Oakland, CA, USA
Mar 4, 2021   |  By Alexander Klizhentas
Every cloud has its own identity and access management system. AWS and Google use a bunch of JSON files specifying various rules. Open source projects like Kubernetes support three concurrent access control models - attribute-based, role-based and a webhook access control, all expressed using YAML. Some teams are going as far as inventing their own programming language to solve this evergreen problem.
Feb 23, 2021   |  By Russell Jones
Cross-site scripting (XSS) is an attack that allows JavaScript from one site to run on another. XSS is interesting not due to the technical difficulty of the attack but rather because it exploits some of the core security mechanisms of web browsers and because of its sheer pervasiveness. Understanding XSS and its mitigations provides substantial insight into how the web works and how sites are safely (and unsafely) isolated from each other.
Feb 18, 2021   |  By Alexander Klizhentas
SSH certificates, when deployed properly, improve security. A half-baked access system using certs is more vulnerable than a public-key-based one if a user or host gets hacked.
Feb 9, 2021   |  By Virag Mody
It seems like nowadays, every company is a SaaS company. We’ve even begun stratifying by what is sold, replacing the “software” in SaaS to whatever the product’s core competency is, search-as-a-service, chat-as-a-service, video-as-a-service. So, when we, at Teleport, set sail for the cloud after years of successfully navigating on-prem software, we came in with a different set of experiences.
Jan 25, 2021   |  By Ev Kontsevoy
What is a microservice? Should you be using microservices? How are microservices related to containers and Kubernetes? If these things keep coming up in your day-to-day and you need an overview in 10 minutes, this blog post is for you. Fundamentally, a microservice is just a computer program which runs on a server or a virtual computing instance and responds to network requests.
Jan 13, 2021   |  By Virag Mody
To the average person, weather forecasts inform whether or not they need to bring an umbrella to the office. But to some, it can be quite literally a matter of life and death. Organizations like the European Center for Medium Range Weather Forecasting (ECMWF) sit at the center of a web of highly sensitive operations, providing them weather predictions and reports.
Dec 21, 2020   |  By Adam Korczynski, Andrew Lytvynov
This summer, Ada Logics integrated continuous fuzzing into Teleport to strengthen the security posture of the project. We’d like to thank Adam Korczynski from Ada Logics for initiating contact and doing the work. In this blog post, we will give a brief introduction to fuzzing and explain how to carry on the work moving forward. The motive for this work was to take the first steps in implementing fuzzing into Teleport’s development pipeline.
Dec 10, 2020   |  By Virag Mody
The maturation of software development has been driven by the increasing segmentation of functions into their own portable environments. Infrastructure is splintered into dozens of computing resources, physical servers, containers, databases, Kubernetes pods, dashboards, etc. Such compartmentalization has made it incredibly simple for developers to enter their desired environments with minimal disruption to other working parts.
Dec 3, 2020   |  By Alexander Klizhentas
Modern languages like Python, NodeJS, and Go make it easy to handle concurrent requests for multiple customers at the same time by using threads or goroutines. Such services seem very cost effective because one process can handle hundreds or thousands of tenants. However, this efficiency comes at a hidden, steep price. When language runtime scheduling breaks down, one tenant can cause an outage for everyone.
Dec 1, 2020   |  By Ev Kontsevoy
This blog post marks an important milestone for us! Just four years ago, as we grew frustrated with the state of SSH server access, Teleport was born. Eventually it grew way bigger than just SSH access, as our users want to use the same access workflow for all layers of their stacks. And today we’re announcing another way to use Teleport: as a hosted offering. Let’s dig deeper!
Mar 4, 2021   |  By Teleport

0:00 Introduction
0:26 Deployment Overview
1:31 Why use Teleport?
2:05 tsh setup
3:37 psql demo
4:25 Teleport Audit log
5:21 fleund Overview
6:01 Kibana Demo

Feb 24, 2021   |  By Teleport

#terraform #teleport

Feb 16, 2021   |  By Teleport
Getting started with Teleport.
Jan 26, 2021   |  By Teleport
The COVID-19 pandemic forced many organizations to shift to a remote workforce almost overnight, most of which were not prepared for the sudden change. In their efforts to ensure their employees could remain productive, a number of organizations relaxed their security policies and unwittingly exposed their networks to compromise. As the pandemic continues, security challenges remain, but organizations also now have opportunities to find and fix vulnerabilities and improve their overall security posture, even as their employees eventually migrate back to the office.
Jan 21, 2021   |  By Teleport
Try out Teleport Cloud today! Teleport implements industry best security practices out of the box and brings all computing resources into compliance with security standards such as SOC2, PCI, and FedRAMP by providing all necessary access controls as well as audit and visibility into access and behavior across all computing environments Benefits of Teleport cloud Shorter time to production No hardware or software to procure, simple pricing Wizard-based approach to setup and configuration Shared-nothing infrastructure, no noisy neighbor problems
Jan 21, 2021   |  By Teleport
Virag Mody, Technical Writer for Gravitational gave a concise talk on Infrastructure Security best practices for this ADTmag Webinar. In the talk he covers why certificate authorities are so important, and what individuals can do to create a more secure infrastructure access process.
Jan 20, 2021   |  By Teleport
The promise of elastic scale and cloud native has driven the demand for K8s, but developers now have the harder task of building applications in a secure manner. This talk will focus on best practices and potential pitfalls for securing K8s for the engineering team by using the K8s API server and control plane. Join us for a how-to on implementing a robust Role Based Access Control (RBAC) tied into the corporate SSO/Identity provider using Github Teams and open source software.
Mar 5, 2020   |  By Teleport
With their rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. This hands-on book guides you through security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.
Mar 5, 2020   |  By Teleport
While SSH has always been a popular attack vector, the increased adoption of elastic, cloud infrastructure and dynamic, micro-service architecture using containerized application services (aka, "cloud-native" applications), has resulted in the additional complexity of having application services that can migrate across dynamic server infrastructure. This makes managing access to applications and their infrastructure through SSH more complicated and more prone to security threats.
Mar 1, 2020   |  By Teleport
In this paper, we will provide a brief description of what SSM Session Manager is and how it compares to Gravitational's Teleport privileged access management solution. We'll compare the significant design and feature differences and the operational overhead of the solutions. Because Session Manager is limited to AWS, we'll limit the scope of the discussion to that cloud provider. Finally, we have provided a feature matrix of the two solutions.
Feb 1, 2020   |  By Teleport
The goal of the paper is to identify key challenges and the most promising opportunities for small to medium sized server hosting providers in an era of rapid commoditization driven by AWS.
Feb 1, 2020   |  By Teleport
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed.

Security and Compliance for Cloud Applications and Infrastructure. Cloud-native application delivery with robust Day-2 operations across many clouds, in restricted, regulated and remote environments.

Get compliance and security best practices out-of-the-box and make it easy for engineers to access SSH and Kubernetes environments across many clouds, data centers and edge devices. Deploy and Run Kubernetes applications on your customers' clouds, on the edge, and even in air-gapped server rooms, without overloading your DevOps teams.

Our products are open-source and based on open standards:

  • Teleport: Access Kubernetes and Linux infrastructure across clouds, datacenters and IoT devices while enforcing industry best-practices for security and compliance.
  • Gravity: Deploy and run cloud-native applications in hundreds of locations where security and compliance matter, on your customers' clouds or on the edge.
  • Teleconsole: Teleconsole is a free service to share your terminal session with people you trust. Your friends can join via a command line via SSH or via their browser over HTTPS. Use this to ask for help or to connect to your own devices sitting behind NAT.

Grow your business across many production environments without having to worry about the vendor lock-in.