LogoLogo
Main SiteStart Now
  • Home
    • What Is BastionZero?
      • Server Access
      • Database Access
      • Kubernetes Access
      • Web Server Access
    • Product Security
    • Architecture
    • Taxonomy
  • Deployment
    • Getting Started
    • Installing the ZLI
    • Installing the Agent
    • Installing the Desktop App
  • Automation & Integrations
    • CircleCI
    • GitHub Actions
    • Go SDK
    • Google Cloud Run
    • Slack
      • Using the BastionZero app for Slack
    • Terraform
    • Third-Party Clients
  • Admin Guide
    • Authentication
      • SSO Management
      • User Management
      • MFA Management
      • Service Accounts Management
    • Authorization
    • Auditing
    • Target and Connection Management
  • How To Guides
    • Passwordless Database Access
      • Passwordless Access to MySQL and Postgres on GCP Cloud SQL
      • Passwordless Access to AWS RDS PostgreSQL
      • Passwordless Access to AWS RDS MySQL
      • Passwordless Access to Self-Hosted Postgres
    • How to use BastionZero to connect to a Linux Host using the ZLI
    • How to use BastionZero to manage SSH Keys
  • User Guide
    • Installing the ZLI
    • ZLI Cheat Sheet
    • Connecting to Your Targets
    • Troubleshooting Guide
  • ZLI Reference Manual
  • API Specification
  • Getting Help
  • Security Policy
  • Open Source Software Credits
    • Backend Services
    • Bzero Agent
    • Client Daemon
    • Desktop App
    • Go SDK
    • Helm Provider
    • Terraform Provider
    • Web App
    • ZLI
  • Product Changes
  • Service Status
  • GitHub
Powered by GitBook

Copyright © 2024

On this page
  1. Home

What Is BastionZero?

BastionZero is the Zero Trust Access Platform that connects engineers to infrastructure without risking the keys to your kingdom.

NextServer Access

Last updated 7 months ago

The BastionZero product is maintained for existing BastionZero customers only.

Moving forward, we are natively rebuilding BastionZero’s technology as Cloudflare’s service.

BastionZero is a cloud service that allows you to remotely access infrastructure targets in any cloud or data center. Cloud-agnostic remote access is provided according to a to ensure:

  • are held by users or clients.

  • Every human access to an infrastructure target is behind single sign-on (SSO) authentication and multi-factor authentication (MFA).

  • The BastionZero cloud service and does not create a point of compromise for your infrastructure.

  • Access to targets is controlled via a .

  • Every access and action to a target is logged, which includes access logs, session recordings and .

With BastionZero, you can simplify and secure your infrastructure by eliminating VPNs, bastion hosts, and SSH and Kubernetes key management. There is no need to set up IAM roles across different clouds and accounts, and it simplifies the process to on- and off-board users.

BastionZero can also help bring your infrastructure into SOC2 compliance because it is built on top of the open-source cryptographic .

To get started, you can read our , learn more about our or , or see how to integrate BastionZero into your existing , , , or .

Access for Infrastructure
zero trust security model
deployment guides
architecture
security model
SSH workflows
DB workflows
Kubernetes clusters
web servers
No long-lived credentials
does not have privileged access to targets
MrZAP protocol
individual commands that a user ran on a target
policy