|
By Alan Parra
At Teleport we solve a wide range of problems: letting our customers access their infrastructure remotely without passwords or shared secrets, replacing shared credentials in CI/CD workloads with mTLS, and eliminating the need for VPNs to enable Just-In-Time Access to web apps, cloud consoles, databases, and more. Device trust was the last missing piece in replacing VPNs, as they offer a powerful feature letting customers pin access to specific networks.
With the rise of infrastructure complexity, organizations must improve their strategies to quickly investigate and mitigate unauthorized system access and internal identity threats. Teleport has already highlighted the importance of identity threat detection and response and introduced features to support security incident containment. This article builds on these ideas by presenting additional metrics to detect suspicious employee behavior and options for expanding detection capabilities.
|
By George Chamales
FedRAMP authorization can take years. The process is time-consuming, expensive and risky, requiring extensive human capital and dedicated technical resources from the initial project standup through continuous monitoring and compliance reporting before an Authorization To Operate (ATO) has been achieved. The Teleport Access Platform significantly reduces the time, cost and risk associated with FedRAMP compliance by addressing many of the most difficult FedRAMP control requirements.
|
By Ben Arent
It’s that time again — for a brand new major release. Our team releases major versions of Teleport every 4 months. Here we introduce Teleport 16. This post goes into detail about Teleport 16 breaking changes, bug fixes and improvements. In Teleport 16, we focused on new features and enhancements to enable our customers to implement mitigations to protect against an IdP Compromise.
Our customers use Teleport to solve a wide range of problems: They access their infrastructure remotely without passwords or shared secrets, and replace shared credentials in CI/CD systems and workloads with mTLS. They eliminate the need for VPNs and enable Just-In-Time Access to web apps, cloud consoles, databases, and more.
|
By Ben Arent
With Teleport 15.2, we’ve added a preview for Teleport Workload Identity. Teleport Workload Identity lets teams bootstrap and issue identities to services across heterogeneous environments and organizational boundaries. A core value of Teleport comes from having a central access platform, and we believe that humans and machine access need to join and access using the same zero-trust best practices.
|
By Alexander Klizhentas
We open sourced Teleport in 2015 with a mission to secure access to infrastructure. It has since become a popular open source project with over 15,000 GitHub stars and is licensed under AGPLv3. We have been offering the stable releases of the Teleport Community Edition binaries and images distributed under the permissive Apache 2.0 license.
Teleport is an open source company. We develop in the open, including full disclosure of security issues in our changelogs and pull requests. We share our penetration tests and key compliance reports. Despite this, our communication to open source users and integration with automated security tooling needed improvement. We needed a standardized way to refer to our vulnerabilities so that when two people (or systems) talk about a vulnerability, they know they’re talking about the same thing.
|
By Ev Kontsevoy
In 2024, I hope to see significant growth and renewed optimism in the tech sector. Personally, I’m looking forward to the year ahead with positivity as Teleport enters an important period and a packed pipeline of significant enhancements to the platform. These capabilities are increasingly critical to a threat landscape that is centered on attacking identity and exploiting human behavior.
|
By Ben Arent
It’s that time again — for a brand new major release. Our team releases major versions of Teleport every 4 months. This post goes into more detail about the release, breaking changes, bug fixes and improvements. We have received feedback that our shipping frequency can make it tricky to stay up to date with the latest upgrades.
|
By Teleport
Join us for an in-depth look at the latest release of Teleport. Teleport 16 introduces several powerful new features that further advance its capabilities in defending against identity provider compromise. In this webinar, we will explore how Teleport 16 enhances security and simplifies secure infrastructure access through: Teleport Access: Teleport Identity: Teleport Policy.
|
By Teleport
Simplify Secure Access with Teleport VNet! Discover how Teleport VNet revolutionizes connecting to TCP applications through Teleport. This video guide walks you through: What is VNet and how it works Setting up VNet on macOS using Teleport Connect Connecting to TCP apps seamlessly Using VNet with tsh command-line tool Troubleshooting tips and best practices Learn how VNet automatically proxies connections, enhancing security without compromising ease of use. Perfect for DevOps, sysadmins, and anyone working with remote TCP applications.
|
By Teleport
In an era where Identity Providers (IdPs) have become prime targets for cyber attackers, relying solely on single sign-on (SSO) authentication can leave organizations vulnerable to various sophisticated threats such as social engineering, credential stuffing, and session hijacking. Join us for an in-depth webinar to explore how Teleport is redefining infrastructure security strategies that protect infrastructure even in the event of identity provider compromise.
|
By Teleport
FedRAMP compliance is notoriously challenging, but it doesn't have to derail your DevOps flow or tech stack. Discover how Teleport’s robust infrastructure access and security platform addresses some of the toughest questions and hurdles in the FedRAMP process, empowering engineering, compliance, and security leaders to implement and enforce security controls seamlessly.
|
By Teleport
With threat actors able to breach and pivot to sensitive resources in less than 62 minutes, the security of your infrastructure depends on the ability to quickly identify who has access to what. This webinar introduces infrastructure professionals to Teleport Policy, the most recent addition to the Teleport Access Platform. Teleport Policy provides a visually rich view of access relationships and the tools to quickly uncover and remediate long-standing privileges and shadow or risky access paths.
|
By Teleport
Teleport Access Platform generates cryptographic identity for users, machines, devices, and resources, creating a single source of truth for what users and machines are accessing what in your modern infrastructure. Now, engineers will be able to generate identity specific to workloads and services, enabling your full modern infrastructure stack to operate with zero trust authentication.
|
By Teleport
Implementing and scaling privileged access in modern computing environments generates new challenges for security and engineering productivity. Modern computing architectures are ephemeral, elastic, on-demand, and complex. This webinar delves into the challenges faced by platform engineering and infrastructure teams when enabling secure access in these environments.
|
By Teleport
Join us for an insightful webinar featuring IAM analyst Jack Poller and Teleport CEO Ev Kontsevoy as they delve into the nuances of privilege management and the paradigm shift towards a secretless, zero trust, least privileged architecture for engineers accessing cloud and on-premises compute infrastructure.
|
By Teleport
SSH connection resumption Teleport v15 introduces automatic SSH connection resumption if the network path between the client and the Teleport node is interrupted due to connectivity issues, and transparent connection migration if the control plane is gracefully upgraded. The feature is active by default when a v15 client (tsh, OpenSSH or PuTTY configured by tsh config, or Teleport Connect) connects to a v15 Teleport node.
|
By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
|
By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
|
By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
|
By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
|
By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
- July 2024 (5)
- June 2024 (5)
- May 2024 (2)
- April 2024 (2)
- March 2024 (2)
- February 2024 (13)
- January 2024 (1)
- December 2023 (4)
- November 2023 (2)
- October 2023 (1)
- September 2023 (5)
- August 2023 (10)
- July 2023 (3)
- June 2023 (7)
- May 2023 (10)
- April 2023 (3)
- March 2023 (12)
- February 2023 (5)
- January 2023 (2)
- December 2022 (3)
- November 2022 (9)
- October 2022 (6)
- September 2022 (9)
- August 2022 (7)
- July 2022 (16)
- June 2022 (11)
- May 2022 (26)
- April 2022 (24)
- March 2022 (12)
- February 2022 (15)
- January 2022 (21)
- December 2021 (19)
- November 2021 (9)
- October 2021 (12)
- September 2021 (12)
- August 2021 (18)
- July 2021 (6)
- June 2021 (10)
- May 2021 (14)
- April 2021 (11)
- March 2021 (12)
- February 2021 (7)
- January 2021 (7)
- December 2020 (5)
- November 2020 (7)
- October 2020 (4)
- September 2020 (8)
- August 2020 (8)
- July 2020 (9)
- June 2020 (3)
- May 2020 (5)
- April 2020 (6)
- March 2020 (6)
- February 2020 (5)
- January 2020 (4)
- November 2019 (2)
- October 2019 (3)
- September 2019 (4)
- August 2019 (3)
- July 2019 (1)
- June 2019 (1)
- March 2019 (2)
- September 2018 (1)
- July 2018 (2)
Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.
Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.
Our products are open-source and based on open standards:
- Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
- Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
- Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.
Grow your business across many production environments without having to worry about the vendor lock-in.