A relatively new way of strengthening your software supply chain security is to apply Supply Chain Levels for Software Artifacts (SLSA) in tandem with other tools such as software bills of materials (SBOMs), software composition analysis (SCA) for open source, and static application security testing (SAST) for proprietary code. Let’s take a look at what SLSA is and how its different levels work.

Scanning containers’ images is not enough, pinpointing the CVEs that impact your security posture is key. Public images are a key component of the cloud-native ecosystem. Also known as container images, they are pre-built and publicly available software packages that contain all the necessary dependencies and configurations for an application to run in a containerized environment.

The recent release of Teleport 13 brings a much-anticipated feature allowing Teleport agents and Teleport Kubernetes Agents to be updated automatically. In this blog post, we'll look at why that's so important as well as how automatic agent updates work.

Discover how to enhance the security of your container registries using honeytokens. Learn the steps to secure Docker Registry, GitHub Container Registry, and GitLab Container Registry with honeytokens. Strengthen your DevOps pipeline and protect your valuable assets.

So many things seem like a good idea at the time. The Red Sox selling Babe Ruth to the Yankees. Decca Records rejecting The Beatles. “New” Coca-Cola. Blockbuster passing on buying Netflix. The formation of Nickelback. Just popping into Ikea for a “quick” look around. Of course, we know differently. And the same can be said about copying and pasting code.

IIS server, Microsoft’s Windows web server is one of the most used web server platforms on the internet. IIS 10 hardening according to the IIS CIS benchmarks is essential for preventing cyber-attacks and achieving CIS compliance. Common breaches happen by using IIS unsecured server protocols and configurations, such as SMB and TLS/SSL. The IIS default configurations is not recommended to use and should be changed to meet the IIS CIS benchmarks requirements.

DevOps teams are one of the most essential links in the software development chain. It seems like they have a hand in everything that takes place in your CI/CD pipeline, from designing and building new environments to managing and testing existing configurations. It’s no wonder that 40% of DevOps engineers report work related stress, many of them feeling their skills are insufficient. But are they missing the required skills, or do they need the right tools to make DevOps work more manageable?

In this blog post, we’ll cover how to transfer files from one server to another. At Teleport we’ve covered the progression of technology used to transfer files — from SCP - Familiar, Simple, Insecure, and Slow to using SFTP. In this blog post, we’ll show you how to transfer files using Secure Copy Protocol (SCP) in 2023, which under the hood is actually SFTP, OpenSSH & open-source Teleport changed the underlying technology in OpenSSH 9 and Teleport 11.