Knocknoc removes the attack surface of your assets.
Knocknoc removes the attack surface of your existing infrastructure by orchestrating network level access controls, linking them to your identity platform.
Your ports are closed and services invisible, until your users log in centrally. Knocknoc takes care of the rest. It’s simple to implement and cost-effective at scale.
Your ports are closed and services invisible, until your users log in centrally. Knocknoc takes care of the rest. It’s simple to implement and cost-effective at scale.
Network layer allowlisting
Always-on network access and exposed interfaces leave even well-defended systems (including those behind VPNs, firewalls and segmentation, or buried deep in your environment) vulnerable to continuous mapping, scanning, targeting and exploitation.
Whether it’s zero-day, n-day or you’re forced to nurse known vulnerabilities for a period, reducing that attack surface to authenticated users only, is highly effective and efficient.
You have existing controls: firewalls, network security groups, WAFs, endpoint/host firewalls, etc, they just need dynamic orchestration to permit only trusted IP addresses (or those with tokens), just in time.
This is where Knocknoc fits in.
Knocknoc is not a VPN, nor a cloud service – we don’t route your critical infrastructure through someone else’s cloud, nor do we expose a VPN-like service. We allow you to orchestrate your existing infrastructure just in time, creating a zero attack surface landscape – until authentication has completed.
Internet exposed applications, network services like SSH, RDP or VPN services, file sharing, legacy or custom web applications, development or test environments – especially those accessible by contractors and third parties – remain unprotected. Static firewalls and geo-blocks simply aren’t enough. Instead, let Knocknoc protect those systems and zero your attack surface.
Protect your remote access assets
Protect your PHP apps
Protect your Atlassian stack
Protect your cloud assets
Who's There?
Say hello to Knocknoc: a secure authentication mechanism for your entire organisation and associates. Facilitate safe passage from the edge of your network to assets you want protected from the Internet.
Prevent zero-day compromise and remove the attack surface on internet facing or internal applications and network services.
Control just in time access to internal subnets, OT or ICS networks, lights-out or those backup segments you don’t want to be always-on exposed.
SSO to open a port? Yes!
When a major TV station needed access to specialist video flows, Knocknoc was there to help. Users were able to use the existing SSO infrastructure, and then easily have the video feed start working only for the time they are allocated. This utilised the scripting backend of Knocknoc, allowing for ultimate customisation.
You can't patch fast enough. Remove your attack surface.
"To say that our solution to cybersecurity is at least in part - "patch faster, fix faster" - that is a failed model. It is a model that does not account for the capability and the acceleration of the adversaries we're up against"
We’re not saying don’t patch, but it’s an unwinnable war. Between critical severity vulnerabilities in the middle of the night to impossibly unmaintainable legacy software, Knocknoc gives you the best chance of protecting your network.
Prevention is better than cure, remove attack surface today.
Don't leave the door wide open.
Add multi–factor authentication to SSH, RDP or any network service, whilst also removing the attack surface of those services.
Knocknoc integrates with your existing identity platform/provider, making your authentication setup simple and effortless. Or use ours, which provides MFA for your local users and administrators.
Protect your remote access
What organisations would benefit from deploying Knocknoc?
If you have internet-facing applications, systems or assets, or need a high-security internal network, Knocknoc is for you. We’ll empower you to manage access and minimise your attack surface, preventing attackers from disrupting or compromising your organisation.
Knocknoc can be deployed on-premise, internal or external facing, air-gapped or as managed cloud.
Does Knocknoc play well with others?
From clouds to firewalls, Knocknoc has you covered. The solution works seamlessly with many leading web servers and load balancers, and its flexible scripting back end ensures easy compatibility with almost all systems. We also use cross platform agents with simple networking requirements to minimise disruption to your systems.
Is Knocknoc a VPN?
Knocknoc is not a VPN. We’re not a cloud either.
Rather than routing critical infrastructure through a third-party cloud or exposing a VPN-like service, we provide just-in-time orchestration that renders your infrastructure invisible until authentication is completed.
With Knocknoc, you can replace your VPN, or complement it to deliver fine-grained access control.
Does Knocknoc replace VPN?
Knocknoc can completely replace your VPN, allowing users to securely use protocols like SSH or HTTPS without exposing them to the internet. For others, Knocknoc works alongside their VPN, providing a more fine-grained solution than traditional VPNs allow.
Is Knocknoc cost-effective?
Knocknoc mitigates the risk of zero day and other attack types that can cost organisations tens of millions of dollars per incident. In addition, the solution is cheaper to deploy than VPNs and other zero-trust solutions, as it requires no client-side agent or user installation.
On premise hosting?
Host it on-premise, in your cloud or use our cloud hosting option. Ideal for high security environments, internal or external networks, even air-gapped situations. No cloud needed.
Who are Knocknoc’s leaders?
Knocknoc is an Australian business founded by industry veterans with a combined four decades of information security experience, from complex high-security networks to responsible vulnerability disclosure.
