From 7be6415db1310be943b22f40a6574d5cbb56e97a Mon Sep 17 00:00:00 2001 From: Cory Hawkvelt Date: Fri, 20 Mar 2026 22:17:33 +1030 Subject: [PATCH] feat(marketing): add Secuird marketing pages and rebrand Add comprehensive marketing website with landing page, features, pricing, demo, SSH certificates, and security pages. Update index.html with enhanced SEO metadata, Open Graph tags, and structured data for the Secuird brand. --- index.html | 90 +++- src/pages/marketing/DemoPage.tsx | 257 ++++++++++ src/pages/marketing/FeaturesPage.tsx | 529 ++++++++++++++++++++ src/pages/marketing/HomePage.tsx | 443 ++++++++++++++++ src/pages/marketing/PricingPage.tsx | 358 +++++++++++++ src/pages/marketing/SSHCertificatesPage.tsx | 455 +++++++++++++++++ src/pages/marketing/SecurityPage.tsx | 482 ++++++++++++++++++ 7 files changed, 2601 insertions(+), 13 deletions(-) create mode 100644 src/pages/marketing/DemoPage.tsx create mode 100644 src/pages/marketing/FeaturesPage.tsx create mode 100644 src/pages/marketing/HomePage.tsx create mode 100644 src/pages/marketing/PricingPage.tsx create mode 100644 src/pages/marketing/SSHCertificatesPage.tsx create mode 100644 src/pages/marketing/SecurityPage.tsx diff --git a/index.html b/index.html index 838b15b..76ab5db 100644 --- a/index.html +++ b/index.html @@ -3,31 +3,95 @@ - Gatehouse — Identity & Access - - + + + Secuird — Enterprise Identity & Access Management + + + + + - - - - + + - - - + + + + + + + + - - + + + + + + + + + + + + +
- + \ No newline at end of file diff --git a/src/pages/marketing/DemoPage.tsx b/src/pages/marketing/DemoPage.tsx new file mode 100644 index 0000000..0b97a56 --- /dev/null +++ b/src/pages/marketing/DemoPage.tsx @@ -0,0 +1,257 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Play, +ArrowRight, +Users, +Lock, +Terminal, +Shield, +MonitorPlay, +} from "lucide-react"; + +const demos = [ +{ +id: "getting-started", +title: "Getting Started with Secuird", +description: "A comprehensive overview of Secuird's features and how to set up your organization.", +duration: "12 min", +category: "Overview", +icon: Shield, +}, +{ +id: "social-login", +title: "Social Login Setup", +description: "Connect Microsoft 365, Google Workspace, or GitHub for seamless single sign-on.", +duration: "8 min", +category: "Authentication", +icon: Users, +}, +{ +id: "mfa-setup", +title: "MFA Configuration", +description: "Configure multi-factor authentication policies for your organization.", +duration: "6 min", +category: "Security", +icon: Lock, +}, +{ +id: "ssh-certificates", +title: "SSH Certificate Authority", +description: "Set up SSH certificate signing for secure, auditable server access.", +duration: "15 min", +category: "SSH Access", +icon: Terminal, +}, +{ +id: "oidc-clients", +title: "OIDC Client Setup", +description: "Register applications as OIDC clients for seamless authentication.", +duration: "10 min", +category: "Integration", +icon: MonitorPlay, +}, +]; + +export default function DemoPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Product Demos +
+

+ See Secuird in Action +

+

+ Watch our demo videos to see how Secuird can simplify identity and access management for your organization. +

+
+
+
+ + {/* Featured Demo */} +
+
+
+

Featured Demo

+

Start here for a complete overview of Secuird

+
+ + + +
+
+
+ +
+

Getting Started with Secuird

+

Video placeholder — Coming soon

+
+
+
+
+ Overview + 12 min +
+

Getting Started with Secuird

+

+ A comprehensive walkthrough of Secuird's core features. Learn how to set up your organization, + configure authentication methods, and enable SSH certificate signing. +

+
+ + +
+
+ + {/* All Demos */} +
+
+
+

+ All Demo Videos +

+

+ Explore specific features with our detailed walkthroughs +

+
+ +
+ {demos.map((demo) => ( + + +
+
+ +
+
+
+
+ {demo.category} + {demo.duration} +
+

{demo.title}

+

{demo.description}

+
+ + + ))} +
+
+
+ + {/* Request Custom Demo */} +
+
+ + +
+
+

+ Need a Custom Demo? +

+

+ Our team can provide a personalized demo tailored to your organization's specific requirements. + We'll walk through your use cases and show you how Secuird can help. +

+
    +
  • +
    + +
    + 30-minute live session with our team +
    • +
  • +
    + +
    + Tailored to your specific use cases +
    • +
  • +
    + +
    + Q&A with product experts +
    • +
+ +
+ +
+

Request Demo

+
+
+ + +
+
+ + +
+
+ + +
+ +
+
+
+ + +
+
+ + {/* CTA */} +
+
+
+

+ Ready to Try It Yourself? +

+

+ Start your free trial today. No credit card required. Full access to all features. +

+
+ + + + + + +
+
+
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/FeaturesPage.tsx b/src/pages/marketing/FeaturesPage.tsx new file mode 100644 index 0000000..1360b35 --- /dev/null +++ b/src/pages/marketing/FeaturesPage.tsx @@ -0,0 +1,529 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Shield, +Key, +Users, +Lock, +Terminal, +Building2, +Globe, +ShieldCheck, +ArrowRight, +CheckCircle2, +Fingerprint, +ArrowRightLeft, +Eye, +Settings, +UserCheck, +Clock, +Server, +UserPlus, +FileKey, +Activity, +Layers, +ShieldAlert, +Network, +ScanLine, +LogIn, +AppWindow, +} from "lucide-react"; + +const authenticationFeatures = [ +{ +icon: Building2, +title: "Microsoft 365 SSO", +description: "Connect your Microsoft Entra ID (Azure AD) directory. Users authenticate with their corporate credentials instantly.", +}, +{ +icon: Globe, +title: "Google Workspace SSO", +description: "Seamless integration with Google Workspace. Enable single sign-on for all your internal applications.", +}, +{ +icon: Key, +title: "GitHub Authentication", +description: "Allow developers to authenticate using their GitHub accounts. Perfect for engineering teams.", +}, +{ +icon: Lock, +title: "Traditional Username/Password", +description: "Full support for traditional authentication with email verification and secure password policies.", +}, +]; + +const mfaFeatures = [ +{ +icon: Fingerprint, +title: "WebAuthn/Passkeys", +description: "Hardware security keys and platform authenticators (Face ID, Touch ID, Windows Hello). Phishing-resistant authentication.", +}, +{ +icon: Shield, +title: "TOTP Authenticator Apps", +description: "Support for Google Authenticator, Authy, 1Password, and any TOTP-compatible authenticator app.", +}, +{ +icon: Clock, +title: "Grace Periods", +description: "Configure grace periods for MFA enrollment. Give users time to set up their authenticators without blocking access.", +}, +{ +icon: ShieldAlert, +title: "Policy Enforcement", +description: "Organization-wide MFA requirements. Require specific methods (TOTP only, Passkey only, or both).", +}, +]; + +const oidcFeatures = [ +{ +icon: ArrowRightLeft, +title: "OIDC Provider", +description: "Secuird acts as a standards-compliant OpenID Connect provider. Connect any OIDC-compatible application.", +}, +{ +icon: AppWindow, +title: "Multiple Applications", +description: "Register unlimited client applications. Each gets unique credentials and configurable redirect URIs.", +}, +{ +icon: UserCheck, +title: "Consent Management", +description: "Users see and approve what information is shared. Transparent data access with user control.", +}, +{ +icon: Network, +title: "Scopes & Claims", +description: "Configure custom scopes and claims. Pass user roles, groups, and custom attributes to your applications.", +}, +]; + +const sshFeatures = [ +{ +icon: Terminal, +title: "Native SSH Support", +description: "Use standard OpenSSH client. No custom agents or modified binaries required. Works everywhere SSH works.", +}, +{ +icon: FileKey, +title: "Short-Lived Certificates", +description: "Certificates expire in minutes or hours. Eliminate long-lived SSH keys that persist after employees leave.", +}, +{ +icon: Eye, +title: "Complete Audit Trail", +description: "Every certificate issuance and SSH connection is logged. Full chain of custody from creation to usage.", +}, +{ +icon: Users, +title: "Group-Based Access", +description: "Configure principals and policies per department or team. Automatic group membership from identity provider.", +}, +{ +icon: Server, +title: "Host Certificates", +description: "Issue certificates for servers too. Verify host identity without TOFU warnings or known_hosts management.", +}, +{ +icon: Activity, +title: "Real-Time Monitoring", +description: "Monitor certificate usage in real-time. Detect anomalies and suspicious access patterns.", +}, +]; + +const organizationFeatures = [ +{ +icon: Users, +title: "Multi-Tenant Architecture", +description: "Separate organizations with complete isolation. Each org has its own members, policies, and resources.", +}, +{ +icon: UserPlus, +title: "Invite System", +description: "Invite users by email with role assignments. Automatic onboarding with pre-configured group memberships.", +}, +{ +icon: Layers, +title: "Department Management", +description: "Organize users into departments. Apply policies and SSH certificate settings per department.", +}, +{ +icon: ScanLine, +title: "Registration Tracking", +description: "Track user registration sources. UTM codes, referral links, and marketing campaigns are captured automatically.", +}, +]; + +const complianceFeatures = [ +{ +icon: Eye, +title: "Audit Logging", +description: "Every action is logged with user, timestamp, IP address, and details. Export logs for SIEM integration.", +}, +{ +icon: Settings, +title: "Security Policies", +description: "Define organization-wide security policies. MFA requirements, password rules, and session settings.", +}, +{ +icon: ShieldCheck, +title: "Compliance Reports", +description: "Generate compliance reports for SOC 2, HIPAA, and other frameworks. Demonstrate security controls.", +}, +{ +icon: Activity, +title: "Activity Monitoring", +description: "Real-time visibility into user activity. Login patterns, certificate usage, and security events.", +}, +]; + +export default function FeaturesPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Complete Feature Set +
+

+ Everything You Need for + Enterprise Identity +

+

+ Secuird provides a complete identity and access management platform. From social login to SSH certificates, we've got you covered. +

+
+
+
+ + {/* Authentication Methods */} +
+
+
+
+
+ + Authentication +
+

+ Flexible Authentication Options +

+

+ Let users authenticate with their existing corporate accounts. No new passwords to remember, no onboarding friction. +

+

+ Or combine methods—require social login for some users, traditional password + MFA for others. You're in complete control. +

+
    + {[ + "Single sign-on with major providers", + "Traditional email/password authentication", + "Combine multiple methods per user", + "Automatic account linking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ {authenticationFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* Multi-Factor Authentication */} +
+
+
+
+
+ {mfaFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+ +
+
+ + Multi-Factor Authentication +
+

+ Enforce MFA Across Your Organization +

+

+ Modern authentication needs modern security. Require hardware keys or authenticator apps for all users—or specific groups. +

+

+ With grace periods, users aren't immediately locked out. They get time to set up their authenticators while staying productive. +

+
    + {[ + "WebAuthn/Passkey support for phishing-resistant auth", + "TOTP support for all authenticator apps", + "Organization-wide MFA policies", + "Per-user compliance tracking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+
+
+
+ + {/* OIDC Provider */} +
+
+
+
+
+ + OIDC Provider +
+

+ One Identity for All Your Apps +

+

+ Secuird acts as an OpenID Connect provider. Connect any OIDC-compatible application—internal tools, dashboards, APIs—with a single identity source. +

+

+ Users authenticate once with Secuird, then seamlessly access all connected applications. No separate passwords, no repeated logins. +

+
    + {[ + "Standards-compliant OIDC implementation", + "Unlimited client applications", + "Custom scopes and claims", + "User consent management", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ {oidcFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* SSH Certificates */} +
+
+
+
+ + SSH Certificate Authority +
+

+ Modern SSH Access Management +

+

+ Replace static SSH keys with short-lived certificates tied to verified identities. Complete auditability with zero infrastructure changes. +

+
+ +
+ {sshFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+ +
+ + + +
+
+
+ + {/* Organization Management */} +
+
+
+
+
+ {organizationFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+ +
+
+ + Organization Management +
+

+ Manage Users, Groups, and Policies +

+

+ Complete organization management. Invite users, organize them into departments, and apply policies at any level. +

+

+ Track where users came from with registration tracking. Marketing codes and UTM parameters are captured automatically, and you can apply policies based on origin. +

+
    + {[ + "Multi-tenant with complete isolation", + "Role-based access control", + "Department-based organization", + "Registration source tracking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+
+
+
+ + {/* Compliance & Audit */} +
+
+
+
+
+ + Compliance & Audit +
+

+ Meet Your Compliance Requirements +

+

+ Every action is logged. From user logins to SSH certificate usage, you have complete visibility for audits and compliance reports. +

+

+ Generate reports for SOC 2, HIPAA, and other frameworks. Demonstrate your security controls with comprehensive audit trails. +

+
    + {[ + "Complete audit logging", + "Organization-level and system-level views", + "Export for SIEM integration", + "Compliance report generation", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ {complianceFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* CTA */} +
+
+ +
+ +

+ Ready to Get Started? +

+

+ Start your free trial today. No credit card required. Experience all features with your team. +

+
+ + + + + + +
+ + +
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/HomePage.tsx b/src/pages/marketing/HomePage.tsx new file mode 100644 index 0000000..0d42b85 --- /dev/null +++ b/src/pages/marketing/HomePage.tsx @@ -0,0 +1,443 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Shield, +Key, +Users, +Lock, +Terminal, +Building2, +ShieldCheck, +ArrowRight, +CheckCircle2, +Globe, +Fingerprint, +Clock, +ArrowRightLeft, +Eye, +Settings, +UserCheck +} from "lucide-react"; + +const features = [ +{ +icon: Shield, +title: "Enterprise SSO Without Complexity", +description: + "Enable single sign-on with Microsoft 365, Google Workspace, and GitHub. No complex federation setups—just connect and go.", +}, +{ +icon: Key, +title: "SSH Certificate Authority", +description: + "Issue short-lived SSH certificates tied to user identities. Eliminate shared SSH keys and achieve complete auditability.", +}, +{ +icon: Lock, +title: "Multi-Factor Authentication", +description: + "Enforce MFA policies across your organization with TOTP and WebAuthn/Passkey support. Compliance made simple.", +}, +{ +icon: ArrowRightLeft, +title: "OIDC Provider Built-In", +description: + "Secuird acts as an OIDC identity provider for your internal applications. One identity, seamless access everywhere.", +}, +]; + +const sshFeatures = [ +{ +icon: Terminal, +title: "Native SSH Integration", +description: "Use standard SSH clients—no custom agents or modified binaries required. Works with OpenSSH out of the box.", +}, +{ +icon: Clock, +title: "Short-Lived Certificates", +description: "Certificates expire automatically. Reduce blast radius and eliminate the headache of key rotation.", +}, +{ +icon: Eye, +title: "Complete Audit Trail", +description: "Every certificate issuance and SSH connection is logged. Know exactly who accessed what, when.", +}, +{ +icon: UserCheck, +title: "Identity-Linked Access", +description: "SSH access is tied to verified corporate identities. No more anonymous shared accounts.", +}, +]; + +const socialProviders = [ +{ name: "Microsoft 365", icon: Building2 }, +{ name: "Google Workspace", icon: Globe }, +{ name: "GitHub", icon: Key }, +]; + +export default function HomePage() { +return ( + <> + {/* Hero Section */} +
+ {/* Background gradient */} +
+ +
+
+ {/* Badge */} +
+ + Security-first identity platform +
+ + {/* Headline */} +

+ Enterprise Authentication, + Without the Enterprise Complexity +

+ + {/* Subheadline */} +

+ Secuird unifies social logins, MFA, and SSH certificate management in one platform. + Your team gets seamless access. You get complete control and auditability. +

+ + {/* CTA Buttons */} +
+ + + + + + +
+ + {/* Trust indicators */} +
+

Trusted authentication providers

+
+ {socialProviders.map((provider) => ( +
+ + {provider.name} +
+ ))} +
+
+
+
+
+ + {/* Features Grid */} +
+
+
+

+ Everything You Need for Identity & Access +

+

+ From user authentication to SSH certificate management, Secuird provides a complete identity platform. +

+
+ +
+ {features.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+ +
+ + + +
+
+
+ + {/* SSH Certificates Feature Highlight */} +
+
+
+
+
+ + SSH Certificate Authority +
+

+ Eliminate SSH Key Chaos +

+

+ Replace static SSH keys with short-lived certificates tied to verified identities. + Every access is logged, every certificate is traceable. +

+ +
    + {[ + "Works with standard OpenSSH—no custom clients needed", + "Certificates expire automatically—no more key rotation", + "Full audit trail from issuance to usage", + "Group-based access policies", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+ + + + +
+ +
+ {sshFeatures.map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+
+ + {/* How It Works */} +
+
+
+

+ How It Works +

+

+ Get started in minutes, not months. No complex federation required. +

+
+ +
+ {[ + { + step: "01", + title: "Connect Your Providers", + description: "Link Microsoft 365, Google Workspace, or GitHub. Users authenticate with credentials they already have.", + icon: Users, + }, + { + step: "02", + title: "Configure Policies", + description: "Set MFA requirements, access policies, and SSH certificate parameters. One policy, organization-wide.", + icon: Settings, + }, + { + step: "03", + title: "Connect Your Apps", + description: "Register internal applications as OIDC clients. Users get seamless SSO access to everything.", + icon: Fingerprint, + }, + ].map((step) => ( +
+
{step.step}
+
+ +
+

{step.title}

+

{step.description}

+
+ ))} +
+
+
+ + {/* Marketing & Registration Tracking */} +
+
+
+
+ + +
+
+
+ +
+
+

Marketing Campaign A

+

utm_source=newsletter

+
+
+
+
+ +
+
+

Partner Integration

+

referral_code=partner123

+
+
+
+
+ +
+
+

Direct Signup

+

organic registration

+
+
+
+

Auto-applied policies:

+
+ Trial Extended + Partner Group +
+
+
+ + +
+ +
+
+ + Registration Tracking +
+

+ Know Where Your Users Come From +

+

+ Track user registration sources through marketing codes, UTM parameters, or referral links. + Apply policies and group memberships automatically based on origin. +

+ +
    + {[ + "Automatic group assignment based on registration source", + "UTM parameter tracking for marketing attribution", + "Custom invite codes with policy presets", + "Partner and affiliate tracking", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+
+
+
+ + {/* Security & Compliance */} +
+
+
+
+ + Security First +
+

+ Built for Enterprise Security Requirements +

+

+ Every feature is designed with security and compliance in mind. From MFA enforcement to complete audit trails. +

+
+ +
+ {[ + { + icon: Lock, + title: "MFA Enforcement", + description: "Organization-wide MFA policies. Require TOTP or WebAuthn for all users, with grace periods for enrollment.", + }, + { + icon: Eye, + title: "Complete Audit Trail", + description: "Every action is logged. From logins to SSH certificate usage, you have full visibility into who did what.", + }, + { + icon: ShieldCheck, + title: "Compliance Ready", + description: "Meet SOC 2, HIPAA, and other compliance requirements with documented security controls and audit logs.", + }, + ].map((item) => ( + + +
+ +
+

{item.title}

+

{item.description}

+ + + ))} +
+ +
+ + + +
+
+
+ + {/* CTA Section */} +
+
+ +
+ +

+ Ready to Simplify Your Identity Stack? +

+

+ Start your free trial today. No credit card required. Set up SSO and SSH certificates in under an hour. +

+
+ + + + + + +
+ + +
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/PricingPage.tsx b/src/pages/marketing/PricingPage.tsx new file mode 100644 index 0000000..e840b28 --- /dev/null +++ b/src/pages/marketing/PricingPage.tsx @@ -0,0 +1,358 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent, CardHeader, CardTitle, CardDescription } from "@/components/ui/card"; +import { +CreditCard, +CheckCircle2, +ArrowRight, +Users, +Server, +Shield, +Zap, +Building2, +HelpCircle, +} from "lucide-react"; + +const plans = [ +{ +name: "Starter", +description: "Perfect for small teams getting started with modern identity management.", +price: 29, +priceNote: "per user/month", +billed: "billed annually", +features: [ + "Up to 50 users", + "1 organization", + "Email/password authentication", + "Google OAuth integration", + "Basic MFA (TOTP)", + "Up to 3 OIDC clients", + "Up to 2 SSH CAs", + "7-day audit log retention", +], +cta: "Start Free Trial", +highlighted: false, +}, +{ +name: "Business", +description: "For growing organizations that need complete identity and access management.", +price: 59, +priceNote: "per user/month", +billed: "billed annually", +features: [ + "Unlimited users", + "Multiple organizations", + "All OAuth providers", + "WebAuthn/Passkey support", + "Unlimited OIDC clients", + "Unlimited SSH CAs", + "Host certificate signing", + "90-day audit log retention", + "Department-based policies", + "Registration tracking", +], +cta: "Start Free Trial", +highlighted: true, +badge: "Most Popular", +}, +{ +name: "Enterprise", +description: "For organizations with advanced security and compliance requirements.", +price: null, +priceNote: "custom pricing", +billed: "contact sales", +features: [ + "Everything in Business", + "Self-hosted deployment", + "Custom SLA", + "Dedicated support", + "Unlimited audit retention", + "Custom branding", + "SAML integration", + "SCIM provisioning", + "Priority feature requests", + "On-premises option", +], +cta: "Contact Sales", +highlighted: false, +}, +]; + +const faqs = [ +{ +question: "How does the free trial work?", +answer: "Start with a 14-day free trial with full access to all Business features. No credit card required. After the trial, choose the plan that fits your needs.", +}, +{ +question: "Can I switch plans later?", +answer: "Yes, you can upgrade or downgrade at any time. Changes take effect immediately, and we'll prorate any billing differences.", +}, +{ +question: "What counts as a user?", +answer: "A user is anyone with an active account in your organization. Pending invites and suspended accounts don't count toward your user limit.", +}, +{ +question: "Do you offer discounts for startups or non-profits?", +answer: "Yes! We offer 50% off for qualified startups and non-profit organizations. Contact our sales team to learn more.", +}, +{ +question: "Is there a self-hosted option?", +answer: "Yes, our Enterprise plan includes self-hosted deployment options. This is ideal for organizations with strict data residency requirements.", +}, +{ +question: "What payment methods do you accept?", +answer: "We accept all major credit cards, ACH transfers (US), and wire transfers for annual Enterprise contracts.", +}, +]; + +export default function PricingPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Transparent Pricing +
+

+ Simple Pricing for + Organizations of All Sizes +

+

+ No hidden fees. No surprise charges. Pay only for what you use, with plans that scale with your organization. +

+
+
+
+ + {/* Pricing Cards */} +
+
+
+ {plans.map((plan) => ( + + {plan.badge && ( +
+ + {plan.badge} + +
+ )} + + {plan.name} + + {plan.description} + + + +
+ {plan.price !== null ? ( +
+
+ ${plan.price} + /{plan.priceNote} +
+

{plan.billed}

+
+ ) : ( +
+

Custom Pricing

+

Contact us for details

+
+ )} +
+ +
    + {plan.features.map((feature) => ( +
  • + + {feature} +
    • + ))} +
+ + + + + + + ))} +
+ + {/* Enterprise CTA */} +
+ + +
+
+
+ + Enterprise Solutions +
+

+ Need a Custom Solution? +

+

+ Our enterprise team can help with custom deployments, integrations, and volume pricing. Get a personalized quote for your organization. +

+
    +
  • + + Self-hosted deployment options +
    • +
  • + + Custom SLA and support tiers +
    • +
  • + + Dedicated customer success manager +
    • +
+
+
+
+
+ +
+

+ Talk to our team about your requirements +

+ +
+
+
+ + +
+
+
+ + {/* Feature Comparison */} +
+
+
+

+ Compare Plans Side by Side +

+

+ See which plan is right for your organization +

+
+ + + +
+ + + + + + + + + + + {[ + { feature: "Users", starter: "Up to 50", business: "Unlimited", enterprise: "Unlimited" }, + { feature: "Organizations", starter: "1", business: "Multiple", enterprise: "Unlimited" }, + { feature: "OAuth Providers", starter: "Google", business: "All", enterprise: "All + SAML" }, + { feature: "MFA Methods", starter: "TOTP", business: "TOTP + WebAuthn", enterprise: "TOTP + WebAuthn" }, + { feature: "OIDC Clients", starter: "3", business: "Unlimited", enterprise: "Unlimited" }, + { feature: "SSH CAs", starter: "2", business: "Unlimited", enterprise: "Unlimited" }, + { feature: "Host Certificates", starter: "—", business: "✓", enterprise: "✓" }, + { feature: "Audit Log Retention", starter: "7 days", business: "90 days", enterprise: "Unlimited" }, + { feature: "Self-Hosted", starter: "—", business: "—", enterprise: "✓" }, + { feature: "Custom Branding", starter: "—", business: "—", enterprise: "✓" }, + { feature: "SCIM Provisioning", starter: "—", business: "—", enterprise: "✓" }, + { feature: "SLA", starter: "—", business: "99.9%", enterprise: "Custom" }, + ].map((row) => ( + + + + + + + ))} + +
FeatureStarterBusinessEnterprise
{row.feature}{row.starter}{row.business}{row.enterprise}
+
+ + +
+
+ + {/* FAQ */} +
+
+
+

+ Frequently Asked Questions +

+

+ Everything you need to know about pricing and billing +

+
+ +
+ {faqs.map((faq) => ( + + + {faq.question} + + +

{faq.answer}

+ + + ))} +
+
+
+ + {/* CTA */} +
+
+
+

+ Start Your Free Trial Today +

+

+ Try Secuird free for 14 days. No credit card required. Full access to all Business features. +

+
+ + + + + + +
+
+
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/SSHCertificatesPage.tsx b/src/pages/marketing/SSHCertificatesPage.tsx new file mode 100644 index 0000000..5ba917a --- /dev/null +++ b/src/pages/marketing/SSHCertificatesPage.tsx @@ -0,0 +1,455 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Terminal, +FileKey, +Clock, +Users, +Eye, +ShieldCheck, +ArrowRight, +CheckCircle2, +Server, +Key, +Copy, +RefreshCw, +Lock, +} from "lucide-react"; + +const benefits = [ +{ +icon: Clock, +title: "Short-Lived by Design", +description: "Certificates expire in minutes or hours. No more managing key rotation schedules or dealing with stale keys.", +}, +{ +icon: Eye, +title: "Complete Audit Trail", +description: "Every certificate issuance and SSH connection is logged. Know exactly who accessed what, when.", +}, +{ +icon: Users, +title: "Identity-Linked Access", +description: "Certificates are tied to verified user identities. No more anonymous shared accounts.", +}, +{ +icon: ShieldCheck, +title: "Instant Revocation", +description: "Disable a user and their certificates become useless. No more hunting for keys on servers.", +}, +]; + +const howItWorks = [ +{ +step: "01", +title: "Register SSH Public Key", +description: "Users register their SSH public key in Secuird. This is a one-time setup—no private keys are ever stored.", +code: "ssh-keygen -t ed25519", +}, +{ +step: "02", +title: "Request a Certificate", +description: "When users need to connect, they request a certificate. Secuird verifies their identity and issues a short-lived cert.", +code: "ssh secuird.example.com sign", +}, +{ +step: "03", +title: "Connect Normally", +description: "Use standard SSH to connect to servers. The certificate is automatically used for authentication.", +code: "ssh user@server.example.com", +}, +{ +step: "04", +title: "Automatic Expiration", +description: "The certificate expires automatically. Users request new certificates as needed—no manual key rotation.", +code: "# Certificate auto-expires", +}, +]; + +const comparisonFeatures = [ +{ feature: "Lifetime", static: "Permanent", cert: "Minutes to hours" }, +{ feature: "Rotation", static: "Manual, error-prone", cert: "Automatic" }, +{ feature: "Auditability", static: "None", cert: "Full chain of custody" }, +{ feature: "Revocation", static: "Distribute to all servers", cert: "Disable user" }, +{ feature: "Access Control", static: "Manual key distribution", cert: "Group-based policies" }, +{ feature: "Identity Link", static: "Anonymous", cert: "Verified identity" }, +{ feature: "Onboarding", static: "Copy keys manually", cert: "Self-service" }, +{ feature: "Offboarding", static: "Hunt and remove keys", cert: "Instant revocation" }, +]; + +const useCases = [ +{ +title: "Engineering Teams", +description: "Engineers get SSH access based on team membership. New team members get access automatically.", +features: ["Department-based principals", "Self-service certificate issuance", "Full audit trail for compliance"], +}, +{ +title: "Infrastructure Teams", +description: "Manage SSH access to production servers with fine-grained control and complete visibility.", +features: ["Host certificates for servers", "Bastion host support", "Production access policies"], +}, +{ +title: "Security Teams", +description: "Eliminate the security risks of static SSH keys while maintaining complete visibility.", +features: ["Certificate expiration alerts", "Anomaly detection", "Compliance reporting"], +}, +]; + +export default function SSHCertificatesPage() { +return ( + <> + {/* Hero */} +
+
+
+
+
+ + SSH Certificate Authority +
+

+ Eliminate SSH Key Chaos + With Short-Lived Certificates +

+

+ Replace permanent SSH keys with short-lived certificates tied to verified identities. Works with standard OpenSSH—no custom clients needed. +

+
+ + + + + + +
+
+ +
+ +
+
+
+
+
+ Terminal +
+
+ + 
+                  
+{`# Request SSH certificate
+$ ssh user@securd.example.com sign
+
+✓ Identity verified
+✓ Certificate issued
+✓ Valid for 1 hour
+
+# Connect to server
+$ ssh user@prod-server-01
+Welcome to prod-server-01!
+Last login: Mon 10:32 from 192.168.1.100
+
+# Certificate auto-expires
+# No key rotation needed`}
+                  
+
+ + +
+
+
+
+ + {/* Benefits */} +
+
+
+

+ Why SSH Certificates? +

+

+ Static SSH keys create security risks and operational headaches. Certificates solve both. +

+
+ +
+ {benefits.map((benefit) => ( + + +
+ +
+

{benefit.title}

+

{benefit.description}

+ + + ))} +
+
+
+ + {/* How It Works */} +
+
+
+

+ How It Works +

+

+ No custom clients required. Works with standard OpenSSH on servers and user machines. +

+
+ +
+ {howItWorks.map((step) => ( + + +
{step.step}
+

{step.title}

+

{step.description}

+ 
+                  {step.code}
+
+ + + ))} +
+ +
+

+ The only requirement is OpenSSH 5.6+ on both client and server. Works on Linux, macOS, and most Unix systems. +

+
+
+
+ + {/* Static Keys vs Certificates */} +
+
+
+

+ Static Keys vs. Certificates +

+

+ See why organizations are switching from static SSH keys to certificate-based authentication. +

+
+ + + +
+ + + + + + + + + + {comparisonFeatures.map((row) => ( + + + + + + ))} + +
FeatureStatic SSH KeysSSH Certificates
{row.feature}{row.static}{row.cert}
+
+ + +
+
+ + {/* Use Cases */} +
+
+
+

+ Use Cases +

+

+ SSH certificates work for teams of all sizes and across different use cases. +

+
+ +
+ {useCases.map((useCase) => ( + + +

{useCase.title}

+

{useCase.description}

+
    + {useCase.features.map((feature) => ( +
  • + + {feature} +
    • + ))} +
+ + + ))} +
+
+
+ + {/* Server Setup */} +
+
+
+
+
+ + Server Configuration +
+

+ Simple Server Setup +

+

+ Configure your servers to trust the Secuird CA. One configuration change, and all your servers accept certificates. +

+
    + {[ + "Works with standard OpenSSH", + "No custom server software needed", + "One-time CA key distribution", + "Host certificates for server verification", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ +
+ +
+
+
+
+
+ /etc/ssh/sshd_config +
+
+ + 
+                  
+{`# Trust Secuird CA for user authentication
+TrustedUserCAKeys /etc/ssh/securd_user_ca.pub
+
+# (Optional) Use host certificates
+HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
+TrustedUserCAKeys /etc/ssh/securd_host_ca.pub
+
+# Restart SSH to apply changes
+$ systemctl restart sshd`}
+                  
+
+ + +
+
+
+
+ + {/* Features Deep Dive */} +
+
+
+

+ Powerful Features +

+

+ Everything you need to manage SSH access at scale. +

+
+ +
+ {[ + { + icon: Key, + title: "Multiple CAs", + description: "Create separate CAs for different environments—production, staging, development.", + }, + { + icon: Users, + title: "Principal Mapping", + description: "Map users to principals based on group membership. Automatic access based on teams.", + }, + { + icon: Clock, + title: "Custom Validity", + description: "Set certificate validity per CA. Hours for production, days for development.", + }, + { + icon: Copy, + title: "One-Time Setup", + description: "Users register their public key once. No private keys ever touch our servers.", + }, + { + icon: RefreshCw, + title: "Self-Service", + description: "Users request and receive certificates themselves. No admin intervention needed.", + }, + { + icon: Lock, + title: "Instant Revocation", + description: "Disable a user and all their certificates become invalid immediately.", + }, + ].map((feature) => ( + + +
+ +
+

{feature.title}

+

{feature.description}

+ + + ))} +
+
+
+ + {/* CTA */} +
+
+ +
+ +

+ Ready to Modernize SSH Access? +

+

+ Start your free trial today. Set up your first SSH CA in minutes and see the difference certificates make. +

+
+ + + + + + +
+ + +
+
+ +); +} \ No newline at end of file diff --git a/src/pages/marketing/SecurityPage.tsx b/src/pages/marketing/SecurityPage.tsx new file mode 100644 index 0000000..4dd920d --- /dev/null +++ b/src/pages/marketing/SecurityPage.tsx @@ -0,0 +1,482 @@ +import { Link } from "react-router-dom"; +import { Button } from "@/components/ui/button"; +import { Card, CardContent } from "@/components/ui/card"; +import { +Shield, +Lock, +Key, +Eye, +ShieldCheck, +Fingerprint, +Server, +Clock, +FileKey, +ArrowRight, +CheckCircle2, +} from "lucide-react"; + +const securityPrinciples = [ +{ +icon: Shield, +title: "Security by Design", +description: "Every feature is built with security as the foundation. No bolted-on security— it's integral to every component.", +}, +{ +icon: Lock, +title: "Defense in Depth", +description: "Multiple layers of security controls. If one layer fails, others provide protection.", +}, +{ +icon: Eye, +title: "Transparency & Auditability", +description: "Complete visibility into who did what, when. Every action is logged and auditable.", +}, +{ +icon: Key, +title: "Principle of Least Privilege", +description: "Users and services only have the minimum permissions needed to perform their tasks.", +}, +]; + +const mfaCapabilities = [ +{ +icon: Fingerprint, +title: "WebAuthn/Passkeys", +description: "Phishing-resistant authentication using hardware security keys or platform authenticators like Touch ID, Face ID, and Windows Hello.", +features: ["FIDO2 compliant", "Platform authenticators", "Hardware keys (YubiKey, etc.)", "Resident credentials"], +}, +{ +icon: Shield, +title: "TOTP Authenticator Apps", +description: "Time-based one-time passwords work with any TOTP-compatible authenticator app.", +features: ["Google Authenticator", "Authy", "1Password", "Any TOTP app"], +}, +{ +icon: Clock, +title: "Grace Periods", +description: "Configurable enrollment windows let users set up MFA without blocking access immediately.", +features: ["Custom duration", "Reminder notifications", "Admin visibility", "Hard deadline enforcement"], +}, +{ +icon: ShieldCheck, +title: "Policy Enforcement", +description: "Organization-wide MFA requirements with compliance tracking per user.", +features: ["Require TOTP", "Require WebAuthn", "Require any MFA", "Compliance dashboards"], +}, +]; + +const auditFeatures = [ +{ +title: "User Authentication", +description: "Login attempts, MFA challenges, session creation", +}, +{ +title: "Administrative Actions", +description: "User management, policy changes, role assignments", +}, +{ +title: "SSH Certificates", +description: "Certificate issuance, revocation, and usage", +}, +{ +title: "OIDC Flows", +description: "Authorization requests, token issuance, consent grants", +}, +{ +title: "Organization Events", +description: "Member invites, department changes, group assignments", +}, +{ +title: "Security Events", +description: "Failed logins, suspicious activity, policy violations", +}, +]; + +const complianceFrameworks = [ +{ +name: "SOC 2 Type II", +description: "Security, availability, and confidentiality controls", +}, +{ +name: "HIPAA", +description: "Healthcare data protection requirements", +}, +{ +name: "GDPR", +description: "EU data protection regulation compliance", +}, +{ +name: "PCI DSS", +description: "Payment card industry security standards", +}, +]; + +export default function SecurityPage() { +return ( + <> + {/* Hero */} +
+
+
+
+ + Security First +
+

+ Built for Enterprise + Security Requirements +

+

+ Security isn't an afterthought—it's the foundation. Every feature is designed with security, auditability, and compliance in mind. +

+
+
+
+ + {/* Security Principles */} +
+
+
+

+ Our Security Principles +

+

+ These principles guide every decision we make about security and architecture. +

+
+ +
+ {securityPrinciples.map((principle) => ( + + +
+ +
+

{principle.title}

+

{principle.description}

+ + + ))} +
+
+
+ + {/* MFA Deep Dive */} +
+
+
+
+ + Multi-Factor Authentication +
+

+ Modern MFA That Works for Everyone +

+

+ From phishing-resistant hardware keys to simple authenticator apps, we support the MFA methods your team needs. +

+
+ +
+ {mfaCapabilities.map((capability) => ( + + +
+
+ +
+
+

{capability.title}

+

{capability.description}

+
+ {capability.features.map((feature) => ( + + {feature} + + ))} +
+
+
+ + + ))} +
+
+
+ + {/* SSH Certificate Security */} +
+
+
+
+
+ + SSH Certificate Security +
+

+ SSH Keys Are a Security Nightmare +

+

+ Static SSH keys never expire. They get shared, copied, and forgotten. When employees leave, their keys often remain on servers. +

+

+ SSH certificates solve this by being short-lived and tied to verified identities. Every certificate is traceable from issuance to usage. +

+
    + {[ + "Certificates expire automatically—no key rotation needed", + "Each certificate is linked to a verified user identity", + "Complete audit trail of every certificate used", + "Revoke access instantly by disabling the user", + ].map((item) => ( +
  • + + {item} +
    • + ))} +
+
+ + + +
+
+ +
+ + +
+
+ +
+
+

Static SSH Keys

+
    +
  • • Never expire
    • +
  • • Often shared between users
    • +
  • • No audit trail
    • +
  • • Hard to rotate
    • +
  • • Survive employee departure
    • +
+
+
+ + + + + +
+
+ +
+
+

SSH Certificates

+
    +
  • • Expire in minutes/hours
    • +
  • • Linked to verified identity
    • +
  • • Complete audit trail
    • +
  • • Auto-expire, no rotation
    • +
  • • Revoked when user disabled
    • +
+
+
+ + +
+
+
+
+ + {/* Audit Logging */} +
+
+
+
+ +
+
+
+
+
+ Audit Log +
+
+ +
+ {[ + { time: "14:32:01", event: "user.login.success", user: "john@example.com", ip: "192.168.1.100" }, + { time: "14:32:45", event: "mfa.totp.verify", user: "john@example.com", ip: "192.168.1.100" }, + { time: "14:33:12", event: "ssh.cert.issue", user: "john@example.com", cert: "cert_abc123" }, + { time: "14:35:00", event: "ssh.connect", user: "john@example.com", host: "prod-server-01" }, + { time: "14:45:22", event: "oidc.token.issue", user: "john@example.com", client: "internal-app" }, + ].map((log, i) => ( +
+
+ {log.time} + {log.event} +
+
+ user: {log.user} + ip: {log.ip} +
+
+ ))} +
+ + +
+ +
+
+ + Complete Audit Trail +
+

+ Every Action is Logged +

+

+ From user logins to SSH certificate usage, every action is recorded with full context. Know exactly who did what, when. +

+ +
+ {auditFeatures.map((feature) => ( +
+ +
+

{feature.title}

+

{feature.description}

+
+
+ ))} +
+
+
+
+
+ + {/* Infrastructure Security */} +
+
+
+

+ Infrastructure Security +

+

+ Your data is protected by industry-leading security practices. +

+
+ +
+ {[ + { + icon: Server, + title: "Encrypted at Rest", + description: "All data is encrypted using AES-256 encryption. Database backups are also encrypted.", + }, + { + icon: Key, + title: "Encrypted in Transit", + description: "TLS 1.3 for all connections. Certificate pinning for internal communications.", + }, + { + icon: Shield, + title: "Secure Key Storage", + description: "SSH CA private keys are stored in hardware security modules (HSMs) or equivalent.", + }, + { + icon: Lock, + title: "Access Controls", + description: "Principle of least privilege. Staff access is logged and time-limited.", + }, + { + icon: Eye, + title: "Intrusion Detection", + description: "Continuous monitoring for suspicious activity. Automated threat response.", + }, + { + icon: Clock, + title: "Regular Audits", + description: "Third-party security assessments and penetration testing conducted annually.", + }, + ].map((item) => ( + + +
+ +
+

{item.title}

+

{item.description}

+ + + ))} +
+
+
+ + {/* Compliance */} +
+
+
+

+ Compliance Ready +

+

+ Secuird helps you meet your compliance requirements with comprehensive logging and security controls. +

+
+ +
+ {complianceFrameworks.map((framework) => ( + + +

{framework.name}

+

{framework.description}

+ + + ))} +
+ +
+

+ Need compliance documentation or have specific requirements? +

+ +
+
+
+ + {/* CTA */} +
+
+ +
+ +

+ Security Questions? +

+

+ Our security team is available to discuss your specific requirements and help you evaluate Secuird for your organization. +

+
+ + + + +
+ + +
+
+ +); +} \ No newline at end of file