Show HN: Defguard – open-source security army knife (Identity,MFA,VPN,Yubikey)
github.comHey Defguard team. Pretty cool work. All in one is something that was missing. I hope companies will pay more attention to security and will use this kind of solutions. Definely worth!!
Hey Hacker News! I'm Robert - the founder of Defguard. If you would like to get some background, motivation - please read the Defguard announcement blog post:
https://teonite.com/blog/defguard/
Anyhow, I'm here every day, so please do not hesitate to ask any questions - I’ll be more than happy to answer!
Hi Robert! What you are doing with Defguard (and teonite!) looks great! (btw -- fucking cool site^0, who did your team photo art? awesome!)
DefGuard looks like a great way for average folks and small business to get quickly and easily secure in their infrastructure! Sounds like you value creating something really quality and putting it out there, making it free and open (even Open Source!) along the way, and also like you really want to provide as much value as you can for folks in the security space.
It's probably way too different an aspect of security to compare, and the different licenses are likely a big problem, but the values you express with Defguard resonate with what we're doing with BrowserBox open-source^0, and I bet it's the dumbest question you will see on this thread and I'm sure it will seem like a tacky promo so I'm sorry, but would it be a terrible idea to integrate BrowserBox open-source into your swiss-army knife?
> Hi Robert! What you are doing with Defguard (and teonite!) looks great!
Thank you for your kind words!
> fucking cool site, who did your team photo art? Awesome!
Thank you! ;-) The credit goes to our creative director (Krzysztof - on our About page) - and the team who build the website. One thing that may interest you - our "team art" is done with (soon to be released - and most probably open-sourced) geonodes^0 platform.
> (...) would it be a terrible idea to integrate BrowserBox open-source into your swiss-army knife?
This is our first open-source product - and just from brief glance on BrowserBox GitHub - you clearly have more experience in that area - so I’m open to any discussions. Would be great to connect and have a brainstorming session, to understand your project better and how can we find value for the users to secure them with ease of use (which is our main focus). If you are open to that - my contact data are in my HN profile, and hope to chat soon!
Cool! I love that geonodes site. I like everything about your products especially how it looks! :)
Is it like a tailscale?
Hi, I'm Jacek, one of Defguard's core developers. Defguard is about more than just VPN, though it does play an important role. Think of it as identity service, building features on top of identity - VPN being just one of them. Other features include: OpenID Connect provider, MFA (TOTP, WebAuthn/FIDO2, Web3), YubiKey provisioning, webhooks. As Robert mentioned, mesh networks support is planned.
We already have a PoC/code working of WireGuard peer discovery/connections without a central VPN gateway. Soon we will publish that module, and you will be able to deploy *your own private tailscale*.