Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Teleport 16

It’s that time again — for a brand new major release. Our team releases major versions of Teleport every 4 months. Here we introduce Teleport 16. This post goes into detail about Teleport 16 breaking changes, bug fixes and improvements. In Teleport 16, we focused on new features and enhancements to enable our customers to implement mitigations to protect against an IdP Compromise.

How To Detect Compromised Identities with Teleport

Our customers use Teleport to solve a wide range of problems: They access their infrastructure remotely without passwords or shared secrets, and replace shared credentials in CI/CD systems and workloads with mTLS. They eliminate the need for VPNs and enable Just-In-Time Access to web apps, cloud consoles, databases, and more.

Teleport Workload Identity

With Teleport 15.2, we’ve added a preview for Teleport Workload Identity. Teleport Workload Identity lets teams bootstrap and issue identities to services across heterogeneous environments and organizational boundaries. A core value of Teleport comes from having a central access platform, and we believe that humans and machine access need to join and access using the same zero-trust best practices.

Teleport Community Edition will restrict commercial usage starting with version 16

We open sourced Teleport in 2015 with a mission to secure access to infrastructure. It has since become a popular open source project with over 15,000 GitHub stars and is licensed under AGPLv3. We have been offering the stable releases of the Teleport Community Edition binaries and images distributed under the permissive Apache 2.0 license.

Teleport Starts Issuing CVEs

Teleport is an open source company. We develop in the open, including full disclosure of security issues in our changelogs and pull requests. We share our penetration tests and key compliance reports. Despite this, our communication to open source users and integration with automated security tooling needed improvement. We needed a standardized way to refer to our vulnerabilities so that when two people (or systems) talk about a vulnerability, they know they’re talking about the same thing.

2024 Predictions from Teleport CEO Ev Kontsevoy

In 2024, I hope to see significant growth and renewed optimism in the tech sector. Personally, I’m looking forward to the year ahead with positivity as Teleport enters an important period and a packed pipeline of significant enhancements to the platform. These capabilities are increasingly critical to a threat landscape that is centered on attacking identity and exploiting human behavior.

Is Santa an insider threat?

Is Santa an insider threat? He breaks into your home, consumes cookies, drinks milk/whisky and leaves a collection of items hidden behind highly decorated wrapping paper. Rumor has it that he can tell if you’re naughty or nice and is actively tracked by NORAD. Can we trust Santa with his elevated access? The answer is, of course, Yes, because we are all Santa. Santa is ultimate trusted Certificate Authority, entrusting intermediate trust to parents worldwide.