Product releases, engineering write-ups, threat modeling, and pragmatic guides from the team building Wardengate. No thought leadership. Things we have actually seen work in production.
6 articles across 4 topics
A pragmatic, stage-by-stage approach to retiring scattered jump hosts without burning an operational weekend or punching new holes through segmentation.
Policy-as-code for privileged access: how to express who may reach what, under what conditions, and how to test those rules before they govern production.
The 2026.02 release introduces structured evidence exports for SOC 2, ISO 27001, and PCI — designed with the questions your auditors actually ask.
A structured threat model of the classic SSH bastion pattern — what it protects, where it leaks, and why 'one more hop' is no longer enough.
Just-in-time access works when it is boring. Four patterns we see in production, the pitfalls that quietly undermine them, and how to tell JIT apart from rebranded standing access.
Keep reading
Start with the installation guide, explore policy examples in the docs, or talk to the team about your bastion migration.
