Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Teleport 10.3 was released on September 30, 2022 along with a lot of new features, bug fixes and improvements. This blog post will focus on one new feature that deserves a deeper dive.

JSON web tokens (JWTs) are an open standard for securely transmitting data as a JSON object between parties in a compact and self-contained format. Knowledge of JWTs is important because most modern systems and tools use them for secure, efficient and scalable authorization. Knowing about JWTs will also help you understand how third-party integrations with other software work.

Support for Microsoft SQL Server was added in our Teleport 9 release, along with support for Redis and MariaDB. In this post, we'll specifically be looking at Microsoft SQL Server and will cover how to connect to it remotely using Teleport. Before we get into the steps of accessing SQL Server with Teleport, let's briefly go over a few recommended security postures with SQL Server and how Teleport actually helps to implement them.

Remote Desktop Protocol (RDP) is a protocol developed by Microsoft which at its core is designed to give users a graphical interface to a remote Windows computer over a network connection. The remote Windows machine runs an RDP server, while the local computer accessing it runs an RDP client. Windows comes bundled with Microsoft's Remote Desktop Connection to easily access Windows hosts over RDP.

According to a recent Gartner study, the fast pace of change across technologies, organizational priorities, business opportunities and risks requires identity and access management architectures to be more flexible. As digital business relies on digital trust, security and identity are — more than ever — an essential foundation of an organization’s business ecosystem.

Teleport 10.2 was released on September 6th along with a lot of new features, bug fixes and improvements. This blog post will focus on two new features that deserve a deeper dive.

Whether it's password or passwordless authentication, multi-factor authentication, or any of the other identity verification shenanigans, in the end, our identity is deduced to a single session cookie! We can't deny the security importance of session cookies in web application access control.

None of us want to look into a production audit system, as this most likely happens after a security breach or a security incident. Over the years, people have come up with many ideas to see what applications are doing. Almost all databases keep event logs to prevent data loss. Systems such as Kubernetes generate events for every action, and applications that probably run in your production also implement some structured logging for the same reason. But what can we do if all of that is not enough?

Over the last decade, enterprises have accelerated the adoption of the cloud. According to the State of the Cloud report by Flexera, the average annual spend on cloud computing is over $62 million. As enterprises continue to invest in the cloud, AWS, the market leader in cloud computing, is growing at a rapid pace. The rise of cloud computing poses new challenges to enterprise IT. With each department migrating and managing their workloads in AWS, there is a proliferation of accounts, users and roles.

Picture this: unfortunately you had to let one of your engineers go. No matter how many times you tried to tell them, after countless interventions and meetings with the engineering lead, they simply wouldn’t stop using tabs instead of spaces. An absolutely unforgivable offense. A few weeks later, suddenly your production Snowflake database is wiped out. You log on to assess the damages and you check the SNOWFLAKE.ACCOUNT_USAGE.QUERY_HISTORY for every user in the system.