Easy and secure remote access
Access any system from anywhere without compromising on security or ease of use.

Mysocket is a Zero-trust Private Access solution that replaces the existing remote access VPN solutions with an Identity based zero-trust style alternative, similar to Google Beyond Corp. Private access, without the frictions and downsides of the traditional VPN.

Zero trust VPN replacement

Clientless alternative for legacy VPN deployments for your distributed workforce and remote workers. Since no client is required, this is especially great for non-tech folks and access to http(s) based resources. 

This lightweight VPN alternative provides access to http(s) based private resources. Since no client is needed on the device, this is easy to use.

Administrators can define detailed access policies, integrate with existing SSO providers and have access to all access logs. All on a per-resource/application basis.

B2B Third-party access 

Mysocket gives businesses the confidence to quickly and securely get work done with any third party. Gain real-time visibility and control over which third parties have access to what and why.
 
Specifically useful for secure B2B connectivity. No need to onboard contractors to the company’s directory server and no need to provide access to the company’s vpn or network. As a result, providing access to these 3rd party users is faster, more secure.

This provides Employee-like access to 3rd party contractors, ie. ephemeral access.

Zero trust Access to SSH servers

Access to SSH resources using SSO credentials. No VPN is required to access SSH resources. No static SSH credentials or SSH keys are needed, so nothing to steal. 
All sessions can be monitored, logged and replayed. If needed a session can be killed at any time by an administrator or third-party integration such as a SIEM or SOC team.  Also see this demo

Use cases

 

Application-Aware Zero Trust Network Access

Zero trust

With our Identity Aware sockets, you can provide access to your private (on prem) services, without the need for a VPN client!

SSH Access and session recording

Access to SSH resources using SSO credentials. No VPN is required to access SSH resources. No static SSH credentials or SSH keys are needed, so nothing to steal. 

All sessions can be monitored, logged, and replayed. If needed a session can be killed at any time by an administrator or third-party integration such as a SIEM or SOC team.
 

Anycast network

All sockets run on a global anycast network, reducing latency, guaranteeing an excellent uptime while improving the user experience.

Continuous Access Evaluation

Mysocket provides Continuous Access Evaluation (demo video). This means access to resources is evaluated at each request, not just during the login phase. This allows for changes to access policies to be immediately active, improving the security agility.  

Logs

Live Stream of logs. We show you all requests in real-time, including the latency between our anycasted nodes and your origin server.

Developer Friendly

Fully featured RESTful API allowing you to integrate your favorite language and tools.Check out the Swagger openAPI spec here:

 

Made by developers for developers
The easiest way to get started with Mysocket is by using the mysocketctl cli tool. 

Download mysocketctl from our download page.

All interaction with our services is done using our RESTful API.
You can find the API and the API specifications at https://api.mysocket.io/ 

 

Check out our documentation on mysocket.readthedocs.io:

 

Recent blog posts

Easy to use

Made by developers for developers
The easiest way to get started with Mysocket is by using the mysocketctl cli tool. 
Download mysocketctl from our download page.

All interaction with our services is done using our RESTful API.
You can find the API and the API specifications at https://api.mysocket.io/ 
 

Check out our documentation on mysocket.readthedocs.io:

 

Contact

Thanks for submitting!

 

FAQ

Mysocket is a Zero-trust Private Access solution that replaces the existing remote access VPN solutions with an Identity based zero-trust style alternative, similar to Google Beyond Corp. Private access, without the frictions and downsides of the traditional VPN.

 

Mysocket is focused on the developer market. With application-aware proxies for HTTP(s), SSH, and soon SQL. DevOps teams can access their commonly used resources easily and securely.

By using Mysocket, organizations are improving their security posture and accelerate their compliance journey. Common challenges these users face include shared passwords, periodic key rotation, session recording, and knowing who did what, when. These challenges are all taken care of by using Mysocket. This will free up valuable time for the engineering teams, allowing them to focus on customer value without being bogged down by the weight of compliance and security.

 

Mysocket is delivered as a Cloud Native Service, using anycast, providing high availability and low latency. By using mysocket, resources are protected from attacks such as DDOS'. By using our anycasted infrastructure, users will also notice a faster experience than their legacy VPN infrastructure.

What is Mysocket?
 

What problem does Mysocket solve?

Mysocket makes it easy for employees and third-party contractors to access company resources deployed over the various infrastructures the company may use, including on-premise, in private data centers, and the public cloud.

 

As more organizations embrace hybrid-cloud and now multi-cloud architectures, workloads are running in many different regions, using multiple cloud providers and on-prem data centers. With the rise of the cloud and the explosion of more data sitting in more places and more people needing access to it, the traditional approaches to control access have stopped working.

Access control policies, Identity management, and monitoring are challenging to do in a uniform and consistent manner. The result is that the overall security and compliance posture are negatively affected.

While historical access solutions like VPNs provide access to corporate networks, Mysocket provides secure access to the company's private resources, restoring the security and compliance posture while also allowing for an agile and heterogeneous workload environment.

How Does Mysocket work?

Mysocket operates a fleet of custom and anycasted, application-aware proxies that take care of authentication and policy enforcement (authorization).  These proxies are currently hosted in the cloud, as a service, for customers. Think of mysocket as a bouncer that checks your Identity that stands between the resource and the users, only traffic from authorized users is passed through.

Because these proxies are application-aware, they can provide application-specific policy enforcement and session recording. One example is the ability to replay the recording of an SSH session.

 

Authentication is achieved by integrating with existing Identity providers, either through the OpenID Connect protocol (Google, Github, Microsoft) or the existing enterprise directory service with SAML.

 

The connection between the proxy and the protected resource is an encrypted outbound connection initiated by the protected resource, or an intermediary node acting on behalf of the protected resource(s). 

As a result, the protected resource doesn't need to accept any inbound network connections and only accepts authenticated and authorized connections via the encrypted Mysocket tunnel. This means that the resource can be behind strict firewalls or even behind NAT, like in a private VPC scenario.

 

When a client connects to the protected resource, it's prompted for authentication and can log in with the organization's Single Sign-on credentials; once successful, the mysocket proxy will facilitate the connection on behalf of the resource.

Where is Mysocket deployed today?

Mysocket.io is built on a global anycast network of 91 Points of Presence in 80 cities across 42 countries. The tunnel and api servers are deployed throughout North America, Europe and Asia.

What Other Things Does Mysocket provide?

Mysocket also provides Continuous Access Evaluation (demo video). This means access to resources is evaluated at each request, not just during the login phase. This allows for changes to access policies to be immediately active, improving the security agility.  

 

In addition, the administrator can see all sessions in real-time and has the ability to terminate sessions from the dashboard.  Sessions are logged and recorded so that the administrator can see all the access logs and can replay ssh terminal sessions when needed.

 

The continuous access Evaluation feature allows for sessions to be killed at any time, either through the portal or with an API call. This allows for some interesting integrations with existing Threat Intel systems, or SIEM systems, that can at any time decide to kill a user’s connections in real-time when these systems believe that connection or user’s device no longer to be trusted.

How do I get started?

Eager to get started? follow this quick start: https://mysocket.readthedocs.io/en/latest/about/about.html#quick-start
Download the mysocketctl (Mac OS X and Linux). Create an account and get started!

Also check this blog post