Security Archives - The Golioth Developer Blog https://blog.golioth.io/category/platform/security/ Golioth, Zephyr, and IoT Development News and How Tos Tue, 03 Mar 2026 14:17:17 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://blog.golioth.io/wp-content/uploads/2023/09/cropped-Golioth_Symbol_Coral_RGB-1-32x32.png Security Archives - The Golioth Developer Blog https://blog.golioth.io/category/platform/security/ 32 32 Introducing Certificate Rotation with Hosted PKI providers https://blog.golioth.io/introducing-certificate-rotation-with-hosted-pki-providers/ Tue, 16 Dec 2025 20:00:24 +0000 https://blog.golioth.io/?p=10386 Golioth pulls the IoT industry forward by making it easier than ever to rotate device certificates on embedded devices. A new Hosted PKI provider service is integrated with Amazon Private Certificate Authority (CA) and will include other Hosted PKI providers soon.

The post Introducing Certificate Rotation with Hosted PKI providers appeared first on The Golioth Developer Blog.

]]> Signed URLs on ESP32 https://blog.golioth.io/signed-urls-on-esp32/ Tue, 04 Nov 2025 14:59:06 +0000 https://blog.golioth.io/?p=10252 This week we released v0.2.0 of signy, which expands support beyond Zephyr RTOS to Espressif's ESP-IDF. In addition to bringing signed URLs to more embedded devices, ESP-IDF support is particularly useful due to the framework's built-in OTA firmware update capabilities.

The post Signed URLs on ESP32 appeared first on The Golioth Developer Blog.

]]> New Console Feature: The Certificate Generator https://blog.golioth.io/new-console-feature-the-certificate-generator/ Thu, 23 Oct 2025 18:07:37 +0000 https://blog.golioth.io/?p=10216 The Certificate Generator is now available on the Golioth Console, which makes provisioning devices in a secure way easier during the prototyping phase of using Golioth

The post New Console Feature: The Certificate Generator appeared first on The Golioth Developer Blog.

]]> Signed URLs for Embedded Devices https://blog.golioth.io/signed-urls-for-embedded-devices/ Tue, 16 Sep 2025 14:26:46 +0000 https://blog.golioth.io/?p=10093 Today we are launching support for device signed URLs, which is now available for Golioth projects in Teams or Enterprise tier organizations. The feature is off by default, but can be enabled on the settings page for a project. We are also releasing signy, an open source firmware library for generating signed URLs on embedded […]

The post Signed URLs for Embedded Devices appeared first on The Golioth Developer Blog.

]]> Unwrapping Certificates https://blog.golioth.io/unwrapping-certificates/ Tue, 25 Mar 2025 14:52:51 +0000 https://blog.golioth.io/?p=9219 Certificates are the most secure way to connect your device to the cloud. This article reduces confusion surrounding them with simple examples.

The post Unwrapping Certificates appeared first on The Golioth Developer Blog.

]]> A Device That Can’t Be Updated Is a Device That Can’t Be Trusted https://blog.golioth.io/a-device-that-cant-be-updated-is-a-device-that-cant-be-trusted/ Thu, 20 Mar 2025 14:57:05 +0000 https://blog.golioth.io/?p=9262 Over-the-air updates are a crucial part of building and deploying secured devices, yet many product companies skip this step. This post outlines why it's difficult and how Golioth is making it easier.

The post A Device That Can’t Be Updated Is a Device That Can’t Be Trusted appeared first on The Golioth Developer Blog.

]]> How to Provision and Store IoT Device Certificates https://blog.golioth.io/how-to-provision-and-store-iot-device-certificates/ https://blog.golioth.io/how-to-provision-and-store-iot-device-certificates/#comments Tue, 05 Sep 2023 15:00:56 +0000 https://goliothblogdev.wpenginepowered.com/?p=5084 Every IoT device should operate over an encrypted channel. But how exactly does that security work as your fleet rapidly grows? Our recommendation is to use certificate authentication to deliver strong encryption while solving common fleet management problems. Today we’re showing how to provision and store IoT device certificates. Certificate Authentication based on ECDSA Golioth […]

The post How to Provision and Store IoT Device Certificates appeared first on The Golioth Developer Blog.

]]> https://blog.golioth.io/how-to-provision-and-store-iot-device-certificates/feed/ 6 Golioth Certificate-Based Authentication https://blog.golioth.io/introducing-golioth-certificate-based-authentication/ Tue, 13 Dec 2022 16:07:08 +0000 https://goliothblogdev.wpenginepowered.com/?p=3644 Certificates ensure secure connection between device and cloud, from provisioning until decommissioning. Today we are announcing the ability to use Certificates with the Golioth platform.

The post Golioth Certificate-Based Authentication appeared first on The Golioth Developer Blog.

]]> Why use certificates for Internet of Things authentication (DTLS) https://blog.golioth.io/why-use-certificates-for-internet-of-things-authentication-dtls/ Thu, 27 Oct 2022 16:11:49 +0000 https://goliothblogdev.wpenginepowered.com/?p=3301 How can security improve when manufacturing large volumes of devices? That’s the question I ended on in my last article about Golioth Pre-Shared Keys (PSK). Securing a large population of devices (10k or more) in a way that’s scalable and meets your project’s budgets is not trivial, but it is solvable. It takes a combination […]

The post Why use certificates for Internet of Things authentication (DTLS) appeared first on The Golioth Developer Blog.

]]> Yes, even your IoT prototype should be secure https://blog.golioth.io/yes-even-your-iot-prototype-should-be-secure/ Thu, 11 Nov 2021 22:27:12 +0000 https://blog.golioth.network/?p=338 Vit Prajzler, CTO of Golioth, explains the concept of a Pre-Shared Key (PSK) and how it lends a simple but flexible amount of security for prototypes on the Golioth network. IoT prototypes on the Golioth platform are "Secure by default".

The post Yes, even your IoT prototype should be secure appeared first on The Golioth Developer Blog.

]]>