution. Smallstep’s focus on simplifying traditionally challenging areas allows security teams to gain better visibility, automate security operations, and empower users without hindering innovation, which is driving their strong market growth and adoption. At least 78 of the Fortune 100 trust Smallstep tools to secure their critical infrastructure. This highlights the effectiveness and reliability of Smallstep's platform to streamline device identity at scale, making robust security more accessible and efficient for even the most complex enterprise environments.

“This is technology that was impossible to implement until recently. It can eliminate phishing without MFA fatigue and even mitigate nation-state threats,” said Mike Malone, CEO and Founder, Smallstep. “Device identity is literally half of Zero Trust. We're already raising the security bar for some of the world's largest and most targeted organizations, and we can’t wait to showcase what we’re building at RSAC’s Sandbox this year.”

The RSAC™ Innovation Sandbox contest kicks off at 9:30 AM PT on Monday, April 28 and winners will be announced at approximately noon the same day. The panel of renowned expert judges includes David Chen, Head of Global Technology Investment Banking at Morgan Stanley; Dorit Dor, Chief Technology Officer at Check Point Software Technologies; Niloofar Razi Howe, Operating Partner at Capitol Meridian Partners; Paul Kocher, Independent Researcher; Nasrin Rezai, SVP & CISO at Verizon; and Christopher Young, Investor and former CEO at McAfee and former Microsoft Exec; Hugh Thompson, RSAC™ Executive Chairman and Program Committee Chair of RSAC™ Conference, will return to host the contest.

For more information regarding RSAC™ 2025 Conference, taking place at the Moscone Center in San Francisco from April 28 - May 1, please visit https://www.rsaconference.com/usa.

About Smallstep

Smallstep ensures that sensitive apps and systems can only be accessed by company-owned devices. Smallstep partnered with Google and Apple to develop the new standard for high-assurance device identity. By binding access to hardware, Smallstep neutralizes security threats and streamlines compliance and governance. Smallstep’s platform integrates with existing device management and posture solutions and offers comprehensive protection for Wi-Fi, VPN, ZTNA, public SaaS apps, internal web apps, cloud APIs, and more.

About RSAC

As the cybersecurity industry’s convening authority, RSAC brings together diverse minds to exchange perspectives, knowledge, and ideas. RSAC provides the world’s leading platform for uniting and advancing the cybersecurity community to create a safer society. RSAC is at the cutting edge of cybersecurity innovation and education. The company’s flagship event, RSAC™ Conference, is the largest and most influential global gathering in cybersecurity. RSAC gives cybersecurity professionals a platform to connect and grow. To learn more, visit OneRSAC.com.

View source version on businesswire.com: https://www.businesswire.com/news/home/20250417876214/en/

Smallstep has been named one of the Top 10 Finalists for the 20th annual RSAC™ 2025 Conference Innovation Sandbox contest.