ngrok: Defense in Depth

We're excited to announce another step in ngrok's security journey: the release of our Defense in Depth white paper. As part of our commitment to helping customers secure their environments, we laid out how ngrok’s capabilities work layer by layer to keep your developers, teams, and systems safe.

Cover Image for ngrok: Defense in Depth

The ngrok security controls

ngrok provides an extensive set of security controls – such as routing, encryption, network restrictions, SSO, and monitoring – to protect your connections’ confidentiality, integrity, and availability. These controls are available whenever you launch an ngrok tunnel and enforced on every single request:

ngrok security controls

The white paper comprehensively presents these security controls, helping you understand the trade-offs and how to use them to secure your data without re-architecting your services.

Navigating security trade-offs

A fundamental part of protecting your services is to choose which controls to apply to secure your systems without affecting the business. The white paper presents the things to keep in mind when setting each control, helping you make decisions that better suits your business requirements and risk profile:

Example of security trade-off presented in the white paper

Conclusion

The Defense in Depth white paper is one of the many investments we made — alongside our SOC 2 report, trust portal, and new product features — to ensure that ngrok continues to be a service that developers can trust with their applications and data.

We remain committed to improving our security practices, with even more capabilities coming soon. We hope this is useful for developers and businesses alike. Click here to download our Defense in Depth white paper.

Share this post
Keith Casey
Keith Casey served on the Product/GTM Team at ngrok. He previously worked at Okta and Twilio.
Secure tunnels
Cloud edge
Security
None