Oakland, CA, USA
Mar 4, 2020   |  By Ev Kontsevoy
Today, we are excited to announce the release of Gravity 7.0! Gravity is a tool for developers to package multiple Kubernetes applications into an easily distributable .tar file called a “cluster image”. A cluster image contains everything an application needs and it can be used for quickly creating Kubernetes clusters pre-loaded with applications from scratch or loading applications contained within an image into an existing Kubernetes cluster like OpenShift or GKE.
Feb 27, 2020   |  By Russel Jones
Teleport 4.2 introduced a new feature called Enhanced Session Recording that takes an unstructured SSH session and outputs a stream of structured events. It’s the next step in Teleport’s evolution that uses new technology (eBPF or now simply known as BPF) to close some gaps in Teleport’s audit abilities. Below you can see an illustration of this feature and if you keep reading, we’ll get into some of the technical details.
Feb 25, 2020   |  By Russell Jones, Kevin Nisbet
We now live in an era where the security of all layers of the software stack is immensely important, and simply open sourcing a code base is not enough to ensure that security vulnerabilities surface and are addressed. At Gravitational, we see it as a necessity to engage a third party that specializes in acting as an adversary, and provide an independent analysis of our sources.
Feb 19, 2020   |  By Kafi Payne
I am not an engineer. I’m a director of human resources. I don’t work in a technical space, but the concept of open source is fascinating to me as it applies to organizational culture. A company like Gravitational that has intentionally chosen open source as a foundation for our work makes not only a technical decision, but a cultural one. We’re finding that employees and candidates care deeply and appreciate our choice. Open source is a big deal for us.
Jan 29, 2020   |  By Ben Arent
Back in the early 2010s, a Forrester researcher, John Kindervag, noticed that corporations had a binary view of trust and privilege. Once new employees have completed training, they are given full access to all the tools and VPNs needed to get their job done. Once they are logged on, they are trusted completely. Kindervag noticed that “trust” is a vulnerability that can be exploited. Since then, awareness of Zero Trust implementations has grown, in particular Google’s BeyondCorp.
Mar 5, 2020   |  By Gravitational
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
Mar 5, 2020   |  By Gravitational
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
Mar 1, 2020   |  By Gravitational
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
Feb 1, 2020   |  By Gravitational
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
Feb 1, 2020   |  By Gravitational
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.
Apr 3, 2020   |  By Gravitational
This 1-minute video gives an overview of how the Gravity Application Delivery System lets engineers deliver and run cloud-native applications in regulated, restricted, or remote environments without added complexity.
Apr 3, 2020   |  By Gravitational
Gravity is an application delivery system that lets engineers deliver and run cloud-native applications in regulated, restricted, or remote environments without added complexity. Gravity works by putting applications and all their dependencies onto a single deployable file, which can be used to create hardened Kubernetes clusters that can reliably and securely run in any Linux environment: edge, multi-cloud, private cloud, on-prem, and air-gapped.
Oct 10, 2019   |  By Gravitational
This is a recording of a webinar demo of Teleport by Gravitational, a privileged access management solution for securing on-premises and multi-cloud environments. In this presentation, we provided an overview of Teleport, walk through a live demonstration of popular features such as certificate authentication, SSO-integration for role-based access control (RBAC), session recording, and Kubernetes authentication and roles.
Sep 10, 2019   |  By Gravitational
Learn how Teleport helped Gladly secure their cloud-native infrastructure, provided logs for customers and auditors, and allowed their team to focus on building a great product rather than managing SSH keys.
Sep 5, 2019   |  By Gravitational
Presented by Emanuele 'Lele' Calo at Gravitational Seattle Meetup August 2019