Knocknoc removes the attack surface of your assets.

Close the door to brute force attacks and zero-day vulnerabilities in your network-connected assets and applications with Knocknoc.

Not a VPN, not a proxy - something different, and some might say, far better.

Not a VPN.

Knocknoc is not a VPN – we don’t route your critical infrastructure through someone else’s cloud, nor do we expose a VPN-like service. We allow you to orchestrate your existing infrastructure just in time, creating a zero attack surface landscape – until authentication has completed.

The entire Internet can connect to your VPN today, why let that happen? Knocknoc can protect your VPN itself, removing zero-day risks.

Internet exposed applications, network services like SSH, RDP or VPN services, file sharing, legacy or custom web applications, development or test environments – especially those accessible by contractors and third parties – remain unprotected. Static firewalls and geo-blocks simply aren’t enough. Instead, let Knocknoc protect those systems and zero your attack surface.

pexels photo 1938345 Home
pexels jakub novacek 924824 Home

Who's There?

Say hello to Knocknoc: a secure authentication mechanism for your entire organisation and associates. Facilitate safe passage from the edge of your network to assets you want protected from the Internet.

Prevent zero-day compromise and remove the attack surface on internet facing applications and network services.

SSO to open a port? Yes!

When a major TV station needed access to specialist video flows, Knocknoc was there to help. Users were able to use the existing SSO infrastructure, and then easily have the video feed start working only for the time they are allocated. This utilised the scripting backend of Knocknoc, allowing for ultimate customisation.

attack surface

You can't patch fast enough. Remove your attack surface.

"To say that our solution to cybersecurity is at least in part - "patch faster, fix faster" - that is a failed model. It is a model that does not account for the capability and the acceleration of the adversaries we're up against"

We’re not saying don’t patch, but it’s an unwinnable war. Between critical severity vulnerabilities in the middle of the night to impossibly unmaintainable legacy software, Knocknoc gives you the best chance of protecting your network.

Don't leave the door wide open.

Add multifactor authentication to SSH, RDP or any network service, whilst also removing the attack surface of those services.

Knocknoc integrates with your existing identity platform/provider, making your authentication setup simple and effortless. Or use ours, which provides MFA for your local users and administrators.

Q&A for Knocknoc

Who is Knocknoc for?

Knocknoc is for any company that has Internet-facing applications or systems that would benefit from restricted access. Restricting access is the only way to ensure a reduced attack surface, and prevent hackers from hammering away on your sensitive applications or systems.

Knocknoc is designed to work with many web servers and load balancers immediately. It also has a flexible scripting backend, allowing for compatibility with almost any system. Knocknoc also utilises cross-platform agents with straightforward and simple networking requirements. From clouds to firewalls, Knocknoc has you covered.

Knocknoc can completely replace your VPN, allowing users to securely use protocols like SSH or HTTPS without exposing them to the internet. For others, Knocknoc works alongside their VPN, providing a more fine-grained solution than traditional VPNs allow.

Knocknoc is cheaper to deploy than VPNs and other zero-trust solutions, requiring no client side agent. Preventing zero day or “slow-to-patch” vulnerabilities speaks for itself – no one can afford to be hacked.

No. Host it on-premise, in your cloud or use our cloud hosting option. Ideal for high security environments, internal or external networks, even air-gapped situations. No cloud needed.

Knocknoc is an Australian start-up, founded by industry veterans with over seven  decades of information security experience, including designing, building and breaking networks and information systems.