Ngrok, Inc

The topic of this article may not meet Wikitia's general notability guideline. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Ngrok, Inc" – news · newspapers · books · scholar · JSTOR (Learn how and when to remove this template message)

Ngrok, Inc is an American software company headquartered in San Francisco, California.^[1]. The company develops ngrok, a globally-distributed API gateway and reverse proxy with a web-based management interface.

History

The ngrok (pronounced "en-grock", /ˈɛn.ɡrɒk/) software was originally created in March 2013^[2] by the company's founder-to-be Alan Shreve. It was created as an exercise to learn the Go programming language^[3], and was a port of the tool localtunnel^[4] created by Jeff Lindsay whom Alan worked with at Twilio.

ngrok started off as an open source project under the Apache 2.0 license, transitioning later to be closed source with the release of ngrok 2.0 in April 2015.^[5]

ngrok 2.0 was a full rewrite of ngrok 1.0 to get away from early mistakes made in 1.0, and to make it possible for ngrok to be deployed in a multi-region configuration.^[6]

In July 2015 ngrok LLC was registered in California^[7]. The company was later incorporated in Delaware on January 1st 2022.^[8]

In December 2022 ngrok, Inc. raised $50 million in a Series A led by Lightspeed Venture Partners with participation from Coatue Management.^[9]

Products and Services

ngrok provides a unified gateway for applications on the internet, with the ability to provide a single interface no matter where the application is deployed.

Globally distributed load balancing

ngrok is built on top of AWS^[10] and has points of presence in 8 regions: Singapore, Sydney, Frankfurt, Mumbai, Tokyo, São Paolo, Ohio, California^[11]. Requests to services behind ngrok are load balanced to the closest location to where the request originated. By default, TLS termination is also done at the closest location to the request origin.

Authentication

ngrok integrates with OAuth providers, giving you the option to require authentication for your services^[12]. OIDC is also supported^[13].

Mutual TLS

ngrok supports mutual authentication through mTLS^[14], allowing you to restrict access to only trusted clients.

Kubernetes Operator

ngrok offers a Kubernetes Operator you can install in your cluster to create ngrok-managed Ingress resources^[15]

Monitoring

ngrok offers the ability to monitor HTTP traffic through a web-based dashboard^[16]. Data that's visible by default includes request path, request method, originating IP address, status code, and duration. Full request and response body logging is available through settings.

Use in cyber attacks

From as early as 2014, ngrok has been used in malicious ways^[17]. ngrok offers a free and verified HTTPS endpoint that you can use to host whatever you want, this has been abused to host phishing pages masquerading as Google^[18] and Facebook^[19]. It was used to distribute the Lokibot malware^[20]. It has been used in cryptomining attacks^[21]. It was used by the Cozy Bear hacking group for command and control^[22]

References

External links

Add External links

This article "Ngrok, Inc" is from Wikipedia. The list of its authors can be seen in its historical. Articles taken from Draft Namespace on Wikipedia could be accessed on Wikipedia's Draft Namespace.