Oakland, CA, USA
Aug 11, 2022   |  By Kenneth DuMez
Picture this: unfortunately you had to let one of your engineers go. No matter how many times you tried to tell them, after countless interventions and meetings with the engineering lead, they simply wouldn’t stop using tabs instead of spaces. An absolutely unforgivable offense. A few weeks later, suddenly your production Snowflake database is wiped out. You log on to assess the damages and you check the SNOWFLAKE.ACCOUNT_USAGE.QUERY_HISTORY for every user in the system.
Aug 4, 2022   |  By Alan Parra
Passwordless is a form of authentication that doesn't require users to provide passwords during login. That much you could glimpse from the name, but how does it work? What are its trade-offs? This blog post will do its best to explain to you how passwordless can be implemented using modern technologies such as Web Authentication (WebAuthn), while at the same time providing better user experience and security than the traditional password-based approach.
Aug 2, 2022   |  By Sakshyam Shah
As software companies grow, they start to see exponential growth in resources needed to support the business. A startup can quickly go from a few servers and a handful of databases to a sea of Kubernetes clusters. Managing access to all of these resources comes with a myriad of problems. One problem at scale is deciding who can access what resources and how to provide relevant access to those resources on-demand.
Aug 2, 2022   |  By Kainaat Arshad
Redis is an in-memory data store that stores data in key-value pairs. It’s primarily used as a cache for quick data access, as a database, and as a message broker. Redis doesn’t have a default authentication setup in place exposing it to security vulnerabilities, which if exploited could potentially affect the infrastructure of the entire organization. These security vulnerabilities are what make securing your Redis database so important.
Jul 28, 2022   |  By Sasha Klizhentas
Passwords and other shared secrets are the number one cause of data breaches. The security risks of passwords is widely recognized in the consumer space with the leading tech companies (and competitors) including Microsoft, Google, Apple joining together to create the FIDO Alliance to reduce the over-reliance on passwords. With FIDO, passwords are replaced with more secure, and easier to use biometric and cryptographic authentication.
Jul 27, 2022   |  By Sakshyam Shah
This post introduces all the features released in Teleport 10. Teleport 10 includes version 10.0, 10.1, 10.2 and 10.3. You can always find an up-to-date status of Teleport releases in our docs. Teleport 10 is the biggest release so far in the history of Teleport in terms of feature sets. Before we dive into all the Teleport 10 features, let me first introduce you to...
Jul 27, 2022   |  By Ev Kontsevoy
A password is a secret, and a secret can be lost, stolen or traded on dark web marketplaces. Most engineers know this, that’s why every SSH tutorial begins with the instructions for disabling passwords and enabling private/public key pairs. But a private key is just another form of a secret. In this article, I will try to explain why all forms of secrets are bad for you.
Jul 25, 2022   |  By Ben Arent
Many databases were born over 25 years ago, back in the unadulterated times of LAN parties and IRC. SSL was just for banks and sending unencrypted database traffic accounts was just how you did things. When databases use unencrypted connections, it means someone with access to the network could watch all and inspect all database traffic.
Jul 25, 2022   |  By Ben Arent
In the first part of this blog post, we setup SSL/TLS for a MySQL database, using the built in self-signed certificates. The main problem using out of the box self-signed certificates is that clients can't verify that they're talking to the right database host, and it's not possible to verify the certificate chain. In this post we'll cover upgrading the client connection to VERIFY_IDENTITY and how to use Machine ID to continuously renew certificates.
Jul 22, 2022   |  By Kainaat Arshad
Microsoft SQL Server is a popular relational database management system created and maintained by Microsoft. It’s effective in numerous use cases: storage and retrieval of data as part of a DBMS, transaction processing and analytics applications. However, there are some essential measures you must take to protect your database from cybercriminals and security breaches, as the default security settings are relatively insufficient to keep your database safe.
Jul 18, 2022   |  By Teleport
The global pandemic and push for remote work are putting companies’ IT infrastructures at greater risk than before. This risk grows as infrastructure is scaled, and more people gain access to highly sensitive data, such as access keys to a valuable password vault. Another vulnerability is the use of passwords since they can also be compromised. To overcome these risks and protect critical infrastructure, the implementation of a zero-trust access solution is needed. But how can we accomplish that without slowing down engineers or adding administrative overhead?
Jul 14, 2022   |  By Teleport

0:00 Intro

1:00 Architecture Overview

3:00 Single Sign On Integration

5:00 Teleport Server Access

7:00 tsh and session recordings

9:00 Teleport App Access

11:00 RBAC Mapping

12:05 Teleport K8s Access

15:00 Teleport DB Access

Jun 7, 2022   |  By Teleport
Teleport is the easiest, most secure way to access all your infrastructure.
Jun 2, 2022   |  By Teleport
Want to know how Teleport’s Access Plane technology replaces VPNs, shared credentials, and legacy privileged access management technologies, improving security and engineering productivity? Learn more about Teleport’s Certificate Authority and Access Plane for your infrastructure so you can: ➢ Set up single sign-on and have one place to access your SSH servers, Kubernetes, databases, Windows desktops, and web apps.➢ Use your favorite programming language to define access policies to your infrastructure.➢ Share and record interactive sessions across all environments.
May 27, 2022   |  By Teleport
As part of Teleport's webinar speaker series, Colin Wood gives a great demo on how to use Teleport to Secure SSH and Kubernetes access.
May 18, 2022   |  By Teleport

0:00 Introduction

0:21 Operating Support

1:25 Linux

1:29 Docker

1:51 Helm / Kubernetes

2:16 MacOs & Windows

Mar 5, 2020   |  By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
Mar 5, 2020   |  By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
Mar 1, 2020   |  By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
Feb 1, 2020   |  By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
Feb 1, 2020   |  By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.

Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.

Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.

Our products are open-source and based on open standards:

  • Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
  • Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
  • Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.

Grow your business across many production environments without having to worry about the vendor lock-in.