|
By Jack Pitts
Companies may scale their cloud resources in pursuit of product, cost, or process innovation. However, this does not come without a cost of its own. The resulting infrastructure complexity, created from a growing sprawl of access silos, can introduce friction into engineer and security workflows.
|
By Gavin Frazar
At Teleport we love modern infrastructure and open-source software, but don't like static credentials and passwords. This created a challenge for us when deploying Temporal, an open-source workflow automation software on EKS: Temporal always requires a password to authenticate to the backend RDS database. To solve this problem, we turned to Teleport Machine & Workload Identity.
|
By Eddie Glenn
As organizations have transitioned from legacy IT infrastructure to cloud-native, ephemeral modern infrastructure, the needs of how privileged access is handled have shifted, too. Modern infrastructure presents unique challenges that legacy Privileged Access Management (PAM) tools, originally architected for more static environments, weren’t designed to handle. In this post, we explore why characteristics of modern infrastructure require a modern approach to PAM.
Teleport's Database Access Controls (DAC) have always been designed to offer secure, auditable access to databases. But in today's rapidly evolving security landscape, simply having access controls isn't enough. Organizations need more granular control, better visibility, and seamless integration with existing security policies. This post explores how Teleport's latest features—object-level permissions and Teleport Policy integration—address these needs.
|
By Jack Pitts
89% of organizations suffered at least one security incident in the past three years, according to The 2024 State of Secure Infrastructure Access, a new survey of 250 security and engineering leaders. The rise of cloud computing, the surge of identity-based attacks, and increasing regulatory compliance concerns have forced companies to rethink how they handle security, productivity, and compliance.
|
By Jack Pitts
The Network and Information Security (NIS2) Directive’s deadline of October 17th has officially passed. Yet despite this deadline – and the strict penalties in place for non-compliance – nearly 66% of businesses operating in Europe have likely not implemented the necessary compliance controls (Veeam Software). Additionally, the majority of EU member states have yet to officially codify NIS2 standards into their national laws.
|
By Teleport
New updates to Teleport Policy enable security professionals to cut through the noise of alert fatigue, with "Crown Jewel" tagging and monitoring for access variances in critical resources.
|
By Noah Stride
We are living in the era of Kubernetes. It is hard to find anyone who has not heard of it and in all likelihood you are using it, too. And if you are using Kubernetes, it is probably also safe to assume that you areusing CI/CD to deploy your applications into it. However, as CI/CD and Kubernetes have grown in popularity, the number of bad actors looking to exploit weaknesses in them has grown too.
|
By Eddie Glenn
As modern organizations grow in size and complexity, managing secure access to computing infrastructure becomes a top priority. Teleport has introduced new features in Teleport Policy 16 aimed at making this easier and more efficient. With these enhancements, organizations can take a more proactive approach to security, ensuring better oversight and reducing potential risks.
|
By Jack Pitts
Teleport provides a secure and scalable solution for managing namespace separation in Kubernetes clusters, streamlining compliance, and enabling financial institutions to maintain both resiliency and agility. Kubernetes has rapidly evolved from a tech buzzword to an indispensable backbone of modern infrastructure in the financial services industry — redefining how institutions scale, secure, and deliver their most critical applications.
|
By Teleport
The complexity and scale of computing infrastructure has exploded in recent years. In larger organizations, managing access, identities, and policies for people and machines to securely access diverse infrastructure resources – such as physical machines and servers, clouds, software apps, services, APIs – is a daunting task. The larger the organization, the more costly and difficult it becomes to wrangle the complexity of this infrastructure in a way that is secure, efficient, and resilient.
|
By Teleport
This video walks through how to setup the Teleport Terraform provider for use with HCP Terraform or self-hosted Terraform Enterprise, a new feature in Teleport 17.
|
By Teleport
See how to set up the Datadog Integration for Access Requests, new in Teleport 17. Notify the right team members immediately through Datadog incidents so users can get just-in-time access to critical resources.
|
By Teleport
A huge THANK YOU to everyone who stopped by our booth at hashtag#KubeCon + hashtag#CloudNativeCon in Salt Lake City From building our signature purple booth to delivering hands-on demos, spinning the prize wheel, taking pictures with PAM, and connecting with all of you—it was an unforgettable week!
|
By Teleport
Did you know that 3 out of 4 enterprises say that securing access to infrastructure is getting more difficult each year? As environments grow more complex and identity-based attacks evolve, security and IT teams are feeling the strain, all while developer productivity is impacted. The 2024 State of Secure Infrastructure Access report dives into these challenges and reveals critical insights in access control practices, their effectiveness, and the significant gaps between top-performing organizations and security novices.
|
By Teleport
Intel's CTO on Navigating Cybersecurity, AI, and the Edge Governing the Future: Federal Cybersecurity in the Age of Edge and AI In this episode of the "Trusted Tech for Critical Missions" podcast, host Ben Arent interviews Steve Orrin, Chief Technology Officer at Intel Federal, about the evolving landscape of federal cybersecurity in the age of edge computing and artificial intelligence. Key Takeaways.
|
By Teleport
Cloud-Native SIEM: Scaling Security for the Modern Era Key Takeaways: Detection-as-code offers improved governance, collaboration, and scalability Start with a clear understanding of critical threats to your organization Balance comprehensive monitoring with intentional, focused alerts Consider cloud-native SIEM solutions for cost-effectiveness and scalability Regularly review and update security playbooks and runbooks.
|
By Teleport
Organizations often find that as they deploy their K8S infrastructure into production and across their company, what worked well for managing access during development does not scale efficiently. Research shows that this often leads to serious security risks including breaches. So, new access challenges emerge, particularly as teams scale. Join us for a 30-minute deep dive into how to secure access to Kubernetes-based environments including clusters, databases, and applications in a scalable way.
|
By Teleport
Identity Platforms (IdP) provide organizations with incredible convenience with Single Sign-On (SSO). However, if IdPs are compromised, the ‘keys to the castle’ can be left vulnerable, making the rest of the organization’s infrastructure vulnerable as well.
|
By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
|
By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
|
By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
|
By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
|
By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
- December 2024 (3)
- November 2024 (6)
- October 2024 (8)
- September 2024 (4)
- August 2024 (1)
- July 2024 (5)
- June 2024 (5)
- May 2024 (2)
- April 2024 (2)
- March 2024 (2)
- February 2024 (13)
- January 2024 (1)
- December 2023 (4)
- November 2023 (2)
- October 2023 (1)
- September 2023 (5)
- August 2023 (10)
- July 2023 (3)
- June 2023 (7)
- May 2023 (10)
- April 2023 (3)
- March 2023 (12)
- February 2023 (5)
- January 2023 (2)
- December 2022 (3)
- November 2022 (9)
- October 2022 (6)
- September 2022 (9)
- August 2022 (7)
- July 2022 (16)
- June 2022 (11)
- May 2022 (26)
- April 2022 (24)
- March 2022 (12)
- February 2022 (15)
- January 2022 (21)
- December 2021 (19)
- November 2021 (9)
- October 2021 (12)
- September 2021 (12)
- August 2021 (18)
- July 2021 (6)
- June 2021 (10)
- May 2021 (14)
- April 2021 (11)
- March 2021 (12)
- February 2021 (7)
- January 2021 (7)
- December 2020 (5)
- November 2020 (7)
- October 2020 (4)
- September 2020 (8)
- August 2020 (8)
- July 2020 (9)
- June 2020 (3)
- May 2020 (5)
- April 2020 (6)
- March 2020 (6)
- February 2020 (5)
- January 2020 (4)
- November 2019 (2)
- October 2019 (3)
- September 2019 (4)
- August 2019 (3)
- July 2019 (1)
- June 2019 (1)
- March 2019 (2)
- September 2018 (1)
- July 2018 (2)
Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.
Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.
Our products are open-source and based on open standards:
- Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
- Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
- Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.
Grow your business across many production environments without having to worry about the vendor lock-in.