Remove the Attack Surface

SSHepherd™ completely removes the open, listening ports for SSH, RDP and applications like databases while still maintaining the full access and functionality of those services and applications.


Completely Remove the Attack Surface of SSH, RDP and Applications

SSHepherd™ is not utilizing port knocking or packet filtering. It is not a SSH proxy. It is not moving ports.

It is a Zero Trust based, patented (US Patent 11153340) technology allowing the complete removal of TCP/IP ports listening for incoming connection requests.

Once SSHepherd™ is deployed, only authorized users will be able to connect to protected servers. The ability to hide servers from active scanning extends to both physical and virtual machines, on-premise or in the cloud.

SSHepherd™ was born to remove common attack surfaces and provide secure user-to-server connections.

Charles Davis, VP of Engineering, explains more >


Control the Access

Removal of the attack surfaces so that only authorized users and applications see the RDP, SSH, and application servers

Archive for Audit Compliance

Archives connected sessions from last week, last month, or years in the past to assist in forensic analysis and audit compliance

Full Auditing

Logs all activity to your SIEM including who is accessing, when, where, from which machine, and their activity

Terminate Sessions Immediately

Continually evaluates and can terminate sessions (manually or automatically) based on rogue behavior

Prevents Lateral Movements

Prevents lateral movement by removing points of ingress and egress

On-Premise and Cloud

Applies to all resources whether on-premise or in the cloud

Easy Deployment

Deploys easily with workflows and DevOps automation tools (Chef, Puppet, Ansible, etc.)

Real-Time Live Look

Live look so you can see the connected sessions and view current operations



Zero Trust for Remote Access
Learn More


Removing the Attack Surface
Learn More


Advanced Auditing of Remote Access
Learn More

See It Work

SSHepherd Full SSH Access No Open Ports