I talked to one CISO from the Philippines who runs a fintech company and he was telling me a story in which there was a huge incident that happened in which they found a quarter of a million stolen from this organization. Eventually it comes to him and he's like okay how do we know this instance happened? The instance was disclosed to him through the finance team. The finance team had figured out that they had wired obviously a large amount of money. But the thing that caught it was it was using a coupon code from the last quarter. So was kind of suspicious. When they dived into it, they found that they had hired a contractor who had access to production systems and he had basically written a program to do like a salami scam. It's sort of like the classic meme of office spaces. It's kind of ironic, you know, office spaces in which they run this salami scam and then eventually the office burns down and they get away with it. But, you know, this was like last year that this is happening. And it sort of got me thinking about why is it still possible to run salami scams or these kind of attacks and it's normally because you give people too much access. You know, in this case, this contractor probably shouldn't have had access to this production system. He should have been moved to like just in time access.

Traditional tools create silos. You might have one tool for accessing your databases. You might have one tool for AWS, one tool for GCP, one tool for on premise and it sort of leaves a whole range of gaps. So you might have one relatively locked down. You have developers copying data from one cloud provider to another. The controls are a bit looser. The relationships are kind of tougher to figure out what's happening. If you don't have one centralized infrastructure identity control plane, you can't gate the access to everything.

A common use case that people use for Teleport is for auditing and they come with a range of problems. The developers are touching multiple systems. Often companies have certain controls. It can be SOC 2. These regimes have certain requirements. So you might need to have certain controls. One of the benefits of Teleport is you can tell the difference between a read control or a write control. And it makes it much easier when it comes to audit time to know what the developers have done on the system. The platform itself captures audit logs and screen recordings. So when auditors come in, it's very quick for them to know what happened in their systems and it's an easy checkbox.

I think ideally developers don't have to think about it. They just go about their day-to-day work. Teleport tries to be as developer friendly as possible. Developers, they access all of their resources through Teleport. They might log in once a day. They log in their identity provider, then they get access to their full suite of resources.

Once we've deployed Teleport, generally developers are quite happy with it. They're happy for it for all you have to do is SSO in once and then you get access to all of your resources. Everything works with your standard tooling. People can use their same terminals, the same IDEs, their same database GUIs. Everything sort of works out of the box. Developers are unique in their flows. They like to keep standard flow and tooling and Teleport just works with what they have. Security teams love it too because you get the visibility in the audit. But from a productivity aspect, people log in, they can just go about their work and generally the Teleport platform is sort of hidden from view. People just go about it and they have sort of little idea that they're even using Teleport.