From an European perspective: You are asking for a lot of trust. Meanwhile, you violate any trust by not complying with GDPR. That's an honest question: why should I grant your closed source application access to my network, if you aren't even respecting my privacy (rights) on a fundamental level?
Hi jsuki - I work at Twingate and we take privacy really seriously, but compliance with GDPR doesn’t require companies to open source their products. We also actually don’t collect much personal data - mainly the names and emails of users (not even passwords since we rely on identity providers to authenticate users). Also, any data sent between client devices and private network resources secured with Twingate is encrypted end-to-end so there’s no way for us to inspect it.
You do ask a valid question about why you should trust us, though. As a security company, we can’t build a business if we don’t have the trust of our customers. Our product undergoes security reviews by an external party and we are in the process of getting a third party security audit done, so you won’t just have to take our word for it.
