🌞 Sunray
European Open Source Zero Trust Web Access Control Solution
SunRayblocks zero-day attacks,
deploys without code changes,
secures your APIs in 5 minutes flat.
Protect your applications against all attacks!
Web Attacks Are Exploding: Act Now
The statistics don't lie - every day you wait, you take huge risks
par organisation sur le T3 2024
"Check Point Research, rapport Q3 2024"
Des attaques de plus en plus coûteuses
Rapport IBM Cost of a Data Breach 2024
97/138 exploitées comme zero-days en 2023
Google Mandiant — "Trends on Zero-Days Exploited In-the-Wild in 2023
Is Your Web Security Really Effective?
These issues cost businesses millions every year
Complex and Long Deployments
Modifying your applications to integrate security takes months, costs a lot, and introduces bugs. Your teams are already overwhelmed.
Unprotected APIs and Webhooks
Your APIs and webhooks are prime targets for attackers, but effectively protecting them seems like an impossible mission.
Unaffordable Enterprise Solutions
Enterprise security solutions cost a fortune (€15,000-50,000/year) and require dedicated teams that SMEs do not have.
Proprietary Black Boxes
It is impossible to audit or customise proprietary solutions. You do not really know how your security works.
Unstoppable Zero-Day Attacks
Traditional WAFs cannot block what they do not know. Zero-day attacks exploit this weakness every day.
Weak and Frustrating Authentication
Passwords are easily compromised. Traditional multi-factor authentication frustrates your users and hinders productivity.
Sunray: The Revolutionary Solution
Sunray combines a distributed Zero Trust architecture, WebAuthn biometric authentication, and proactive protection against zero-days. All without a single line of code to modify.
💡 Revolutionary Architecture
Sunray completely separates management (secure server never exposed) from enforcement (edge workers). This unique architecture ensures maximum security with optimal performance.
🇪🇺 Digital Sovereignty
Designed and developed in Europe, open source, sovereign deployment. Your data never leaves your infrastructure. Native GDPR and NIS2 compliance.
- Open Source: Total transparency, no vendor lock-in
- Minimal attack surface: Circuit-breaker architecture — Sunray never sees application traffic
- Modern authentication: Passkeys/WebAuthn (biometrics)
- Native scalability: From 10 to "x millions" of users
- Deployment without modification: Your applications remain intact
- Cost reduction by 10while maintaining an enterprise-level security
Key Features
Everything you need
Distributed Zero Trust Architecture
Isolated management server + edge workers. No exposed attack surface, maximum protection guaranteed.
All-in-one solution
Authentication + WAF + DDoS + Bot Management + CDN - All security features in a single application.
WebAuthn and Biometric Authentication
Fingerprint, facial recognition, hardware keys. Maximum security with a perfect user experience.
Deployment Without Modification
No code changes required. Your applications continue to function exactly as before, but protected.
Secure APIs and Webhooks
Transparent protection of machine-to-machine communications with the same security as for humans.
Open Source Solution
Keep control of your data and solutions. Total auditability, no backdoors possible.
Compliance
GDPR and NIS2 compliant. Complete audit trail. Sovereign on-premise deployment.
Simplicity
Advanced graphical interface, centralised configuration, no changes to applications.
✅ Perfect for your named access applications
- Client/supplier portals: Secure access without VPN
- Business applications: ERP, CRM, exposed internal tools
- APIs and webhooks: Transparent protection of M2M exchanges
- Staging sites: Securing test environments
- Extranets: Secure collaboration with partners
- Regulated applications: Health, finance, public sector — native GDPR/NIS2 compliance
💰 Immediate ROI
90% cost reduction vs traditional WAF
- ✓ Deployment in less than 2 hours
- ✓ Zero modification of existing code
- ✓ Enterprise protection at an affordable price
- ✓ Sovereignty of your data guaranteed
Comparison with Competitors
| Criteria | Enterprise WAF | VPN | Sunray |
|---|---|---|---|
| Monthly cost | €5000-15000 | €500-2000 | €50-500 |
| Complexity | High | Medium | Low |
| Modification apps | Sometimes | No | Never |
| Zero-Day Protection | ✅ | ❌ | ✅ |
| User Experience | Transparent | Restrictive | Transparent |
| Scalability | Costly | Limited | Native |
| Open Source | ❌ | Sometimes | ✅ |
| Data Sovereignty | ❌ (US) | Partial | ✅ |
| GDPR/NIS2 Compliance | Complex | Partial | Native |
💡 Important:Sunray does not replace a WAF for public applications — it eliminates the need for a WAF for named access applications while ensuring the sovereignty of your data.
Competitive Pricing
Free Tier - Self Hosted
Ideal for technical teams, testing and evaluation, cost-sensitive deployments
- Deployment on your infrastructure
- Features: Complete security stack
- Support: Community
- No support
Configuration by you, Direct access to the repository
Get started nowProfessional - muppy managed
Ideal for business deployments and for teams wanting a managed service
- Automated deployment with muppy
- Features: Complete security stack + advanced monitoring
- Included support
- Email assistance
+€1 / month / additional user
Partner (*): contact us for pricing
Enterprise
Ideal for: large organisations, compliance requirements, custom needs
- Specific deployment
- Professional features + custom integrations
- Dedicated Customer Success Manager
- Enterprise support
Custom configuration, tailored pricing
Contact usCompetitive pricing: it's not just marketing
See our detailed comparisonProtect your applications today
📞 Contact
Email : contact@oursbl.eu
Source:
gitlab.com/cmorisse/sunray-server
gitlab.com/cmorisse/sunray-worker-fastapi
gitlab.com/cmorisse/sunray-worker-cloudflare
💡 Next steps
- 1. Proof of Concept on pilot application
- 2. Production deployment
- 3. GDPR/NIS2 compliance assessment
"Security is a pain, not a feature — so let's make it affordable, sovereign, and invisible."