The Digital Operational Resilience Act (DORA) comes into full effect on January 17, 2025. This deadline marks a monumental shift in how financial institutions and their technology providers prioritize and maintain operational resilience and cybersecurity standards – and sets in stone real business and regulatory consequences to ensure resilience is achieved. And like any sweeping security regulation, organizations must embark on an uphill journey to earn full compliance.

The explosive growth of computing infrastructure has ushered in a new era of complexity for engineering, infrastructure, and security teams. Managing access, identities, and policies across thousands—or even tens of thousands—of resources such as physical servers, multi-cloud platforms, and web apps is no small feat in itself.

Teleport 17 marks our final major release of the year, bringing significant enhancements to our platform. In the six months since Teleport 16, we've not only developed this major release but also introduced several valuable features through minor and patch updates. A core theme for this release is scalable, secure, and resilient infrastructure access. This starts with our expanded focus on AWS Access. Teleport 17 includes preview support for AWS IAM Identity Center.

The AI hype cycle is in full swing, and “AI” has become the latest buzzword getting attention in boardrooms. Hyperscalers like Salesforce, Microsoft, and Google are racing to make agentic AI, that is AI that can operate independently of human intervention, available to the wider public. There is broad commercial support for it: 82% of executives surveyed by Capgemini plan to implement AI agents within the next three years.

It’s been a year since we debated if Santa is an insider threat. For this festive newsletter, I’m going to be following up with how to wrangle in the elves. Historically Santa elves are known for their workshop skills, putting together cute wood toys and sewing holiday stockings. Fast forward to the 21st century and the skills required to be a modern elf have exploded.

Companies may scale their cloud resources in pursuit of product, cost, or process innovation. However, this does not come without a cost of its own. The resulting infrastructure complexity, created from a growing sprawl of access silos, can introduce friction into engineer and security workflows.

At Teleport we love modern infrastructure and open-source software, but don't like static credentials and passwords. This created a challenge for us when deploying Temporal, an open-source workflow automation software on EKS: Temporal always requires a password to authenticate to the backend RDS database. To solve this problem, we turned to Teleport Machine & Workload Identity.

As organizations have transitioned from legacy IT infrastructure to cloud-native, ephemeral modern infrastructure, the needs of how privileged access is handled have shifted, too. Modern infrastructure presents unique challenges that legacy Privileged Access Management (PAM) tools, originally architected for more static environments, weren’t designed to handle. In this post, we explore why characteristics of modern infrastructure require a modern approach to PAM.

Teleport's Database Access Controls (DAC) have always been designed to offer secure, auditable access to databases. But in today's rapidly evolving security landscape, simply having access controls isn't enough. Organizations need more granular control, better visibility, and seamless integration with existing security policies. This post explores how Teleport's latest features—object-level permissions and Teleport Policy integration—address these needs.

89% of organizations suffered at least one security incident in the past three years, according to The 2024 State of Secure Infrastructure Access, a new survey of 250 security and engineering leaders. The rise of cloud computing, the surge of identity-based attacks, and increasing regulatory compliance concerns have forced companies to rethink how they handle security, productivity, and compliance.