|
By Jack Pitts
Companies may scale their cloud resources in pursuit of product, cost, or process innovation. However, this does not come without a cost of its own. The resulting infrastructure complexity, created from a growing sprawl of access silos, can introduce friction into engineer and security workflows.
|
By Gavin Frazar
At Teleport we love modern infrastructure and open-source software, but don't like static credentials and passwords. This created a challenge for us when deploying Temporal, an open-source workflow automation software on EKS: Temporal always requires a password to authenticate to the backend RDS database. To solve this problem, we turned to Teleport Machine & Workload Identity.
|
By Eddie Glenn
As organizations have transitioned from legacy IT infrastructure to cloud-native, ephemeral modern infrastructure, the needs of how privileged access is handled have shifted, too. Modern infrastructure presents unique challenges that legacy Privileged Access Management (PAM) tools, originally architected for more static environments, weren’t designed to handle. In this post, we explore why characteristics of modern infrastructure require a modern approach to PAM.
Teleport's Database Access Controls (DAC) have always been designed to offer secure, auditable access to databases. But in today's rapidly evolving security landscape, simply having access controls isn't enough. Organizations need more granular control, better visibility, and seamless integration with existing security policies. This post explores how Teleport's latest features—object-level permissions and Teleport Policy integration—address these needs.
|
By Jack Pitts
89% of organizations suffered at least one security incident in the past three years, according to The 2024 State of Secure Infrastructure Access, a new survey of 250 security and engineering leaders. The rise of cloud computing, the surge of identity-based attacks, and increasing regulatory compliance concerns have forced companies to rethink how they handle security, productivity, and compliance.
|
By Jack Pitts
The Network and Information Security (NIS2) Directive’s deadline of October 17th has officially passed. Yet despite this deadline – and the strict penalties in place for non-compliance – nearly 66% of businesses operating in Europe have likely not implemented the necessary compliance controls (Veeam Software). Additionally, the majority of EU member states have yet to officially codify NIS2 standards into their national laws.
|
By Teleport
New updates to Teleport Policy enable security professionals to cut through the noise of alert fatigue, with "Crown Jewel" tagging and monitoring for access variances in critical resources.
|
By Noah Stride
We are living in the era of Kubernetes. It is hard to find anyone who has not heard of it and in all likelihood you are using it, too. And if you are using Kubernetes, it is probably also safe to assume that you areusing CI/CD to deploy your applications into it. However, as CI/CD and Kubernetes have grown in popularity, the number of bad actors looking to exploit weaknesses in them has grown too.
|
By Eddie Glenn
As modern organizations grow in size and complexity, managing secure access to computing infrastructure becomes a top priority. Teleport has introduced new features in Teleport Policy 16 aimed at making this easier and more efficient. With these enhancements, organizations can take a more proactive approach to security, ensuring better oversight and reducing potential risks.
|
By Jack Pitts
Teleport provides a secure and scalable solution for managing namespace separation in Kubernetes clusters, streamlining compliance, and enabling financial institutions to maintain both resiliency and agility. Kubernetes has rapidly evolved from a tech buzzword to an indispensable backbone of modern infrastructure in the financial services industry — redefining how institutions scale, secure, and deliver their most critical applications.
|
By Teleport
Join Sasha Klizhentas, CTO of Teleport, as he discusses the critical challenges in authorization and access control, and introduces an innovative approach using policy as code. Learn how this new methodology can help prevent misconfigurations that lead to data breaches, and see a live demo of Teleport's new policy as code features with Dave Sudia. In this talk, you'll discover.
|
By Teleport
Join a dynamic workshop session from Teleport Connect where users and team members collaborate to shape the future of Teleport. This interactive session captures real user feedback about current frustrations and desired features for 2025 and beyond, using a structured brainstorming approach with color-coded post-its and group discussions. In this session, you'll see: Key themes that emerged: Chapters.
|
By Teleport
Join Teleport's closing keynote for powerful insights on the evolving landscape of cybersecurity. Learn why identity attacks have become the predominant threat, how increasing technological complexity impacts human capabilities, and why unification of identity management is crucial for modern security. This talk explores the human element of security, the importance of breaking down silos, and the critical role security professionals play in driving organizational change. Perfect for security leaders, IT professionals, and anyone interested in understanding the future of infrastructure security.
|
By Teleport
Join Jason Shire (COO of Infusion Points) and George Tal (Secure Systems Architect) as they share valuable insights on implementing security compliance with Teleport. Learn why traditional DIY approaches to compliance often fall short and how Teleport can streamline your compliance journey, from FedRAMP to SOC 2. This talk covers practical solutions for common compliance challenges, including access controls, audit logging, session management, and FIPS requirements. Perfect for security professionals, compliance officers, and engineering teams looking to simplify their compliance implementations.
|
By Teleport
Francesco Arena, Senior Security Engineer at doyensec, as he dives deep into protecting your infrastructure against SSO identity provider compromises. Learn how to implement robust security measures in Teleport clusters, understand attack scenarios, and discover practical hardening strategies. This talk covers essential topics like MFA implementation, device trust features, and effective detection & response mechanisms. Perfect for security professionals and infrastructure engineers looking to strengthen their security posture against identity-based attacks.
|
By Teleport
Learn why identity-based attacks are now more common than malware attacks and discover practical strategies to secure your computing infrastructure. The talk covers the economics of cybersecurity, the impact of complexity on human error, and proven approaches to reduce your attack surface. With real data from industry surveys, learn how leading organizations are successfully preventing identity attacks through passwordless authentication, cryptographic identities, and infrastructure simplification.
|
By Teleport
As digital environments expand, the challenges of protecting critical infrastructure continue to grow. Join us in this insightful discussion as we dive into the complex landscape of cybersecurity. This video explores key industry trends, major threats to infrastructure, and actionable strategies for improving security.
|
By Teleport
Did you know that 3 out of 4 companies agree that securing infrastructure is becoming more challenging each year? As environments grow in complexity and cyber threats like identity-based attacks evolve, security teams face mounting pressure to keep systems safe without sacrificing productivity. In this video, we explore the parallels between dystopian themes in anime and the real-world challenges of cybersecurity.
|
By Teleport
This video shows how the new federation capability in the Workload Identity feature works in Teleport 17.
|
By Teleport
Join us for an insightful conversation with Joseph Menn, veteran cybersecurity reporter for the Washington Post and author of "Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World." In this closing keynote discussion, Menn shares his perspectives on the evolution of cybersecurity, exploring the complex relationship between technology advancement and security.
|
By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
|
By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
|
By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
|
By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
|
By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
- December 2024 (14)
- November 2024 (6)
- October 2024 (8)
- September 2024 (4)
- August 2024 (1)
- July 2024 (5)
- June 2024 (5)
- May 2024 (2)
- April 2024 (2)
- March 2024 (2)
- February 2024 (13)
- January 2024 (1)
- December 2023 (4)
- November 2023 (2)
- October 2023 (1)
- September 2023 (5)
- August 2023 (10)
- July 2023 (3)
- June 2023 (7)
- May 2023 (10)
- April 2023 (3)
- March 2023 (12)
- February 2023 (5)
- January 2023 (2)
- December 2022 (3)
- November 2022 (9)
- October 2022 (6)
- September 2022 (9)
- August 2022 (7)
- July 2022 (16)
- June 2022 (11)
- May 2022 (26)
- April 2022 (24)
- March 2022 (12)
- February 2022 (15)
- January 2022 (21)
- December 2021 (19)
- November 2021 (9)
- October 2021 (12)
- September 2021 (12)
- August 2021 (18)
- July 2021 (6)
- June 2021 (10)
- May 2021 (14)
- April 2021 (11)
- March 2021 (12)
- February 2021 (7)
- January 2021 (7)
- December 2020 (5)
- November 2020 (7)
- October 2020 (4)
- September 2020 (8)
- August 2020 (8)
- July 2020 (9)
- June 2020 (3)
- May 2020 (5)
- April 2020 (6)
- March 2020 (6)
- February 2020 (5)
- January 2020 (4)
- November 2019 (2)
- October 2019 (3)
- September 2019 (4)
- August 2019 (3)
- July 2019 (1)
- June 2019 (1)
- March 2019 (2)
- September 2018 (1)
- July 2018 (2)
Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.
Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.
Our products are open-source and based on open standards:
- Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
- Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
- Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.
Grow your business across many production environments without having to worry about the vendor lock-in.