> For the complete documentation index, see [llms.txt](https://docs.bastionzero.com/docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.bastionzero.com/docs/home/readme.md).

# What Is BastionZero?

{% hint style="danger" %}

### <mark style="color:red;">**The BastionZero product is no longer maintained as of July 1, 2026.**</mark>

Existing customers should migrate to Cloudflare’s [Access for Infrastructure](https://developers.cloudflare.com/cloudflare-one/applications/non-http/infrastructure-apps/) service.
{% endhint %}

BastionZero is a cloud service that allows you to remotely access infrastructure targets in any cloud or data center. Cloud-agnostic remote access is provided according to a [zero trust security model](/docs/home/security.md) to ensure:

* [No long-lived credentials](/docs/home/security.md#the-basics-of-zero-trust-security) are held by users or clients.
* Every human access to an infrastructure target is behind single sign-on (SSO) authentication and multi-factor authentication (MFA).
* The BastionZero cloud service [does not have privileged access to targets](/docs/home/security.md#the-problem-with-traditional-zero-trust) and does not create a point of compromise for your infrastructure.
* Access to targets is controlled via a [policy](/docs/admin-guide/authorization.md#policy-management).
* Every access and action to a target is logged, which includes access logs, session recordings and [individual commands that a user ran on a target](/docs/admin-guide/auditing.md#logs).

With BastionZero, you can simplify and secure your infrastructure by eliminating VPNs, bastion hosts, and SSH and Kubernetes key management. There is no need to set up IAM roles across different clouds and accounts, and it simplifies the process to on- and off-board users.

BastionZero can also help bring your infrastructure into SOC2 compliance because it is built on top of the open-source cryptographic [MrZAP protocol](https://docs.bastionzero.com/docs/home/pages/xYk7pC07LGriVNDHkTMt#bastionzero’s-mrzap-protocol).

To get started, you can read our [deployment guides](/docs/deployment/getting-started.md), learn more about our [architecture](/docs/home/architecture.md) or [security model](/docs/home/security.md), or see how to integrate BastionZero into your existing [SSH workflows](/docs/home/readme/server-access.md), [DB workflows](/docs/home/readme/database-access.md), [Kubernetes clusters](/docs/home/readme/kubernetes-access.md), or [web servers](/docs/home/readme/database-access.md).
