Risky Business Soap Box: Knocknoc glues your SSO to your firewalls for Just-in-Time network access
8 snips
Mar 26, 2025 In this engaging conversation, Adam Pointon, CEO of Knocknoc, shares his expertise in innovative network access control solutions. He discusses the importance of securing Single Sign-On services and minimizing exposure by integrating advanced tools like Identity-Aware Proxies. Adam clarifies common misconceptions about SSO vulnerabilities and highlights strategies to isolate critical applications from the internet to enhance security. With a focus on Just-in-Time Network Access Control, he outlines how to streamline access while maintaining robust protection for sensitive environments.
AI Snips
Chapters
Transcript
Episode notes
Firewalling Vulnerable Systems
- Restrict access to vulnerable systems by firewalling them off from the internet.
- Grant access only through authenticated SSO, dynamically opening ports to verified IPs.
Just-in-Time Network Access Control
- Knock Knock orchestrates existing firewalls out-of-band, rather than sitting in the network path.
- It dynamically manages port access based on user authentication and IP address.
IPv6 and Identity-Aware Proxy
- One Knock Knock customer, an IPv6 shop, benefits from the product's individual user attribution.
- It also offers identity-aware proxy functionality for vulnerable web applications.