Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2020

How I Found Myself in a Command Line vs. GUI Meeting

“Ev, do you have time later today to discuss the new web GUI for the command line terminal?” said the Slack message. It came from Alex, our user experience chief and the product in question is the SSH client. Part of me was worried. The command line environment had a sanctuary where I found peace and happiness away from the world of browser-based tools.

Webinar | Best Practices for SSH + Auditing w/ Panther | Gravitational | Gus Luxton | Jack Naglieri

In this webinar, Ev hosts a conversation with Gus Luxton, Gravitational DevOps Engineer, and Jack Naglieri, CEO of Panther Labs, about SSH, why certificate authorities are a must have, how to audit that activity, and what to do with those audit logs once you have them. Both Gus and Jack demo the open source platforms that they are working on Teleport, and Panther.

SSH vs. kubectl exec

Let’s have a look at two popular ways of opening remote shells: the good ol’ ssh and its modern counterpart, kubectl exec. Below, I will only look at the “kubectl exec” subcommand and its friends. kubectl itself is a swiss-army knife for all things Kubernetes. Comparing all of it to ssh is like comparing systemd to BSD init. Also, I will use “SSH” to mean “OpenSSH”, which is the de-facto standard for SSH protocol implementation.

How OIDC Authentication Works

Did you know that in the United States, the Social Security Number was never intended to become the defacto method for physical identification? On its surface, this may come as a shock given how ubiquitously SSNs are used for this exact reason, but looking beneath the surface, we find that SSNs are terrible forms of identification. Ignoring the security concerns of a nine digit numeric code, an SSN is not for universal identification.

Webinar | Best Practices for Auditing K8s | Gravitational | Ev Kontsevoy | Andrew Lytvynov

In this webinar, Ev and Andrew have a conversation about auditing kubernetes, what those logs might look like in a platform like Sumo Logic, and what added benefits one could receive from using a secure access tool like Teleport for audit logs and alerts.

Teleport 4.3 Demo | Privileged Access Management | SSH & Kubectl

In this video, we show the basic capabilities of Gravitational Teleport, an open-source Linux server for setting up infrastructure access via SSH or Kubernetes. Gravitational Teleport is a gateway for managing access to clusters of Linux servers via SSH or the Kubernetes API. Download Teleport Community here and try it for your self Check out our GitHub repo here If you want to ask any questions reach out here