security
Expanding ngrok's free plan with security in one line
We strive to take ingress off developers’ plates with our platform and that requires making security-focused features accessible and easy to use. Today, I'm proud to announce an important step in that direction: we're adding our security features — OAuth and Webhook validation — to our free plan.
March 16, 2023
•
5
min read
How ngrok Actively Combats Phishing Attacks
Phishing attacks are one of the most common attacks on the internet, and ngrok is committed to actively trying to stop them.
February 28, 2023
•
5
min read
So you want to sign for Windows?
Are you getting that dreaded "Unknown publisher" message in Windows? Read on to learn about properly signing your releases in simple, repeatable ways.
January 4, 2023
•
10
min read
ngrok becomes Identity Aware with App Users
Today, we are adding additional visibility for users logging into your application through our edge. Now you can see your application users in the ngrok dashboard and view their identity details. In this blog, I'll explain why this feature is a huge win for security and how you can take advantage of it today.
November 17, 2022
•
5
min read
Webhook Security in the Real World
Webhooks are the foundation of modern API development. They enable us to react to changes in our systems, an incoming text message, a successful payment, or that latest pull request no matter our stack. While webhooks are universal in concept, they are unstandardized API contracts with few organizations paying attention to their design, security controls, and overall operational experience.
November 14, 2022
•
30
min read
Single Sign-On for the ngrok Dashboard
Even the best developers tools need to integrate with the systems and processes that protect your organization. With Dashboard Single Sign-On, ngrok is one of them!
November 9, 2022
•
5
min read
Announcing our SOC 2 Type 2 Report
We’re excited to announce that we have successfully completed the System and Organizational Controls (SOC) 2 Type 2 testing with no findings. Read more for more information.
July 20, 2022
•
3
min read
ngrok: Defense in Depth
Securing your environment is challenging in the best of times. With ngrok, you can centralize management to ensure policies are applied consistently, no matter the stack.
June 28, 2022
•
5
min read
Fighting Abuse on the ngrok Platform
While ngrok has made it easy to launch your fantastic new app online in one line, bad actors have also used this capability to launch their own attacks. Blocking and eliminating this malicious behavior is key to what we do and we've taken another step to protect users without breaking legitimate applications.
June 21, 2022
•
3
min read
Authentication with ngrok
In this post, I cover the different methods you can use for authenticating traffic with ngrok, including OAuth and OpenID Connect.
June 8, 2022
•
5
min read
Announcing the ngrok security and trust portal
Launching the ngrok security and trust portal is another step to towards transparency in how we approach the security of the ngrok service, our shared security model, how we handle data, and the steps we take to protect it.
May 24, 2022
•
4
min read
The ngrok Cheat Sheet
How to run ngrok with Slack webhook authentication? How to use GitHub OAuth? How to serve files? This cheat sheet shows the main commands! Print it and hang it on your wall or download it and keep it on hand.
May 12, 2022
•
3
min read
Deploying ngrok in Production
In this post, we navigate some of the best practices, key considerations, and features provided by ngrok for production scenarios
May 3, 2022
•
5
min read
Securing your Apps with Cloud Edge
Learn how to use ngrok Cloud Edge middleware to address app requirements – such as observability, load balancing, compression, and security – fast and without the burden of running and maintaining a middleware infrastructure.
April 26, 2022
•
10
min read
Securing your Applications with OAuth 2.0 in seconds
ngrok Secure Tunnels provides a simple to enable remote access to systems. With one command— i.e. `ngrok http 80` — you can share your apps, APIs, and systems with the world, without complex network configuration, reliability issues, and NAT. However, with power comes great responsibility so let's add OAuth 2.0
April 19, 2022
•
5
min read
Announcing our SOC 2 Type 1 Report
We’re excited to announce that we have successfully completed the System and Organizational Controls (SOC) 2 Type 1 examination establishing controls and safeguards within ngrok.
March 29, 2022
•
3
min read