|
By Jack Pitts
The Digital Operational Resilience Act (DORA) comes into full effect on January 17, 2025. This deadline marks a monumental shift in how financial institutions and their technology providers prioritize and maintain operational resilience and cybersecurity standards – and sets in stone real business and regulatory consequences to ensure resilience is achieved. And like any sweeping security regulation, organizations must embark on an uphill journey to earn full compliance.
|
By Eddie Glenn
The explosive growth of computing infrastructure has ushered in a new era of complexity for engineering, infrastructure, and security teams. Managing access, identities, and policies across thousands—or even tens of thousands—of resources such as physical servers, multi-cloud platforms, and web apps is no small feat in itself.
|
By Ben Arent
Teleport 17 marks our final major release of the year, bringing significant enhancements to our platform. In the six months since Teleport 16, we've not only developed this major release but also introduced several valuable features through minor and patch updates. A core theme for this release is scalable, secure, and resilient infrastructure access. This starts with our expanded focus on AWS Access. Teleport 17 includes preview support for AWS IAM Identity Center.
|
By Ev Kontsevoy
The AI hype cycle is in full swing, and “AI” has become the latest buzzword getting attention in boardrooms. Hyperscalers like Salesforce, Microsoft, and Google are racing to make agentic AI, that is AI that can operate independently of human intervention, available to the wider public. There is broad commercial support for it: 82% of executives surveyed by Capgemini plan to implement AI agents within the next three years.
|
By Ben Arent
It’s been a year since we debated if Santa is an insider threat. For this festive newsletter, I’m going to be following up with how to wrangle in the elves. Historically Santa elves are known for their workshop skills, putting together cute wood toys and sewing holiday stockings. Fast forward to the 21st century and the skills required to be a modern elf have exploded.
|
By Jack Pitts
Companies may scale their cloud resources in pursuit of product, cost, or process innovation. However, this does not come without a cost of its own. The resulting infrastructure complexity, created from a growing sprawl of access silos, can introduce friction into engineer and security workflows.
|
By Gavin Frazar
At Teleport we love modern infrastructure and open-source software, but don't like static credentials and passwords. This created a challenge for us when deploying Temporal, an open-source workflow automation software on EKS: Temporal always requires a password to authenticate to the backend RDS database. To solve this problem, we turned to Teleport Machine & Workload Identity.
|
By Eddie Glenn
As organizations have transitioned from legacy IT infrastructure to cloud-native, ephemeral modern infrastructure, the needs of how privileged access is handled have shifted, too. Modern infrastructure presents unique challenges that legacy Privileged Access Management (PAM) tools, originally architected for more static environments, weren’t designed to handle. In this post, we explore why characteristics of modern infrastructure require a modern approach to PAM.
Teleport's Database Access Controls (DAC) have always been designed to offer secure, auditable access to databases. But in today's rapidly evolving security landscape, simply having access controls isn't enough. Organizations need more granular control, better visibility, and seamless integration with existing security policies. This post explores how Teleport's latest features—object-level permissions and Teleport Policy integration—address these needs.
|
By Jack Pitts
89% of organizations suffered at least one security incident in the past three years, according to The 2024 State of Secure Infrastructure Access, a new survey of 250 security and engineering leaders. The rise of cloud computing, the surge of identity-based attacks, and increasing regulatory compliance concerns have forced companies to rethink how they handle security, productivity, and compliance.
|
By Teleport
Unshackling Productivity, Access Control for Modern DevOps in Three Acts - Engineers hate security processes that throw off their rhythm. As modern, ephemeral, and highly scalable infrastructure becomes the norm, your engineers feel the pain more acutely. They need fast, frequent, and secure access to the resources they need when they need it. This webinar explores the bottlenecks created by applying legacy access controls to modern infrastructure and illustrates three case studies of how real-world companies broke through the access barriers to make their engineers happier and more productive.
|
By Teleport
Join Sasha Klizhentas, CTO of Teleport, as he discusses the critical challenges in authorization and access control, and introduces an innovative approach using policy as code. Learn how this new methodology can help prevent misconfigurations that lead to data breaches, and see a live demo of Teleport's new policy as code features with Dave Sudia. In this talk, you'll discover.
|
By Teleport
Join a dynamic workshop session from Teleport Connect where users and team members collaborate to shape the future of Teleport. This interactive session captures real user feedback about current frustrations and desired features for 2025 and beyond, using a structured brainstorming approach with color-coded post-its and group discussions. In this session, you'll see: Key themes that emerged: Chapters.
|
By Teleport
Francesco Arena, Senior Security Engineer at doyensec, as he dives deep into protecting your infrastructure against SSO identity provider compromises. Learn how to implement robust security measures in Teleport clusters, understand attack scenarios, and discover practical hardening strategies. This talk covers essential topics like MFA implementation, device trust features, and effective detection & response mechanisms. Perfect for security professionals and infrastructure engineers looking to strengthen their security posture against identity-based attacks.
|
By Teleport
Learn why identity-based attacks are now more common than malware attacks and discover practical strategies to secure your computing infrastructure. The talk covers the economics of cybersecurity, the impact of complexity on human error, and proven approaches to reduce your attack surface. With real data from industry surveys, learn how leading organizations are successfully preventing identity attacks through passwordless authentication, cryptographic identities, and infrastructure simplification.
|
By Teleport
Join Teleport's closing keynote for powerful insights on the evolving landscape of cybersecurity. Learn why identity attacks have become the predominant threat, how increasing technological complexity impacts human capabilities, and why unification of identity management is crucial for modern security. This talk explores the human element of security, the importance of breaking down silos, and the critical role security professionals play in driving organizational change. Perfect for security leaders, IT professionals, and anyone interested in understanding the future of infrastructure security.
|
By Teleport
Join Jason Shire (COO of Infusion Points) and George Tal (Secure Systems Architect) as they share valuable insights on implementing security compliance with Teleport. Learn why traditional DIY approaches to compliance often fall short and how Teleport can streamline your compliance journey, from FedRAMP to SOC 2. This talk covers practical solutions for common compliance challenges, including access controls, audit logging, session management, and FIPS requirements. Perfect for security professionals, compliance officers, and engineering teams looking to simplify their compliance implementations.
|
By Teleport
Join us for an insightful conversation with Joseph Menn, veteran cybersecurity reporter for the Washington Post and author of "Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World." In this closing keynote discussion, Menn shares his perspectives on the evolution of cybersecurity, exploring the complex relationship between technology advancement and security.
|
By Teleport
Securing Modern Infrastructure with Teleport Workload Identity Learn more about Teleport Workload Identity at goteleport.com#infrastructure.
|
By Teleport
As digital environments expand, the challenges of protecting critical infrastructure continue to grow. Join us in this insightful discussion as we dive into the complex landscape of cybersecurity. This video explores key industry trends, major threats to infrastructure, and actionable strategies for improving security.
|
By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
|
By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
|
By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
|
By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
|
By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
- January 2025 (4)
- December 2024 (16)
- November 2024 (6)
- October 2024 (8)
- September 2024 (4)
- August 2024 (1)
- July 2024 (5)
- June 2024 (5)
- May 2024 (2)
- April 2024 (2)
- March 2024 (2)
- February 2024 (13)
- January 2024 (1)
- December 2023 (4)
- November 2023 (2)
- October 2023 (1)
- September 2023 (5)
- August 2023 (10)
- July 2023 (3)
- June 2023 (7)
- May 2023 (10)
- April 2023 (3)
- March 2023 (12)
- February 2023 (5)
- January 2023 (2)
- December 2022 (3)
- November 2022 (9)
- October 2022 (6)
- September 2022 (9)
- August 2022 (7)
- July 2022 (16)
- June 2022 (11)
- May 2022 (26)
- April 2022 (24)
- March 2022 (12)
- February 2022 (15)
- January 2022 (21)
- December 2021 (19)
- November 2021 (9)
- October 2021 (12)
- September 2021 (12)
- August 2021 (18)
- July 2021 (6)
- June 2021 (10)
- May 2021 (14)
- April 2021 (11)
- March 2021 (12)
- February 2021 (7)
- January 2021 (7)
- December 2020 (5)
- November 2020 (7)
- October 2020 (4)
- September 2020 (8)
- August 2020 (8)
- July 2020 (9)
- June 2020 (3)
- May 2020 (5)
- April 2020 (6)
- March 2020 (6)
- February 2020 (5)
- January 2020 (4)
- November 2019 (2)
- October 2019 (3)
- September 2019 (4)
- August 2019 (3)
- July 2019 (1)
- June 2019 (1)
- March 2019 (2)
- September 2018 (1)
- July 2018 (2)
Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.
Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.
Our products are open-source and based on open standards:
- Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
- Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
- Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.
Grow your business across many production environments without having to worry about the vendor lock-in.