LayerV is a preemptive cybersecurity platform that makes infrastructure invisible to attackers. We implement the OpenNHP (Network Hiding Protocol) standard from the Cloud Security Alliance. Instead of detecting attacks after they start, we prevent them by eliminating the attack surface entirely.

How does LayerV work?

LayerV uses a 5-step authentication flow: (1) Knock - encrypted request sent, (2) Verify - identity and policy validated, (3) Grant - temporary tunnel opened, (4) Connect - resource visible only to authenticated user, (5) Audit - access logged. Protected resources have zero network presence until authentication succeeds.

No. VPNs encrypt traffic but servers remain visible and scannable. LayerV makes servers completely invisible - they have zero network presence until authentication succeeds. This is a fundamentally different approach called Network Hiding.

LayerV is generally available. Free tier includes 500 qURLs/month for developers. Enterprise plans with custom SLAs are available. Try the interactive playground at layerv.ai/qurl/playground — no signup required.

What identity providers does LayerV support?

LayerV integrates with major identity providers including Okta, Azure AD (Entra ID), Google Workspace, Auth0, and Ping Identity. Any OIDC or SAML-compatible provider can be integrated.

A qURL is an identity-bound, single-use, expiring access object — the primitive replacing the URL for the agent era. It is minted by LayerV on the OpenNHP (Network Hiding Protocol) standard, and the resource it points to does not respond on the network until the qURL is presented and identity is proven. Try the interactive qURL Playground at layerv.ai/qurl/playground.

For Security Leaders

Secure Enterprise Access from Chat

Employees and AI agents increasingly work inside Slack, Teams, and AI assistants. qURL Agent provides identity-bound access to enterprise applications without VPN clients or exposed login portals.

☁ Cloud Security Alliance🔐 Military-grade encryption⭐ 13.8K+ GitHub Stars🌐 UN Digital@UNGA

Why Current Security Fails

Defense-in-depth still leaves you exposed.

94% of breaches start with an exposed attack surface. These tools were designed for a world where exposure was unavoidable.

GARTNER

“In the age of GenAI, preemptive capabilities—not detection and response—are the future of cybersecurity.”

— Gartner, September 2025 Read more →

qURL Changes the Security Equation

Security capability comparison: VPN/ZTNA, Login Portal/MFA, WAF vs qURL
Capability	VPN/ZTNA	Login Portal/MFA	WAF	qURL
Invisible before login	Always visible	Always visible	Always visible	Nothing to find
Stops zero-day exploits	No	No	Only after patching	No target to hit
Blocks DDoS attacks	No	No	Rate limits only	No target to flood
Defeats credential theft	Endpoint is the target	Login page exposed	No	Nothing to log into
Requires client software	Client or agent	Browser redirect	Inline proxy	No — standard browser

Invisible before login

VPN/ZTNAAlways visible

WAFAlways visible

qURLNothing to find

Stops zero-day exploits

VPN/ZTNANo

WAFOnly after patching

qURLNo target to hit

Blocks DDoS attacks

VPN/ZTNANo

WAFRate limits only

qURLNo target to flood

Defeats credential theft

VPN/ZTNAEndpoint is the target

WAFNo

qURLNothing to log into

Requires client software

VPN/ZTNAClient or agent

WAFInline proxy

qURLNo — standard browser

“Finally — a security approach that doesn’t just add another layer of defense, but makes the target invisible entirely.”
— CISO, Major Entertainment Company

Where Your Team Already Works

Access Apps Without Leaving Chat

Employees and AI agents increasingly work inside Slack, Teams, and AI assistants. qURL delivers secure access directly in those environments—without VPN clients, login portals, or shared credentials.

# engineering

Dana Mehta 10:42 AM

@qURL I need access to the Salesforce admin console

qURL BOT 10:42 AM

✓ Identity verified via Okta. Here’s your single-use link — it opens for you only and expires in 1 hour.

https://qurl.link/#at_97cp9ik_j-c0e0iyhyidna

No VPN. No password. No public URL. Full access logged.

Legacy Enterprise Access	qURL Access
VPN/ZTNA client	Chat message
Login portal	Identity-bound qURL link
Credential theft	No credentials to steal
Permanent access	Single-use access
Browser-only workflow	Human and AI workflow
Exposed infrastructure	Invisible by default

Business Impact

Risk. Compliance. Efficiency.

Risk Reduction

Attackers can’t target what they can’t see. No ports to scan. No endpoints to probe. No DDoS target. Your exposure drops to zero.

Compliance

Every access is tied to a verified identity — who, when, from where, for how long. Full audit trail with 1–7 year retention. Built for SOC 2 and HIPAA compliance.

Operational Efficiency

No VPN clients to manage. No firewall rules to maintain. No security patches to rush. Reduced operational overhead.

Deployment

Two ways to deploy.

Start in minutes with a chat bot, or integrate qURL directly into your infrastructure.

No-CodeInstall the qURL BotNo code. Live in minutes.

Add the qURL Bot to Slack. Your team generates identity-bound, single-use access links to internal apps and files right from chat — no client software, no infrastructure changes.

Install Slack Agent →

For DevelopersIntegrate the qURL API & MCPBuilt into your stack and AI agents.

Wire qURL into your own applications, gateways, identity provider, or MCP servers with a single API call. Make APIs, apps, AI agents, and private services invisible by default — accessible only after cryptographic verification.

Developer Platform →

Capability

VPN/ZTNA

WAF

qURL

Invisible before login

Always visible

Nothing to find

Stops zero-day exploits

Only after patching

No target to hit

Blocks DDoS attacks

Rate limits only

No target to flood

Defeats credential theft

Endpoint is the target

Nothing to log into

Requires client software

Client or agent

Browser redirect

Inline proxy

No — standard browser

Legacy Enterprise Access

qURL Access

VPN/ZTNA client

Chat message

Identity-bound qURL link

Credential theft

No credentials to steal

Permanent access

Single-use access

Browser-only workflow

Human and AI workflow

Exposed infrastructure

Invisible by default