diff --git a/index.html b/index.html index 838b15b..76ab5db 100644 --- a/index.html +++ b/index.html @@ -3,31 +3,95 @@ - Gatehouse — Identity & Access - - + + + Secuird — Enterprise Identity & Access Management + + + + + - - - - + + - - - + + + + + + + + - - + + + + + + + + + + + + +
- + \ No newline at end of file diff --git a/src/pages/marketing/DemoPage.tsx b/src/pages/marketing/DemoPage.tsx new file mode 100644 index 0000000..0b97a56 --- /dev/null +++ b/src/pages/marketing/DemoPage.tsx @@ -0,0 +1,257 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Play, +ArrowRight, +Users, +Lock, +Terminal, +Shield, +MonitorPlay, +} from "lucide-react"; + +const demos = [ +{ +id: "getting-started", +title: "Getting Started with Secuird", +description: "A comprehensive overview of Secuird's features and how to set up your organization.", +duration: "12 min", +category: "Overview", +icon: Shield, +}, +{ +id: "social-login", +title: "Social Login Setup", +description: "Connect Microsoft 365, Google Workspace, or GitHub for seamless single sign-on.", +duration: "8 min", +category: "Authentication", +icon: Users, +}, +{ +id: "mfa-setup", +title: "MFA Configuration", +description: "Configure multi-factor authentication policies for your organization.", +duration: "6 min", +category: "Security", +icon: Lock, +}, +{ +id: "ssh-certificates", +title: "SSH Certificate Authority", +description: "Set up SSH certificate signing for secure, auditable server access.", +duration: "15 min", +category: "SSH Access", +icon: Terminal, +}, +{ +id: "oidc-clients", +title: "OIDC Client Setup", +description: "Register applications as OIDC clients for seamless authentication.", +duration: "10 min", +category: "Integration", +icon: MonitorPlay, +}, +]; + +export default function DemoPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Product Demos +
+

+ See Secuird in Action +

+

+ Watch our demo videos to see how Secuird can simplify identity and access management for your organization. +

+
+
+
+ + {/* Featured Demo */} +
+
+
+

Featured Demo

+

Start here for a complete overview of Secuird

+
+ + + +
+
+
+ +
+

Getting Started with Secuird

+

Video placeholder — Coming soon

+
+
+
+
+ Overview + 12 min +
+

Getting Started with Secuird

+

+ A comprehensive walkthrough of Secuird's core features. Learn how to set up your organization, + configure authentication methods, and enable SSH certificate signing. +

+
+ + +
+
+ + {/* All Demos */} +
+
+
+

+ All Demo Videos +

+

+ Explore specific features with our detailed walkthroughs +

+
+ +
+ {demos.map((demo) => ( + + +
+
+ +
+
+
+
+ {demo.category} + {demo.duration} +
+

{demo.title}

+

{demo.description}

+
+ + + ))} +
+
+
+ + {/* Request Custom Demo */} +
+
+ + +
+
+

+ Need a Custom Demo? +

+

+ Our team can provide a personalized demo tailored to your organization's specific requirements. + We'll walk through your use cases and show you how Secuird can help. +

+
    +
  • +
    + +
    + 30-minute live session with our team +
    • +
  • +
    + +
    + Tailored to your specific use cases +
    • +
  • +
    + +
    + Q&A with product experts +
    • +
+ +
+ +
+

Request Demo

+
+
+ + +
+
+ + +
+
+ + +
+ +
+
+
+ + +
+
+ + {/* CTA */} +
+
+
+

+ Ready to Try It Yourself? +

+

+ Start your free trial today. No credit card required. Full access to all features. +

+
+ + + + + + +
+
+
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/FeaturesPage.tsx b/src/pages/marketing/FeaturesPage.tsx new file mode 100644 index 0000000..1360b35 --- /dev/null +++ b/src/pages/marketing/FeaturesPage.tsx @@ -0,0 +1,529 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Shield, +Key, +Users, +Lock, +Terminal, +Building2, +Globe, +ShieldCheck, +ArrowRight, +CheckCircle2, +Fingerprint, +ArrowRightLeft, +Eye, +Settings, +UserCheck, +Clock, +Server, +UserPlus, +FileKey, +Activity, +Layers, +ShieldAlert, +Network, +ScanLine, +LogIn, +AppWindow, +} from "lucide-react"; + +const authenticationFeatures = [ +{ +icon: Building2, +title: "Microsoft 365 SSO", +description: "Connect your Microsoft Entra ID (Azure AD) directory. Users authenticate with their corporate credentials instantly.", +}, +{ +icon: Globe, +title: "Google Workspace SSO", +description: "Seamless integration with Google Workspace. Enable single sign-on for all your internal applications.", +}, +{ +icon: Key, +title: "GitHub Authentication", +description: "Allow developers to authenticate using their GitHub accounts. Perfect for engineering teams.", +}, +{ +icon: Lock, +title: "Traditional Username/Password", +description: "Full support for traditional authentication with email verification and secure password policies.", +}, +]; + +const mfaFeatures = [ +{ +icon: Fingerprint, +title: "WebAuthn/Passkeys", +description: "Hardware security keys and platform authenticators (Face ID, Touch ID, Windows Hello). Phishing-resistant authentication.", +}, +{ +icon: Shield, +title: "TOTP Authenticator Apps", +description: "Support for Google Authenticator, Authy, 1Password, and any TOTP-compatible authenticator app.", +}, +{ +icon: Clock, +title: "Grace Periods", +description: "Configure grace periods for MFA enrollment. Give users time to set up their authenticators without blocking access.", +}, +{ +icon: ShieldAlert, +title: "Policy Enforcement", +description: "Organization-wide MFA requirements. Require specific methods (TOTP only, Passkey only, or both).", +}, +]; + +const oidcFeatures = [ +{ +icon: ArrowRightLeft, +title: "OIDC Provider", +description: "Secuird acts as a standards-compliant OpenID Connect provider. Connect any OIDC-compatible application.", +}, +{ +icon: AppWindow, +title: "Multiple Applications", +description: "Register unlimited client applications. Each gets unique credentials and configurable redirect URIs.", +}, +{ +icon: UserCheck, +title: "Consent Management", +description: "Users see and approve what information is shared. Transparent data access with user control.", +}, +{ +icon: Network, +title: "Scopes & Claims", +description: "Configure custom scopes and claims. Pass user roles, groups, and custom attributes to your applications.", +}, +]; + +const sshFeatures = [ +{ +icon: Terminal, +title: "Native SSH Support", +description: "Use standard OpenSSH client. No custom agents or modified binaries required. Works everywhere SSH works.", +}, +{ +icon: FileKey, +title: "Short-Lived Certificates", +description: "Certificates expire in minutes or hours. Eliminate long-lived SSH keys that persist after employees leave.", +}, +{ +icon: Eye, +title: "Complete Audit Trail", +description: "Every certificate issuance and SSH connection is logged. Full chain of custody from creation to usage.", +}, +{ +icon: Users, +title: "Group-Based Access", +description: "Configure principals and policies per department or team. Automatic group membership from identity provider.", +}, +{ +icon: Server, +title: "Host Certificates", +description: "Issue certificates for servers too. Verify host identity without TOFU warnings or known_hosts management.", +}, +{ +icon: Activity, +title: "Real-Time Monitoring", +description: "Monitor certificate usage in real-time. Detect anomalies and suspicious access patterns.", +}, +]; + +const organizationFeatures = [ +{ +icon: Users, +title: "Multi-Tenant Architecture", +description: "Separate organizations with complete isolation. Each org has its own members, policies, and resources.", +}, +{ +icon: UserPlus, +title: "Invite System", +description: "Invite users by email with role assignments. Automatic onboarding with pre-configured group memberships.", +}, +{ +icon: Layers, +title: "Department Management", +description: "Organize users into departments. Apply policies and SSH certificate settings per department.", +}, +{ +icon: ScanLine, +title: "Registration Tracking", +description: "Track user registration sources. UTM codes, referral links, and marketing campaigns are captured automatically.", +}, +]; + +const complianceFeatures = [ +{ +icon: Eye, +title: "Audit Logging", +description: "Every action is logged with user, timestamp, IP address, and details. Export logs for SIEM integration.", +}, +{ +icon: Settings, +title: "Security Policies", +description: "Define organization-wide security policies. MFA requirements, password rules, and session settings.", +}, +{ +icon: ShieldCheck, +title: "Compliance Reports", +description: "Generate compliance reports for SOC 2, HIPAA, and other frameworks. Demonstrate security controls.", +}, +{ +icon: Activity, +title: "Activity Monitoring", +description: "Real-time visibility into user activity. Login patterns, certificate usage, and security events.", +}, +]; + +export default function FeaturesPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Complete Feature Set +
+

+ Everything You Need for + Enterprise Identity +

+

+ Secuird provides a complete identity and access management platform. From social login to SSH certificates, we've got you covered. +

+
+
+
+ + {/* Authentication Methods */} +
+
+
+
+
+ + Authentication +
+

+ Flexible Authentication Options +

+

+ Let users authenticate with their existing corporate accounts. No new passwords to remember, no onboarding friction. +

+

+ Or combine methods—require social login for some users, traditional password + MFA for others. You're in complete control. +

+
    + {[ + "Single sign-on with major providers", + "Traditional email/password authentication", + "Combine multiple methods per user", + "Automatic account linking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ {authenticationFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* Multi-Factor Authentication */} +
+
+
+
+
+ {mfaFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+ +
+
+ + Multi-Factor Authentication +
+

+ Enforce MFA Across Your Organization +

+

+ Modern authentication needs modern security. Require hardware keys or authenticator apps for all users—or specific groups. +

+

+ With grace periods, users aren't immediately locked out. They get time to set up their authenticators while staying productive. +

+
    + {[ + "WebAuthn/Passkey support for phishing-resistant auth", + "TOTP support for all authenticator apps", + "Organization-wide MFA policies", + "Per-user compliance tracking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+
+
+
+ + {/* OIDC Provider */} +
+
+
+
+
+ + OIDC Provider +
+

+ One Identity for All Your Apps +

+

+ Secuird acts as an OpenID Connect provider. Connect any OIDC-compatible application—internal tools, dashboards, APIs—with a single identity source. +

+

+ Users authenticate once with Secuird, then seamlessly access all connected applications. No separate passwords, no repeated logins. +

+
    + {[ + "Standards-compliant OIDC implementation", + "Unlimited client applications", + "Custom scopes and claims", + "User consent management", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ {oidcFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* SSH Certificates */} +
+
+
+
+ + SSH Certificate Authority +
+

+ Modern SSH Access Management +

+

+ Replace static SSH keys with short-lived certificates tied to verified identities. Complete auditability with zero infrastructure changes. +

+
+ +
+ {sshFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+ +
+ + + +
+
+
+ + {/* Organization Management */} +
+
+
+
+
+ {organizationFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+ +
+
+ + Organization Management +
+

+ Manage Users, Groups, and Policies +

+

+ Complete organization management. Invite users, organize them into departments, and apply policies at any level. +

+

+ Track where users came from with registration tracking. Marketing codes and UTM parameters are captured automatically, and you can apply policies based on origin. +

+
    + {[ + "Multi-tenant with complete isolation", + "Role-based access control", + "Department-based organization", + "Registration source tracking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+
+
+
+ + {/* Compliance & Audit */} +
+
+
+
+
+ + Compliance & Audit +
+

+ Meet Your Compliance Requirements +

+

+ Every action is logged. From user logins to SSH certificate usage, you have complete visibility for audits and compliance reports. +

+

+ Generate reports for SOC 2, HIPAA, and other frameworks. Demonstrate your security controls with comprehensive audit trails. +

+
    + {[ + "Complete audit logging", + "Organization-level and system-level views", + "Export for SIEM integration", + "Compliance report generation", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ {complianceFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* CTA */} +
+
+ +
+ +

+ Ready to Get Started? +

+

+ Start your free trial today. No credit card required. Experience all features with your team. +

+
+ + + + + + +
+ + +
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/HomePage.tsx b/src/pages/marketing/HomePage.tsx new file mode 100644 index 0000000..0d42b85 --- /dev/null +++ b/src/pages/marketing/HomePage.tsx @@ -0,0 +1,443 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Shield, +Key, +Users, +Lock, +Terminal, +Building2, +ShieldCheck, +ArrowRight, +CheckCircle2, +Globe, +Fingerprint, +Clock, +ArrowRightLeft, +Eye, +Settings, +UserCheck +} from "lucide-react"; + +const features = [ +{ +icon: Shield, +title: "Enterprise SSO Without Complexity", +description: + "Enable single sign-on with Microsoft 365, Google Workspace, and GitHub. No complex federation setups—just connect and go.", +}, +{ +icon: Key, +title: "SSH Certificate Authority", +description: + "Issue short-lived SSH certificates tied to user identities. Eliminate shared SSH keys and achieve complete auditability.", +}, +{ +icon: Lock, +title: "Multi-Factor Authentication", +description: + "Enforce MFA policies across your organization with TOTP and WebAuthn/Passkey support. Compliance made simple.", +}, +{ +icon: ArrowRightLeft, +title: "OIDC Provider Built-In", +description: + "Secuird acts as an OIDC identity provider for your internal applications. One identity, seamless access everywhere.", +}, +]; + +const sshFeatures = [ +{ +icon: Terminal, +title: "Native SSH Integration", +description: "Use standard SSH clients—no custom agents or modified binaries required. Works with OpenSSH out of the box.", +}, +{ +icon: Clock, +title: "Short-Lived Certificates", +description: "Certificates expire automatically. Reduce blast radius and eliminate the headache of key rotation.", +}, +{ +icon: Eye, +title: "Complete Audit Trail", +description: "Every certificate issuance and SSH connection is logged. Know exactly who accessed what, when.", +}, +{ +icon: UserCheck, +title: "Identity-Linked Access", +description: "SSH access is tied to verified corporate identities. No more anonymous shared accounts.", +}, +]; + +const socialProviders = [ +{ name: "Microsoft 365", icon: Building2 }, +{ name: "Google Workspace", icon: Globe }, +{ name: "GitHub", icon: Key }, +]; + +export default function HomePage() { +return ( + <> + {/* Hero Section */} +
+ {/* Background gradient */} +
+ +
+
+ {/* Badge */} +
+ + Security-first identity platform +
+ + {/* Headline */} +

+ Enterprise Authentication, + Without the Enterprise Complexity +

+ + {/* Subheadline */} +

+ Secuird unifies social logins, MFA, and SSH certificate management in one platform. + Your team gets seamless access. You get complete control and auditability. +

+ + {/* CTA Buttons */} +
+ + + + + + +
+ + {/* Trust indicators */} +
+

Trusted authentication providers

+
+ {socialProviders.map((provider) => ( +
+ + {provider.name} +
+ ))} +
+
+
+
+
+ + {/* Features Grid */} +
+
+
+

+ Everything You Need for Identity & Access +

+

+ From user authentication to SSH certificate management, Secuird provides a complete identity platform. +

+
+ +
+ {features.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+ +
+ + + +
+
+
+ + {/* SSH Certificates Feature Highlight */} +
+
+
+
+
+ + SSH Certificate Authority +
+

+ Eliminate SSH Key Chaos +

+

+ Replace static SSH keys with short-lived certificates tied to verified identities. + Every access is logged, every certificate is traceable. +

+ +
    + {[ + "Works with standard OpenSSH—no custom clients needed", + "Certificates expire automatically—no more key rotation", + "Full audit trail from issuance to usage", + "Group-based access policies", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+ + + + +
+ +
+ {sshFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* How It Works */} +
+
+
+

+ How It Works +

+

+ Get started in minutes, not months. No complex federation required. +

+
+ +
+ {[ + { + step: "01", + title: "Connect Your Providers", + description: "Link Microsoft 365, Google Workspace, or GitHub. Users authenticate with credentials they already have.", + icon: Users, + }, + { + step: "02", + title: "Configure Policies", + description: "Set MFA requirements, access policies, and SSH certificate parameters. One policy, organization-wide.", + icon: Settings, + }, + { + step: "03", + title: "Connect Your Apps", + description: "Register internal applications as OIDC clients. Users get seamless SSO access to everything.", + icon: Fingerprint, + }, + ].map((step) => ( +
+
{step.step}
+
+ +
+

{step.title}

+

{step.description}

+
+ ))} +
+
+
+ + {/* Marketing & Registration Tracking */} +
+
+
+
+ + +
+
+
+ +
+
+

Marketing Campaign A

+

utm_source=newsletter

+
+
+
+
+ +
+
+

Partner Integration

+

referral_code=partner123

+
+
+
+
+ +
+
+

Direct Signup

+

organic registration

+
+
+
+

Auto-applied policies:

+
+ Trial Extended + Partner Group +
+
+
+ + +
+ +
+
+ + Registration Tracking +
+

+ Know Where Your Users Come From +

+

+ Track user registration sources through marketing codes, UTM parameters, or referral links. + Apply policies and group memberships automatically based on origin. +

+ +
    + {[ + "Automatic group assignment based on registration source", + "UTM parameter tracking for marketing attribution", + "Custom invite codes with policy presets", + "Partner and affiliate tracking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+
+
+
+ + {/* Security & Compliance */} +
+
+
+
+ + Security First +
+

+ Built for Enterprise Security Requirements +

+

+ Every feature is designed with security and compliance in mind. From MFA enforcement to complete audit trails. +

+
+ +
+ {[ + { + icon: Lock, + title: "MFA Enforcement", + description: "Organization-wide MFA policies. Require TOTP or WebAuthn for all users, with grace periods for enrollment.", + }, + { + icon: Eye, + title: "Complete Audit Trail", + description: "Every action is logged. From logins to SSH certificate usage, you have full visibility into who did what.", + }, + { + icon: ShieldCheck, + title: "Compliance Ready", + description: "Meet SOC 2, HIPAA, and other compliance requirements with documented security controls and audit logs.", + }, + ].map((item) => ( + + +
+ +
+

{item.title}

+

{item.description}

+ + + ))} +
+ +
+ + + +
+
+
+ + {/* CTA Section */} +
+
+ +
+ +

+ Ready to Simplify Your Identity Stack? +

+

+ Start your free trial today. No credit card required. Set up SSO and SSH certificates in under an hour. +

+
+ + + + + + +
+ + +
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/PricingPage.tsx b/src/pages/marketing/PricingPage.tsx new file mode 100644 index 0000000..e840b28 --- /dev/null +++ b/src/pages/marketing/PricingPage.tsx @@ -0,0 +1,358 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent, CardHeader, CardTitle, CardDescription } from "@/components/ui/card"; +import { +CreditCard, +CheckCircle2, +ArrowRight, +Users, +Server, +Shield, +Zap, +Building2, +HelpCircle, +} from "lucide-react"; + +const plans = [ +{ +name: "Starter", +description: "Perfect for small teams getting started with modern identity management.", +price: 29, +priceNote: "per user/month", +billed: "billed annually", +features: [ + "Up to 50 users", + "1 organization", + "Email/password authentication", + "Google OAuth integration", + "Basic MFA (TOTP)", + "Up to 3 OIDC clients", + "Up to 2 SSH CAs", + "7-day audit log retention", +], +cta: "Start Free Trial", +highlighted: false, +}, +{ +name: "Business", +description: "For growing organizations that need complete identity and access management.", +price: 59, +priceNote: "per user/month", +billed: "billed annually", +features: [ + "Unlimited users", + "Multiple organizations", + "All OAuth providers", + "WebAuthn/Passkey support", + "Unlimited OIDC clients", + "Unlimited SSH CAs", + "Host certificate signing", + "90-day audit log retention", + "Department-based policies", + "Registration tracking", +], +cta: "Start Free Trial", +highlighted: true, +badge: "Most Popular", +}, +{ +name: "Enterprise", +description: "For organizations with advanced security and compliance requirements.", +price: null, +priceNote: "custom pricing", +billed: "contact sales", +features: [ + "Everything in Business", + "Self-hosted deployment", + "Custom SLA", + "Dedicated support", + "Unlimited audit retention", + "Custom branding", + "SAML integration", + "SCIM provisioning", + "Priority feature requests", + "On-premises option", +], +cta: "Contact Sales", +highlighted: false, +}, +]; + +const faqs = [ +{ +question: "How does the free trial work?", +answer: "Start with a 14-day free trial with full access to all Business features. No credit card required. After the trial, choose the plan that fits your needs.", +}, +{ +question: "Can I switch plans later?", +answer: "Yes, you can upgrade or downgrade at any time. Changes take effect immediately, and we'll prorate any billing differences.", +}, +{ +question: "What counts as a user?", +answer: "A user is anyone with an active account in your organization. Pending invites and suspended accounts don't count toward your user limit.", +}, +{ +question: "Do you offer discounts for startups or non-profits?", +answer: "Yes! We offer 50% off for qualified startups and non-profit organizations. Contact our sales team to learn more.", +}, +{ +question: "Is there a self-hosted option?", +answer: "Yes, our Enterprise plan includes self-hosted deployment options. This is ideal for organizations with strict data residency requirements.", +}, +{ +question: "What payment methods do you accept?", +answer: "We accept all major credit cards, ACH transfers (US), and wire transfers for annual Enterprise contracts.", +}, +]; + +export default function PricingPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Transparent Pricing +
+

+ Simple Pricing for + Organizations of All Sizes +

+

+ No hidden fees. No surprise charges. Pay only for what you use, with plans that scale with your organization. +

+
+
+
+ + {/* Pricing Cards */} +
+
+
+ {plans.map((plan) => ( + + {plan.badge && ( +
+ + {plan.badge} + +
+ )} + + {plan.name} + + {plan.description} + + + +
+ {plan.price !== null ? ( +
+
+ ${plan.price} + /{plan.priceNote} +
+

{plan.billed}

+
+ ) : ( +
+

Custom Pricing

+

Contact us for details

+
+ )} +
+ +
    + {plan.features.map((feature) => ( +
  • + + {feature} +
    • + ))} +
+ + + + + + + ))} +
+ + {/* Enterprise CTA */} +
+ + +
+
+
+ + Enterprise Solutions +
+

+ Need a Custom Solution? +

+

+ Our enterprise team can help with custom deployments, integrations, and volume pricing. Get a personalized quote for your organization. +

+
    +
  • + + Self-hosted deployment options +
    • +
  • + + Custom SLA and support tiers +
    • +
  • + + Dedicated customer success manager +
    • +
+
+
+
+
+ +
+

+ Talk to our team about your requirements +

+ +
+
+
+ + +
+
+
+ + {/* Feature Comparison */} +
+
+
+

+ Compare Plans Side by Side +

+

+ See which plan is right for your organization +

+
+ + + +
+ + + + + + + + + + + {[ + { feature: "Users", starter: "Up to 50", business: "Unlimited", enterprise: "Unlimited" }, + { feature: "Organizations", starter: "1", business: "Multiple", enterprise: "Unlimited" }, + { feature: "OAuth Providers", starter: "Google", business: "All", enterprise: "All + SAML" }, + { feature: "MFA Methods", starter: "TOTP", business: "TOTP + WebAuthn", enterprise: "TOTP + WebAuthn" }, + { feature: "OIDC Clients", starter: "3", business: "Unlimited", enterprise: "Unlimited" }, + { feature: "SSH CAs", starter: "2", business: "Unlimited", enterprise: "Unlimited" }, + { feature: "Host Certificates", starter: "—", business: "✓", enterprise: "✓" }, + { feature: "Audit Log Retention", starter: "7 days", business: "90 days", enterprise: "Unlimited" }, + { feature: "Self-Hosted", starter: "—", business: "—", enterprise: "✓" }, + { feature: "Custom Branding", starter: "—", business: "—", enterprise: "✓" }, + { feature: "SCIM Provisioning", starter: "—", business: "—", enterprise: "✓" }, + { feature: "SLA", starter: "—", business: "99.9%", enterprise: "Custom" }, + ].map((row) => ( + + + + + + + ))} + +
FeatureStarterBusinessEnterprise
{row.feature}{row.starter}{row.business}{row.enterprise}
+
+ + +
+
+ + {/* FAQ */} +
+
+
+

+ Frequently Asked Questions +

+

+ Everything you need to know about pricing and billing +

+
+ +
+ {faqs.map((faq) => ( + + + {faq.question} + + +

{faq.answer}

+ + + ))} +
+
+
+ + {/* CTA */} +
+
+
+

+ Start Your Free Trial Today +

+

+ Try Secuird free for 14 days. No credit card required. Full access to all Business features. +

+
+ + + + + + +
+
+
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/SSHCertificatesPage.tsx b/src/pages/marketing/SSHCertificatesPage.tsx new file mode 100644 index 0000000..5ba917a --- /dev/null +++ b/src/pages/marketing/SSHCertificatesPage.tsx @@ -0,0 +1,455 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Terminal, +FileKey, +Clock, +Users, +Eye, +ShieldCheck, +ArrowRight, +CheckCircle2, +Server, +Key, +Copy, +RefreshCw, +Lock, +} from "lucide-react"; + +const benefits = [ +{ +icon: Clock, +title: "Short-Lived by Design", +description: "Certificates expire in minutes or hours. No more managing key rotation schedules or dealing with stale keys.", +}, +{ +icon: Eye, +title: "Complete Audit Trail", +description: "Every certificate issuance and SSH connection is logged. Know exactly who accessed what, when.", +}, +{ +icon: Users, +title: "Identity-Linked Access", +description: "Certificates are tied to verified user identities. No more anonymous shared accounts.", +}, +{ +icon: ShieldCheck, +title: "Instant Revocation", +description: "Disable a user and their certificates become useless. No more hunting for keys on servers.", +}, +]; + +const howItWorks = [ +{ +step: "01", +title: "Register SSH Public Key", +description: "Users register their SSH public key in Secuird. This is a one-time setup—no private keys are ever stored.", +code: "ssh-keygen -t ed25519", +}, +{ +step: "02", +title: "Request a Certificate", +description: "When users need to connect, they request a certificate. Secuird verifies their identity and issues a short-lived cert.", +code: "ssh secuird.example.com sign", +}, +{ +step: "03", +title: "Connect Normally", +description: "Use standard SSH to connect to servers. The certificate is automatically used for authentication.", +code: "ssh user@server.example.com", +}, +{ +step: "04", +title: "Automatic Expiration", +description: "The certificate expires automatically. Users request new certificates as needed—no manual key rotation.", +code: "# Certificate auto-expires", +}, +]; + +const comparisonFeatures = [ +{ feature: "Lifetime", static: "Permanent", cert: "Minutes to hours" }, +{ feature: "Rotation", static: "Manual, error-prone", cert: "Automatic" }, +{ feature: "Auditability", static: "None", cert: "Full chain of custody" }, +{ feature: "Revocation", static: "Distribute to all servers", cert: "Disable user" }, +{ feature: "Access Control", static: "Manual key distribution", cert: "Group-based policies" }, +{ feature: "Identity Link", static: "Anonymous", cert: "Verified identity" }, +{ feature: "Onboarding", static: "Copy keys manually", cert: "Self-service" }, +{ feature: "Offboarding", static: "Hunt and remove keys", cert: "Instant revocation" }, +]; + +const useCases = [ +{ +title: "Engineering Teams", +description: "Engineers get SSH access based on team membership. New team members get access automatically.", +features: ["Department-based principals", "Self-service certificate issuance", "Full audit trail for compliance"], +}, +{ +title: "Infrastructure Teams", +description: "Manage SSH access to production servers with fine-grained control and complete visibility.", +features: ["Host certificates for servers", "Bastion host support", "Production access policies"], +}, +{ +title: "Security Teams", +description: "Eliminate the security risks of static SSH keys while maintaining complete visibility.", +features: ["Certificate expiration alerts", "Anomaly detection", "Compliance reporting"], +}, +]; + +export default function SSHCertificatesPage() { +return ( + <> + {/* Hero */} +
+
+
+
+
+ + SSH Certificate Authority +
+

+ Eliminate SSH Key Chaos + With Short-Lived Certificates +

+

+ Replace permanent SSH keys with short-lived certificates tied to verified identities. Works with standard OpenSSH—no custom clients needed. +

+
+ + + + + + +
+
+ +
+ +
+
+
+
+
+ Terminal +
+
+ + 
+                  
+{`# Request SSH certificate
+$ ssh user@securd.example.com sign
+
+✓ Identity verified
+✓ Certificate issued
+✓ Valid for 1 hour
+
+# Connect to server
+$ ssh user@prod-server-01
+Welcome to prod-server-01!
+Last login: Mon 10:32 from 192.168.1.100
+
+# Certificate auto-expires
+# No key rotation needed`}
+                  
+
+ + +
+
+
+
+ + {/* Benefits */} +
+
+
+

+ Why SSH Certificates? +

+

+ Static SSH keys create security risks and operational headaches. Certificates solve both. +

+
+ +
+ {benefits.map((benefit) => ( + + +
+ +
+

{benefit.title}

+

{benefit.description}

+ + + ))} +
+
+
+ + {/* How It Works */} +
+
+
+

+ How It Works +

+

+ No custom clients required. Works with standard OpenSSH on servers and user machines. +

+
+ +
+ {howItWorks.map((step) => ( + + +
{step.step}
+

{step.title}

+

{step.description}

+ 
+                  {step.code}
+
+ + + ))} +
+ +
+

+ The only requirement is OpenSSH 5.6+ on both client and server. Works on Linux, macOS, and most Unix systems. +

+
+
+
+ + {/* Static Keys vs Certificates */} +
+
+
+

+ Static Keys vs. Certificates +

+

+ See why organizations are switching from static SSH keys to certificate-based authentication. +

+
+ + + +
+ + + + + + + + + + {comparisonFeatures.map((row) => ( + + + + + + ))} + +
FeatureStatic SSH KeysSSH Certificates
{row.feature}{row.static}{row.cert}
+
+ + +
+
+ + {/* Use Cases */} +
+
+
+

+ Use Cases +

+

+ SSH certificates work for teams of all sizes and across different use cases. +

+
+ +
+ {useCases.map((useCase) => ( + + +

{useCase.title}

+

{useCase.description}

+
    + {useCase.features.map((feature) => ( +
  • + + {feature} +
    • + ))} +
+ + + ))} +
+
+
+ + {/* Server Setup */} +
+
+
+
+
+ + Server Configuration +
+

+ Simple Server Setup +

+

+ Configure your servers to trust the Secuird CA. One configuration change, and all your servers accept certificates. +

+
    + {[ + "Works with standard OpenSSH", + "No custom server software needed", + "One-time CA key distribution", + "Host certificates for server verification", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ +
+
+
+
+
+ /etc/ssh/sshd_config +
+
+ + 
+                  
+{`# Trust Secuird CA for user authentication
+TrustedUserCAKeys /etc/ssh/securd_user_ca.pub
+
+# (Optional) Use host certificates
+HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
+TrustedUserCAKeys /etc/ssh/securd_host_ca.pub
+
+# Restart SSH to apply changes
+$ systemctl restart sshd`}
+                  
+
+ + +
+
+
+
+ + {/* Features Deep Dive */} +
+
+
+

+ Powerful Features +

+

+ Everything you need to manage SSH access at scale. +

+
+ +
+ {[ + { + icon: Key, + title: "Multiple CAs", + description: "Create separate CAs for different environments—production, staging, development.", + }, + { + icon: Users, + title: "Principal Mapping", + description: "Map users to principals based on group membership. Automatic access based on teams.", + }, + { + icon: Clock, + title: "Custom Validity", + description: "Set certificate validity per CA. Hours for production, days for development.", + }, + { + icon: Copy, + title: "One-Time Setup", + description: "Users register their public key once. No private keys ever touch our servers.", + }, + { + icon: RefreshCw, + title: "Self-Service", + description: "Users request and receive certificates themselves. No admin intervention needed.", + }, + { + icon: Lock, + title: "Instant Revocation", + description: "Disable a user and all their certificates become invalid immediately.", + }, + ].map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+ + {/* CTA */} +
+
+ +
+ +

+ Ready to Modernize SSH Access? +

+

+ Start your free trial today. Set up your first SSH CA in minutes and see the difference certificates make. +

+
+ + + + + + +
+ + +
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/SecurityPage.tsx b/src/pages/marketing/SecurityPage.tsx new file mode 100644 index 0000000..4dd920d --- /dev/null +++ b/src/pages/marketing/SecurityPage.tsx @@ -0,0 +1,482 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Shield, +Lock, +Key, +Eye, +ShieldCheck, +Fingerprint, +Server, +Clock, +FileKey, +ArrowRight, +CheckCircle2, +} from "lucide-react"; + +const securityPrinciples = [ +{ +icon: Shield, +title: "Security by Design", +description: "Every feature is built with security as the foundation. No bolted-on security— it's integral to every component.", +}, +{ +icon: Lock, +title: "Defense in Depth", +description: "Multiple layers of security controls. If one layer fails, others provide protection.", +}, +{ +icon: Eye, +title: "Transparency & Auditability", +description: "Complete visibility into who did what, when. Every action is logged and auditable.", +}, +{ +icon: Key, +title: "Principle of Least Privilege", +description: "Users and services only have the minimum permissions needed to perform their tasks.", +}, +]; + +const mfaCapabilities = [ +{ +icon: Fingerprint, +title: "WebAuthn/Passkeys", +description: "Phishing-resistant authentication using hardware security keys or platform authenticators like Touch ID, Face ID, and Windows Hello.", +features: ["FIDO2 compliant", "Platform authenticators", "Hardware keys (YubiKey, etc.)", "Resident credentials"], +}, +{ +icon: Shield, +title: "TOTP Authenticator Apps", +description: "Time-based one-time passwords work with any TOTP-compatible authenticator app.", +features: ["Google Authenticator", "Authy", "1Password", "Any TOTP app"], +}, +{ +icon: Clock, +title: "Grace Periods", +description: "Configurable enrollment windows let users set up MFA without blocking access immediately.", +features: ["Custom duration", "Reminder notifications", "Admin visibility", "Hard deadline enforcement"], +}, +{ +icon: ShieldCheck, +title: "Policy Enforcement", +description: "Organization-wide MFA requirements with compliance tracking per user.", +features: ["Require TOTP", "Require WebAuthn", "Require any MFA", "Compliance dashboards"], +}, +]; + +const auditFeatures = [ +{ +title: "User Authentication", +description: "Login attempts, MFA challenges, session creation", +}, +{ +title: "Administrative Actions", +description: "User management, policy changes, role assignments", +}, +{ +title: "SSH Certificates", +description: "Certificate issuance, revocation, and usage", +}, +{ +title: "OIDC Flows", +description: "Authorization requests, token issuance, consent grants", +}, +{ +title: "Organization Events", +description: "Member invites, department changes, group assignments", +}, +{ +title: "Security Events", +description: "Failed logins, suspicious activity, policy violations", +}, +]; + +const complianceFrameworks = [ +{ +name: "SOC 2 Type II", +description: "Security, availability, and confidentiality controls", +}, +{ +name: "HIPAA", +description: "Healthcare data protection requirements", +}, +{ +name: "GDPR", +description: "EU data protection regulation compliance", +}, +{ +name: "PCI DSS", +description: "Payment card industry security standards", +}, +]; + +export default function SecurityPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Security First +
+

+ Built for Enterprise + Security Requirements +

+

+ Security isn't an afterthought—it's the foundation. Every feature is designed with security, auditability, and compliance in mind. +

+
+
+
+ + {/* Security Principles */} +
+
+
+

+ Our Security Principles +

+

+ These principles guide every decision we make about security and architecture. +

+
+ +
+ {securityPrinciples.map((principle) => ( + + +
+ +
+

{principle.title}

+

{principle.description}

+ + + ))} +
+
+
+ + {/* MFA Deep Dive */} +
+
+
+
+ + Multi-Factor Authentication +
+

+ Modern MFA That Works for Everyone +

+

+ From phishing-resistant hardware keys to simple authenticator apps, we support the MFA methods your team needs. +

+
+ +
+ {mfaCapabilities.map((capability) => ( + + +
+
+ +
+
+

{capability.title}

+

{capability.description}

+
+ {capability.features.map((feature) => ( + + {feature} + + ))} +
+
+
+ + + ))} +
+
+
+ + {/* SSH Certificate Security */} +
+
+
+
+
+ + SSH Certificate Security +
+

+ SSH Keys Are a Security Nightmare +

+

+ Static SSH keys never expire. They get shared, copied, and forgotten. When employees leave, their keys often remain on servers. +

+

+ SSH certificates solve this by being short-lived and tied to verified identities. Every certificate is traceable from issuance to usage. +

+
    + {[ + "Certificates expire automatically—no key rotation needed", + "Each certificate is linked to a verified user identity", + "Complete audit trail of every certificate used", + "Revoke access instantly by disabling the user", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ + + +
+
+ +
+ + +
+
+ +
+
+

Static SSH Keys

+
    +
  • • Never expire
    • +
  • • Often shared between users
    • +
  • • No audit trail
    • +
  • • Hard to rotate
    • +
  • • Survive employee departure
    • +
+
+
+ + + + + +
+
+ +
+
+

SSH Certificates

+
    +
  • • Expire in minutes/hours
    • +
  • • Linked to verified identity
    • +
  • • Complete audit trail
    • +
  • • Auto-expire, no rotation
    • +
  • • Revoked when user disabled
    • +
+
+
+ + +
+
+
+
+ + {/* Audit Logging */} +
+
+
+
+ +
+
+
+
+
+ Audit Log +
+
+ +
+ {[ + { time: "14:32:01", event: "user.login.success", user: "john@example.com", ip: "192.168.1.100" }, + { time: "14:32:45", event: "mfa.totp.verify", user: "john@example.com", ip: "192.168.1.100" }, + { time: "14:33:12", event: "ssh.cert.issue", user: "john@example.com", cert: "cert_abc123" }, + { time: "14:35:00", event: "ssh.connect", user: "john@example.com", host: "prod-server-01" }, + { time: "14:45:22", event: "oidc.token.issue", user: "john@example.com", client: "internal-app" }, + ].map((log, i) => ( +
+
+ {log.time} + {log.event} +
+
+ user: {log.user} + ip: {log.ip} +
+
+ ))} +
+ + +
+ +
+
+ + Complete Audit Trail +
+

+ Every Action is Logged +

+

+ From user logins to SSH certificate usage, every action is recorded with full context. Know exactly who did what, when. +

+ +
+ {auditFeatures.map((feature) => ( +
+ +
+

{feature.title}

+

{feature.description}

+
+
+ ))} +
+
+
+
+
+ + {/* Infrastructure Security */} +
+
+
+

+ Infrastructure Security +

+

+ Your data is protected by industry-leading security practices. +

+
+ +
+ {[ + { + icon: Server, + title: "Encrypted at Rest", + description: "All data is encrypted using AES-256 encryption. Database backups are also encrypted.", + }, + { + icon: Key, + title: "Encrypted in Transit", + description: "TLS 1.3 for all connections. Certificate pinning for internal communications.", + }, + { + icon: Shield, + title: "Secure Key Storage", + description: "SSH CA private keys are stored in hardware security modules (HSMs) or equivalent.", + }, + { + icon: Lock, + title: "Access Controls", + description: "Principle of least privilege. Staff access is logged and time-limited.", + }, + { + icon: Eye, + title: "Intrusion Detection", + description: "Continuous monitoring for suspicious activity. Automated threat response.", + }, + { + icon: Clock, + title: "Regular Audits", + description: "Third-party security assessments and penetration testing conducted annually.", + }, + ].map((item) => ( + + +
+ +
+

{item.title}

+

{item.description}

+ + + ))} +
+
+
+ + {/* Compliance */} +
+
+
+

+ Compliance Ready +

+

+ Secuird helps you meet your compliance requirements with comprehensive logging and security controls. +

+
+ +
+ {complianceFrameworks.map((framework) => ( + + +

{framework.name}

+

{framework.description}

+ + + ))} +
+ +
+

+ Need compliance documentation or have specific requirements? +

+ +
+
+
+ + {/* CTA */} +
+
+ +
+ +

+ Security Questions? +

+

+ Our security team is available to discuss your specific requirements and help you evaluate Secuird for your organization. +

+
+ + + + +
+ + +
+
+ +); +} \ No newline at end of file