It’s a familiar nightmare you’ve heard of and might even face as a developer or security engineer: alerts firing in all directions warning that your company’s VPN and firewall — that supposedly “safe” defensive perimeter around your infrastructure — has been breached. And the scariest part is that you find out after the fact — after access credentials and customer assets have been stolen.
If you’re a developer, devops or security engineer whose continuous integration (CI) systems rely on shared secrets for access management, you probably know firsthand the security risks that shared secrets present.
After 4 months of hard work we’re proud to announce the release of Teleport version 12! From expanded Windows and Kubernetes support, to a preview of a brand new feature we’re calling Device Trust, Teleport 12 is loaded with improvements and new capabilities that make it easier than ever to securely access your entire infrastructure ecosystem.
"Crunchy on the outside, chewy in the middle". That's how Google described its perimeter-based security targeted high-profile companies such as Google, Adobe, Akamai, Rackspace, etc., with said primary reason of modifying the source codes. In response, Google initiated a perimeter-less and trustless access control system now popularly known as BeyondCorp. BeyondCorp comes from a realization that VPN perimeter network security is obsolete.
I predict that 2023 will be the year of Passkeys. Passkeys are a new passwordless authentication method allowing users to create online accounts and sign in without entering a password. Passkeys have been years in the making and finally, industry fido alliance collaboration (fido2) and the adoption between Apple, Microsoft, and Google have now made it a reality. Passkeys leverage the WebAuthn API to let users log into various websites and applications.
Copying files between computers is a common task, and there are a lot of protocols designed to do just that. But not all protocols are created equally. Many people use the popular OpenSSH scp command to transfer files, but few understand the risks surrounding it. This blog post will attempt to explain what the SCP and SFTP protocols are, how they work, and why SFTP should be used wherever possible.
If you've ever used Linux, you’ve probably heard about SELinux or Security-enhanced Linux. For a very long time, my interaction with it was just restricted to: Like many other security solutions, SELinux can sometimes be annoying, and understanding even the basic concepts can change our bigger enemy to our best friend.
At its core, Active Directory domain services (AD DS) is a structured data store of objects in the domain controller. It is a directory service from Microsoft for identity management and access control in Windows domain networks. Active Directory can authenticate users, groups, services and computers to protected information. In addition to that, AD DS also helps to implement security policies and permissions. AD DS enforces them for all computers in your network.
In Teleport 8, we introduced the TLS Routing feature that can multiplex all client connections on a single TLS/SSL port. Recently we've added support for TLS Routing for Database Access when Teleport is deployed behind an AWS Application Load Balancer (ALB). In this article, we will take a deep look at the problem with Teleport behind an ALB and how we solved it.
It’s the news everyone’s been waiting for: Teleport’s version 11 release! This release is packed with features from SFTP support all the way to GitHub Actions Machine ID compatibility. Let’s dive in!
