Built in 100% safe Rust. Sovereign by design, secure by construction. Ready for regulated production.
ZenoIngress is a Kubernetes Gateway API controller built from the ground up in 100% safe Rust. Keep your front door in your own jurisdiction — an inside-out edge tunnel terminates TLS on infrastructure you control, not a third party's network. Post-quantum TLS, a built-in WAF, zero-trust mTLS + Cedar authorization, and a hybrid edge for air-gapped and sovereign clusters — the security frontier, in a single memory-safe binary.
Free for 1 production cluster — every feature, no card · Enterprise €5,000/year (unlimited clusters, support & SLA)
Built with Rust, hyper, and tokio. Zero-cost abstractions, no garbage-collection pauses, and zero unsafe code.
resident under load
static, multi-stage build
unsafe Blocksworkspace-wide #![forbid(unsafe_code)]
hybrid key exchange, by default
Footprint & safety facts from internal measurements — not a competitive benchmark. A head-to-head latency/throughput comparison vs NGINX/Envoy is in progress and will be published when the methodology is sound.
The capabilities competitors bolt on with sidecars and external services — post-quantum crypto, a WAF, zero-trust identity, and policy authorization — built in, in memory-safe Rust.
Quantum-safe by default. TLS 1.3 handshakes prefer the hybrid X25519MLKEM768 group (ML-KEM-768 / NIST FIPS 203), defeating "harvest-now-decrypt-later" — downstream and re-originated upstream.
Run Coraza + the OWASP Core Rule Set in a sandboxed proxy-wasm filter — SQLi, XSS, path-traversal and scanner blocking inside the ingress. No external WAF appliance.
End-to-end mTLS with SPIFFE/SVID workload identity, plus an in-process Cedar authorization engine — fine-grained allow/deny with no external OPA sidecar.
100% safe Rust under a workspace-wide #![forbid(unsafe_code)] — whole classes of CVEs that plague C/C++ proxies simply cannot occur. Exactly what CISA/NSA asked vendors to commit to.
Built for the Kubernetes Gateway API from day one—not retrofitted from legacy Ingress. Modern, expressive, and future-proof.
Comprehensive observability with Prometheus metrics, structured JSON logging, and OpenTelemetry distributed tracing out of the box.
Run ingress anywhere—even behind NAT or firewalls. Proxies connect outbound to our edge servers, enabling ingress without inbound network access.
Enterprise-grade authentication with OAuth2-Proxy compatible ExtAuth. Secure your APIs with external identity providers.
Sticky sessions for stateful applications. Route users to the same backend consistently with cookie, header, or IP-based affinity.
Modern protocol support for maximum performance. HTTP/2 multiplexing reduces latency. Secure backend connections with TLS.
Clear separation between control plane and data plane. Proven pattern used by Envoy, Linkerd, and modern proxies.
The controller watches Gateway API resources and generates configuration for the proxy.
The proxy handles all traffic, routing requests to backend services with minimal overhead.
Global edge infrastructure for hybrid mode deployments. Terminates TLS and routes to origin proxies.
Proxies behind firewalls connect outbound to edge servers. No inbound ports required.
Three simple steps to a sovereign, memory-safe ingress.
Deploy ZenoIngress today and run a sovereign, memory-safe data plane in your Kubernetes cluster.