Articles by topic security
- May 11, 2022By Sakshyam ShahThis post explains why scoped and ephemeral certificate-based authentication for bots and service accounts are the safest alternative to token and key-based authentication.
- May 1, 2022By Roman TkachenkoA comprehensive overview of the best practices for securing access to PostgreSQL databases.
- Apr 20, 2022By Shivashish YadavA VPN used to be gold standard for securing a network, but it has limits. This post is s deep dive into the limits of a perminator based security and offers new alternatives and options for VPNs.
- Apr 19, 2022By Russell JonesUnderstanding Server-Side Request Forgery (SSRF), vulnerabilities and mitigations.
- Apr 11, 2022By Gus LuxtonThis post explains security best practices to use SSH properly and securely
Additional articles
- Apr 7, 2022By Sakshyam ShahKubernetes is driven by an HTTP API server which allows complete configuration and control of Kubernetes runtime. Therefore, securing access to the API server is one of the most critical security controls to ensure resilient Kubernetes in production.
- Mar 31, 2022By Russell JonesSecure Shell (SSH) is a widely used Transport Layer Protocol to secure connections between clients and servers. In this post we explain how SSH handshake works.
- Mar 31, 2022By Sakshyam ShahThis blog post explores the use case and importance of zero standing privilege in modern privileged access management.
- Mar 22, 2022By Sakshyam ShahThis blog post recommends 11 authorization best practices to avoid vulnerabilities and defeat specific attack vectors.
- Mar 16, 2022By Sakshyam ShahThis blog post explores the most common vulnerabilities related to the authorization process.
- Mar 10, 2022By Janakiram MSVThis post explains how to set-up AWS bastion host based on Teleport identity-aware access proxy.
- Mar 10, 2022By Ev KontsevoyOn the surface, trusted platform modules and hardware security modules seem to be performing similar functions. In this blog post we dive a bit deeper to find out what is the difference between the two.
- Feb 25, 2022By Sakshyam ShahLearn about authentication best practices such as prioritizing passwordless authentication and implementing federated login with 2fa in this comprehensive blog post.
- Feb 22, 2022By Ryan LambertThis blog post describes how Teleport helped six of the biggest Tech IPOs of 2020 and 2021 prepare for their big day with a focus on productivity, growth, and security.
- Feb 18, 2022By Sakshyam ShahThis blog post explores the most common vulnerabilities related to the authentication process.
- Feb 16, 2022By Sakshyam ShahThis blog post explains how AAA (Triple-A) security works for network access controls and reviews three popular AAA protocols.
- Feb 15, 2022By Lukonde MwilaThe difference between who gets to access (AuthN) a Kubernetes cluster and what they can do with those permissions (AuthZ)
- Feb 10, 2022By Sakshyam ShahAuthentication vs. authorization — what's the difference?
- Jan 12, 2022By Josh SmithThe most innovative financial services companies know that they need to be agile, but without sacrificing security. Teleport is how they do it.
- Jan 11, 2022By Daniel MercadoMoving to a SaaS model can be complicated for hardware and software vendors. Here is what you need to know.
- Dec 31, 2021By Sarah O’learyPasswordless access is a big trend in DevSecOps. Here is why it makes infrastructure access so much easier.
- Dec 29, 2021By Gabrielle ColemanThere is a growing sense that protecting sensitive accounts with passwords is not enough. But API keys are passwords too and need to be replaced.
- Dec 23, 2021By Joseph RodriguezEnergy markets are critical infrastructure. Protecting them is just as critical. This blog shows how you can get started.
- Dec 22, 2021By Carlos MenaThis blog presents data highlighting the threat that Financial Services companies face due to insecure infrastructure and what they can do about it.
- Nov 29, 2021By Steven MartinJust in time for re:Invent 2021, here is the list of top 10 things you should know about AWS and Teleport.