OpenNHP is a cryptographic protocol that makes infrastructure invisible to attackers while remaining accessible to authenticated users. Developed with the Cloud Security Alliance, it's the foundation of next-generation preemptive security.
Single Packet Authorization (SPA) flips the security model. Instead of exposing services and filtering bad actors, hide everything and only reveal to verified users.
All ports closed. No response to any probe. Your infrastructure is invisible to scanners.
Authenticated users send a single encrypted packet proving identity before any connection.
Port opens only for that user, only to that resource, only for that session.
The result: Attackers can't exploit what they can't see. No reconnaissance, no vulnerability scanning, no lateral movement.
Unlike firewalls that respond to probes, OpenNHP makes infrastructure undetectable. No ports, no banners, no attack surface.
Single Packet Authorization adds <1ms latency. No VPN tunnels, no performance degradation.
Authentication happens before network access, not after. Integrates with your existing IdP (Okta, Azure AD, etc.).
OpenNHP is the protocol. LayerV is the enterprise platform.
Production-hardened implementation with SLAs, support, and compliance documentation.
Global edge network, automated deployments, and monitoring — so you focus on your business.
Direct access to the protocol co-authors. We don't just implement the spec — we wrote it.
Read the official OpenNHP Internet-Draft, published January 2026.
Explore the reference implementation. MIT licensed, community maintained.
Learn about the Cloud Security Alliance's Zero Trust initiatives.
Build on the standard with LayerV's production-ready implementation.