Teleport

Oakland, CA, USA
2015
  |  By Mike Jensen and Walt Della
Teleport is an open source company. We develop in the open, including full disclosure of security issues in our changelogs and pull requests. We share our penetration tests and key compliance reports. Despite this, our communication to open source users and integration with automated security tooling needed improvement. We needed a standardized way to refer to our vulnerabilities so that when two people (or systems) talk about a vulnerability, they know they’re talking about the same thing.
  |  By Ev Kontsevoy
In 2024, I hope to see significant growth and renewed optimism in the tech sector. Personally, I’m looking forward to the year ahead with positivity as Teleport enters an important period and a packed pipeline of significant enhancements to the platform. These capabilities are increasingly critical to a threat landscape that is centered on attacking identity and exploiting human behavior.
  |  By Ben Arent
It’s that time again — for a brand new major release. Our team releases major versions of Teleport every 4 months. This post goes into more detail about the release, breaking changes, bug fixes and improvements. We have received feedback that our shipping frequency can make it tricky to stay up to date with the latest upgrades.
  |  By Ben Arent
Is Santa an insider threat? He breaks into your home, consumes cookies, drinks milk/whisky and leaves a collection of items hidden behind highly decorated wrapping paper. Rumor has it that he can tell if you’re naughty or nice and is actively tracked by NORAD. Can we trust Santa with his elevated access? The answer is, of course, Yes, because we are all Santa. Santa is ultimate trusted Certificate Authority, entrusting intermediate trust to parents worldwide.
  |  By Marco Dinis
Amazon EC2 is the most popular cloud computing environment and powers a great part of the Internet. Accessing EC2 Instances is done using SSH, which typically involves generating and managing SSH Keys. This is not easy when you have a large fleet/team.
  |  By Alexander Klizhentas
We began working on Teleport with a vision to make trusted computing a reality for everyone, even for people without large budgets. That’s why we open sourced Teleport in 2015. Achieving this lofty goal takes a lot of work, which in turn requires capital. That is why we founded Teleport as a company and started to offer premium features required by enterprises. Thus, we must strike a delicate balance between benefiting the community and succeeding as a business.
  |  By Ben Arent
Once again it’s time for everyone’s favorite announcement: a brand new Teleport release! This release marks version 14 of Teleport and is packed with features, including a UI makeover. Let’s dive in! Teleport 14 brings the following new major features and improvements: Below are a few highlights: In addition, this release includes several changes that affect existing functionality listed in the “Breaking changes” section below.
  |  By Zac Bergquist
Today’s remote desktop protocol (RDP) clients don’t do enough to promote a strong security posture. They default to weak password-based authentication, leaving Windows infrastructure vulnerable to brute force attacks, and assume a direct connection to a well-known port is available. At Teleport we’re a bit bonkers about always trying to build the most secure solution, so we set out to do something different.
  |  By Tim Ross
At Teleport we provide secure access to our customers’ infrastructure adding passwordless SSO, session recording and audit for every connection. Every day our customers login into their clusters and connect to their infrastructure. We weren’t happy with how long it took ssh to establish connections to target hosts when going through Teleport proxy.
  |  By Ben Arent
Hello Teleport Community, Our team has just returned from Hacker Summer Camp (bSides Las Vegas, Blackhat and DEFCON). I met many customers, OSS users, hackers and security engineers at bSides. I had lots of great conversations at the bSides, and it was good to chat with both red and blue teams. This month’s newsletter is a review of some of my conversations from the week.
  |  By Teleport
A live-round table with Ben Arent, Eddie Wassef, and Hunter Madison about trends and themes for 2024.
  |  By Teleport
Are you using multiple AWS accounts to separate your environments like many of the engineering teams we work with? If you are, you may be looking for a better way to access those accounts. Join us for a session, in which Nivathan Somasundharam, Implementation Engineer at Teleport, and Ashok Mahajan, Senior Partner SA at AWS, discuss some common challenges that arise when using multiple AWS accounts to separate cloud environments and how to use Teleport to solve these issues. Some of the most common issues people face include.
  |  By Teleport
This Month’s Hot Take: Five renowned experts from the Kubernetes community - Kat Cosgrove, Divya Mohan, Frederick Kautz, Chris Short, and Kunal Kushwaha - will be discussing how human-error is the most significant threat to the security of your infrastructure, NOT hackers and ransomware.
  |  By Teleport
Identity Governance & Security: Protect identities across all of your infrastructure with Teleport Eliminate weak access patterns through access monitoring, minimize attack surface with access requests and purge unused permissions via mandatory access reviews.
  |  By Teleport
This webinar is a deep dive into Teleport’s new Audit Log capability, dashboard, and refreshed unified resource UI. Teleport 14 introduces a new audit log backend that provides unrivaled visibility into all activity on a cluster. Allow teams to translate infrastructure audits into faster insights and actions, thus helping them make informed access decisions, support downstream SIEMs, and log consolidation tools.
  |  By Teleport
The Amazon Relational Database Service (RDS) is one of the most popular AWS services, making it simple to set up, operate, and scale databases in the cloud. As these databases often hold sensitive data, implementing secure access is often one of the first security challenges cloud engineering teams must solve.
  |  By Teleport
The Teleport SAML identity provider allows Teleport users to authenticate and authorize to external applications, both inside and outside of Teleport, that support SAML Single Sign-On. In this video, we'll show you how to set it up with Jenkins.
  |  By Teleport
Explore the future of secure SSH with Teleport's demo. Dive into features like Single Sign-On, session recording, and RBAC, integrated seamlessly with platforms like Amazon, Azure, and more. Hear testimonials from industry giants like Nasdaq and Carta. Experience security redefined.
  |  By Teleport
In today's increasingly remote-first business landscape, secure and efficient access to Windows desktops and servers has become more crucial than ever. Join us in this illuminating webinar as we navigate the evolving patterns and practices of remote access, and how to optimally safeguard your Windows Servers. We will spotlight common access patterns, detailing the do's and don'ts for ensuring secure access.
  |  By Teleport
The rapidly changing digital landscape requires dynamic and robust security strategies. In this webinar, we delve into cybersecurity strategies and tools necessary to secure your internal web applications (admin control panels, internal dashboards, CRMs, and more).
  |  By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
  |  By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
  |  By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
  |  By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
  |  By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.

Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.

Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.

Our products are open-source and based on open standards:

  • Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
  • Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
  • Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.

Grow your business across many production environments without having to worry about the vendor lock-in.