A Taste of OpenZiti

Designing and building a secure, private, distributed app can be daunting. In today’s world, application developers and solution providers are wise to assume whatever networks they are using are already compromised by bad actors.

So wow do you deliver a secure solution, and how can you be assured you have extreme visibility into who is using your network and what exactly they are doing?

Zero Trust Security Baked Right In

Here are a few of the things you need to design into your application

Strong Identity

You need to be confident all entities on your network are who they claim to be, and tightly control access to your network

Completely Dark

No open ports! Your application should be “dark”, meaning no inbound ports to your applications and services are available for direct attack

Segmented Access

Access to services on your network needs to follow a “least privileged access” model, allowing access only to exactly what is needed to help mitigate against lateral attacks


Things change constantly.  An auth event that is valid at one point in time may not still be valid in the face of changing event

End-to-End Encryption

Only your application and endpoints should be able to access private data.


The Demo Environment

We are providing this “Taste of Ziti” environment to show how you can embed OpenZiti into your applications and quickly achieve the benefits listed above. “Taste of Ziti” consists of.

A Simple App

A simple “Pet Store” application based on the Swagger PetStore


Instructions for “brownfield” access using OpenZiti “tunnelers”

Sample Code

Example code for access from various devices (e.g., mobile) and programming languages


 Brief tutorials on configuring access and investigating how the network is being used

To start basic, we set up an instance of everyone’s favorite Swagger PetStore Server in a completely dark environment. This app is a great example of how easy it is to access a service that has no public ports available without any special firewall configuration. Try it out by pasting a couple lines of code of your favorite programing language. 

What is OpenZiti?

At NetFoundry, we believe the best way to accomplish is in software, leveraging a software overlay network that can be embedded directly inside all parts of your application. And that this overlay network (and associated SDKs) needs to be completely free and available… We call this tech OpenZiti.

Embed the Next Generation of Security in Your Next App

Join our community.

The online home for OpenZiti. Connect with other developers, ask questions, share projects, solve problems and grow.

Please Star us on GitHub Star