Otterize OSS
An open source implementation of intent-based access control (IBAC) for a Kubernetes cluster. Automatically configure your existing access controls based on clients intents.
Create and manage network policies

Instead of managing pod identities and labels or configuring network policies, let developer intents automatically set access controls.
- Client intents are an easy way to manage network policy-based access control, building on service names that developers already know.
- Bootstrap client intents files from existing traffic using the network mapper.
- Updating client intents will automatically update the network policies.
Create and manage network policies
Instead of managing pod identities and labels or configuring network policies, let developer intents automatically set access controls.
- Client intents are an easy way to manage network policy-based access control, building on service names that developers already know.
- Bootstrap client intents files from existing traffic using the network mapper.
- Updating client intents will automatically update the network policies.

Configure secure access for Kafka

Secure all calls from your Kafka clients with mTLS, and start enforcing topic-level access.
- Easily deploy mTLS between clients and Kafka.
- Control topic-level access by automatically configuring ACLs using Otterize intents files.
- Start with one or two sensitive topics and gradually roll out to others.
Configure secure access for Kafka
Secure all calls from your Kafka clients with mTLS, and start enforcing topic-level access.
- Easily deploy mTLS between clients and Kafka.
- Control topic-level access by automatically configuring ACLs using Otterize intents files.
- Start with one or two sensitive topics and gradually roll out to others.

Get full visibility into pod-to-pod traffic

Use Otterize network mapper to map pod-to-pod traffic within a Kubernetes cluster.
- Continuously sniff your network to build a functional map of your cluster.
- Bootstrap access controls from existing traffic, by generating client intents files.
Get full visibility into pod-to-pod traffic
Use Otterize network mapper to map pod-to-pod traffic within a Kubernetes cluster.
- Continuously sniff your network to build a functional map of your cluster.
- Bootstrap access controls from existing traffic, by generating client intents files.

Rollout mTLS

Deploy mTLS without manually configuring a trust server (CA) or an identity provider.
- Automatically generate and provision certificates to every workload in a Kubernetes cluster.
- Automatically renew certificates according to pre-configured policies.
Rollout mTLS
Deploy mTLS without manually configuring a trust server (CA) or an identity provider.
- Automatically generate and provision certificates to every workload in a Kubernetes cluster.
- Automatically renew certificates according to pre-configured policies.
