Many businesses use virtual private networks (VPNs) to provide secure remote access to their systems, but this has increasingly become a liability as more people switch to remote work. The greater demands placed on VPNs to offer safe access can expose organizations and employees to security vulnerabilities. In order to better protect their data and systems, organizations may need to seek alternatives to VPNs.

The first Kubernetes release of 2022 will be released on May 3rd. The new release, version 1.24, is full of enhancements, new features, and bug fixes. We’ve written this post so you can adjust your Kubernetes resources, update infrastructure, and smoothly migrate to the new version. We’ve also grouped the changes with their respective Special Interest Groups (SIGs), so that you can focus on the interrelated topics at once.

Bearer is a Static Application Security Testing (SAST) tool that enables security and engineering teams to identify and mitigate data security risks throughout the software development lifecycle. It integrates with Source Code Management (SCM) software (see Git repository integrations for more details) to scan your code repositories, discover and classify data flows, and detect gaps with your data security policy.

This blog is Part IV in a series about identity-based access management of AWS resources. In Part I, we covered how to use OSS Teleport to access Amazon EC2 instances running in private subnets. Part II explained implementing identity-based access via SSO integration with Okta. Part III covered the steps to configure privilege escalation for just-in-time access requests. In Part IV, we will guide you through the steps to configure SSH session recording and auditing.

Organizations today are embracing cloud-native technologies to increase time-to-market, scalability and cost savings. A big part of the cloud-native transition is moving legacy systems and architectures to the cloud. With this comes both complexity and new risks because modern applications are often composed of dozens of microservices, housed in containers and hosted on immutable, dynamically scaling platforms like Kubernetes.

DevOps has been the methodology of choice among developers for over a decade. No doubt, it’s proven its efficiency and ability to speed up processes while uniting teams by promoting open communication and shared responsibility. But will GitOps steal the spotlight? We’re exploring the answer in today’s post by looking at these two methodologies’ similarities and differences, advantages, and limitations.

As Synk announces its support of unmanaged dependencies (mostly C/C++ libraries), we thought it would be beneficial to introduce our non-C community to some common, high-risk dangers that lurk in the C world (get it?). Think of this as a “beginners guide” to C and C++ vulnerabilities, how they look, what problems they may cause, and how to fix them.

Our team has more than a decade of experience in server hardening. We’ll help you determine the right policy to achieve maximum compliance with minimal efforts.

As part of our Teleport 9 release, we added support for three more databases: Redis, MariaDB, and Microsoft SQL Server. In this post we’ll cover the steps needed to protect your Redis instance using Teleport Database Access. Teleport Database Access allows you to easily secure your databases using security best practices such as identity-based SSO, short-lived certificates for engineers or service accounts, multi-factor authentication, RBAC, and audit of all access and queries.