Free and easy Zero Trust with OpenZiti

  • NetFoundry is the only open-source platform allowing you to put zero-trust principles inside anything.
    The simplest and most secure connectivity for any use case including remote access, multi-cloud, IoT, DevOps and more.

  • Developers - embed superpowers into your apps
  • Operators - enjoy infra-as-a-code without VPN dependencies
  • Security - close all inbound firewall ports
  • OpenZiti is fully featured by design. It was created by and maintained by NetFoundry based on an open core approach. We built a SaaS implementation with free forever tiers making it even easier to implement Zero Trust principles for any use case.

Get NetFoundry

Start Now

What is OpenZiti?

We created OpenZiti to provide the next generation of secure, open-source overlay networking. We strive to make it easy for developers and creators to focus on innovation.
We wanted OpenZiti to incorporate the principles of Zero Trust but not the name as it's not a product and only a subset of OpenZiti superpowers: more of a "ZiTi, not (just) Zero Trust".
Ziti is also a delicious Italian pasta so it was easy to pick the cute mascot that every Opensource project needs. Learn more about Ziggy by reading his blog or following him on Twitter.


Due to our open licensing approach (Apache 2.0), we are putting OpenZiti inside other applications can systems.

This is called 'Zitification' and currently this includes :
SSH, SCP, Prometheus, Kubectl, Helm, JDBC and more.

OpenZiti Open Source + NetFoundry SaaS

Dive into OpenZiti open source, or get your feet wet via NetFoundry SaaS (free up to 10 nodes). Either way, you'll have your first Zero Trust Fabric working in minutes, for use cases from Java apps to Postgres database access, and everything in between.


Open source

Git The Code


SaaS with hosted Fabric

Start Now

Learn more

See a demo or talk with an expert

Schedule briefing

Overcoming Security Challenges with Private Kubernetes Clusters

“Ziti allowed us to innovate and drive new business with a competitive edge.
Today, Ozone is the only CI/CD tool that automates private cluster deployments across any platform providing customers with zero trust, secured application delivery for private Kubernetes clusters.”

- Moteesh Reddy, Technical Lead, Ozone


Private apps and APIs, made simple

Clint shows how to wrap your app or API with a few lines of code to make your app unreachable from the networks.

Not even the host network is trusted - your app opens zero trust sessions, giving you end-to-end visibility, control and security, across any network, with no VPN, firewall or MPLS dependencies.

Close all your inbound firewall ports - your private, programmable fabric will broker all sessions.

End-to-end control, zero trust security and speed

Private networking infrastructure is an obstacle to your control, security and speed. Instead, embed zero trust networking in your apps, from your Java app to Postgres database access, and everything in between.

openziti open source zero trust