Wiz
Wiz is a new approach in cloud security. It finds the most important risks and infiltration vectors across all multi-cloud environments. All lateral movement risks, such as private keys that are used to access production and development environments, can be found. You can scan for vulnerabilities and unpatched software in your workloads. A complete inventory of all services and software within your cloud environments, including version and package details, is available. Cross-reference all keys on your workloads with their privileges in your cloud environment. Based on a complete analysis of your cloud network, including those behind multiple hops, you can see which resources are publicly available to the internet. Compare your industry best practices and baselines to assess the configuration of cloud infrastructure, Kubernetes and VM operating system.
Learn more
UTunnel VPN and ZTNA
UTunnel Secure Access delivers Cloud VPN, ZTNA, and Mesh Networking solutions to ensure secure remote access and smooth network connectivity.
ACCESS GATEWAY: Our Cloud VPN as a Service enables quick deployment of Cloud or On-Premise VPN servers. Utilizing OpenVPN and IPSec protocols, it facilitates secure remote connections with policy-based access control, allowing you to easily establish a VPN network for your business.
ONE-CLICK ACCESS: The Zero Trust Application Access (ZTAA) solution transforms secure access to internal business applications such as HTTP, HTTPS, SSH, and RDP. Users can access these applications through web browsers without needing client software.
MESHCONNECT: This Zero Trust Network Access (ZTNA) and mesh networking solution provides granular access controls to specific business network resources and supports the creation of secure interconnected business networks.
SITE-TO-SITE VPN: The Access Gateway solution also allows for the setup of secure IPSec Site-to-Site tunnels. These tunnels can connect UTunnel's VPN servers with other network gateways, firewalls, routers, and unified threat management (UTM) systems.
Learn more
Headscale
Headscale serves as an open-source, self-managed version of the control server utilized by the Tailscale network, allowing users to maintain complete ownership of their private tailnets while employing Tailscale clients. It offers capabilities for registering users and nodes, generating pre-authentication keys, advertising subnet routes and exit nodes, enforcing access controls, and integrating with identity providers like OIDC/SAML for user authentication. The server can be deployed using Debian/Ubuntu packages or as standalone binaries and is configurable through a YAML file, with management options available via its command-line interface or REST API. Headscale maintains a comprehensive database that tracks each node, route, and user, supports workflows for route approvals, and offers features such as subnet routing, the designation of exit nodes, and direct node-to-node connections within the tailnet. By being self-hosted, it empowers organizations and enthusiasts to retain complete control over their private network endpoints, encryption keys, and traffic flows, eliminating reliance on a commercial control plane. This level of control not only enhances security but also provides flexibility for users to customize their networking solutions according to their specific needs.
Learn more
Kong Mesh
Kuma provides an enterprise service mesh that seamlessly operates across multiple clouds and clusters, whether on Kubernetes or virtual machines. With just a single command, users can deploy the service mesh and automatically connect to other services through its integrated service discovery features, which include Ingress resources and remote control planes. This solution is versatile enough to function in any environment, efficiently managing resources across multi-cluster, multi-cloud, and multi-platform settings. By leveraging native mesh policies, organizations can enhance their zero-trust and GDPR compliance initiatives, thereby boosting the performance and productivity of application teams. The architecture allows for the deployment of a singular control plane that can effectively scale horizontally to accommodate numerous data planes, or to support various clusters, including hybrid service meshes that integrate both Kubernetes and virtual machines. Furthermore, cross-zone communication is made easier with Envoy-based ingress deployments across both environments, coupled with a built-in DNS resolver for optimal service-to-service interactions. Built on the robust Envoy framework, Kuma also offers over 50 observability charts right out of the box, enabling the collection of metrics, traces, and logs for all Layer 4 to Layer 7 traffic, thereby providing comprehensive insights into service performance and health. This level of observability not only enhances troubleshooting but also contributes to a more resilient and reliable service architecture.
Learn more