Oakland, CA, USA
Jan 20, 2022   |  By Nicole Chelly
The SSH agent (ssh-agent) is an SSH key manager that stores the SSH key in a process memory so that users can log into SSH servers without having to type the key’s passphrase every time they authenticate with the server. In addition to the key management feature, SSH agent supports agent forwarding, which helps to authenticate with servers that sit behind a bastion or jump server.
Jan 19, 2022   |  By Andrew Helwer
Z3 is a satisfiability modulo theories (SMT) solver developed by Microsoft Research. With a description like that, you’d expect it to be restricted to esoteric corners of the computerized mathematics world, but it has made impressive inroads addressing conventional software engineering needs: analyzing network ACLs and firewalls in Microsoft Azure, for example.
Jan 18, 2022   |  By Rupert Hogan
Lack of access accountability and unmonitored access create a considerable security risk for organizations, and the best way to mitigate this challenge is by implementing identity-based access.
Jan 14, 2022   |  By Robert Watson
SSH servers are a common target for brute-force attacks. This is even more true if your infrastructure sits behind an SSH bastion because attackers have no choice but to compromise the bastion host either by exploitation or denial of service. In this article, we will list a few controls which will help you harden your SSH servers from brute- force attacks.
Jan 13, 2022   |  By Sakshyam Shah
SSH bastion hosts are an indispensable security enforcement stack for secure infrastructure access. Every security compliance standard that deals with remote infrastructure access (e.g., FedRAMP AC-17 - Remote Access, HIPAA §164.312(a)(1) - Access control, SOC2 CC6.1 - Manage Points of Access) mandates preventing direct network access to the servers and APIs.
Jan 12, 2022   |  By Josh Smith
2022 feels a little different, doesn’t it? Every day I’m prepared to hear something new, something scary, or something exciting. These last couple of years have made it seem like we just never know what is coming next. It’s no different for financial services companies who have to be prepared for the unexpected, including disruptive technologies that can challenge their core businesses.
Jan 11, 2022   |  By Daniel Mercado
Many market-leading companies who have dominated their respective sectors with hardware or on-prem/installable software solutions are turning to SaaS offerings to fuel the next phase of their growth. Why? Simple. Market valuations are much higher for SaaS companies than they are for traditional software and hardware companies. The median multiple on earnings for a SaaS company is 12.7x as of Q3 2021 according to venture capitalist Jamin Ball who tracks the Public Cloud Software (e.g.
Jan 7, 2022   |  By Troy Desjardins
One way to enhance SSH login security is by using two-factor authentication (2FA). This approach forces an administrator to self-identify with an additional security verification in addition to the local admin credentials. This tutorial guides you through setting up Google Authenticator PAM to enable 2FA for users connecting to SSH on a Linux server. We’ll use nano as our editor in examples.
Jan 6, 2022   |  By Ben O'donnell
SSH client configuration files allow us to connect to servers with pre-configured commands. This saves typing each SSH command parameter when logging into a remote machine and executing commands on a remote device. This article will examine secure shell (SSH) client configuration (config) files and their functions. Specifically, we will show an example of an SSH client config file to learn how to use these files before creating an example config file that connects to a fictitious server.
Jan 5, 2022   |  By Catherine Blake
Strictly following security best practices is the first step to cybersecurity. Although SSH is the industry standard for both security and efficacy for remote server access, as with any software, SSH is only as secure as configurations applied to the server and client configurations. In this article, we’ll explore five SSH best practices you should observe to boost the security of your infrastructure.
Jan 19, 2022   |  By Teleport
Computer security is no longer about data; it's about life and property. This change makes an enormous difference, and will shake up our industry in many ways. First, data authentication and integrity will become more important than confidentiality. And second, our largely regulation-free Internet will become a thing of the past.
Jan 8, 2022   |  By Teleport
We'll deep dive into the Request for Discussion docs used to build Teleport Desktop Access.
Dec 27, 2021   |  By Teleport
This session will discuss what MFA is, why it is critical to use it for all access, and strategies for implementing MFA across an organization. This presentation will also include a brief demo showing how open source software can be used to help enforce MFA when accessing servers, databases, web applications, and Kubernetes clusters. Speaker: Jonathon Canada
Dec 16, 2021   |  By Teleport
Quick Demo of Teleport 8.
Dec 14, 2021   |  By Teleport
Teleport manages graphical desktop access to remote hosts.
Dec 14, 2021   |  By Teleport
Quick Preview of Teleport 8.
Dec 14, 2021   |  By Teleport
Getting started with Teleport Desktop Access for Windows Servers.
Dec 2, 2021   |  By Teleport
Open Security Summit Nov 12, 2021. Using Teleport to Secure SSH and Kubernetes Access. By Sakshyam Shah Teleport is a Certificate Authority and an Access Plane for your infrastructure.
Nov 29, 2021   |  By Teleport

0:00 - Introduction to RFDs

6:59 - RFD 25 Hardware Security Module (HSM) support

Nov 24, 2021   |  By Teleport
Teleport provides secure access for cloud applications and infrastructure that doesn’t get in the way. When implementing strict zero-trust rules you sometimes need to escalate and elevate privileges. By leveraging PagerDuty, you are able to alert the request and approve or deny system access. Using PagerDuty’s schedule feature, you are able to dynamically assign administrative privileges based on who’s on call. This greatly reduces the scope of access.
Mar 5, 2020   |  By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
Mar 5, 2020   |  By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
Mar 1, 2020   |  By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
Feb 1, 2020   |  By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
Feb 1, 2020   |  By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.

Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.

Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.

Our products are open-source and based on open standards:

  • Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
  • Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
  • Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.

Grow your business across many production environments without having to worry about the vendor lock-in.