Secure infrastructure access provider Teleport has introduced new features in Teleport Policy, which provides governance of access policies, that make it easier for organisations to proactively monitor and protect critical assets in their computing infrastructure.

Crown jewels

The update allows organisations to reduce security risks from changes in access to mission-critical infrastructure, by enabling organisations to focus their attention on the most critical resources, often called “crown jewels.”

This focus cuts through the alert fatigue experienced by observability teams. New features also enable organisations to identify shadow access and overprivileged users.

Teleport Policy

It enables organisations to uncover risky access patterns in seconds, with fine-grained oversight of privileges

Teleport Policy unifies management of access policies for humans and machines across computing infrastructure like Kubernetes, databases, clouds, and services.

It enables organisations to uncover risky access patterns in seconds, with fine-grained oversight of privileges and access policies across hybrid infrastructure.

Key features

With this update, Teleport Policy introduces three key new features:

  • Crown Jewels: Prioritises protection of critical resources, alerting on any change to access patterns.
  • SSH Key Discovery: Uncovers SSH keys throughout the organisation, a frequent source of compromise and source of shadow access.
  • Real-time dashboard for greater visibility into standing privileges.

Proactive risk management

Security teams are managing increasingly complex systems in today’s infrastructure,” says Ev Kontsevoy, CEO at Teleport. “You can’t rely on traditional access control methods anymore."

"You need visibility, prioritisation, and proactive risk management. The capabilities we’ve introduced not only improve security but the efficiency of security teams. Clear, actionable insight reduces the time spent on manually identifying risks and lets teams focus on strategic initiatives.

Prioritise critical resources

Teleport Policy solves with a new ‘Crown Jewels’ feature is helping organisations spotlight changes

A key challenge Teleport Policy solves with a new ‘Crown Jewels’ feature is helping organisations spotlight changes in access to critical resources that need protection at all costs, like sensitive databases and mission-critical applications.

By monitoring changes in access paths or permissions more closely for the resources that matter most, teams reduce the risk of missing important alerts that are lost in the noise when every resource is monitored equally. Teams can create separate sets of crown jewels across departments, allowing self-governance.

SSH key discovery

Shadow access is one of the most concerning vulnerabilities in systems – essentially hidden access points that attackers exploit to create backdoors they can enter through.

These happen when users create unauthorised or undocumented SSH keys that bypass formal access controls. Teleport Policy identifies SSH keys and their access permissions, uncovering shadow access risk. 

Uncover shadow access points

Without this feature, organisations run the risk of unknowingly leaving critical systems exposed,“ says Alexander Klizhentas, CTO at Teleport.

Shadow access can lead to a breach, as attackers often exploit such hidden pathways. Those blind spots have to be eliminated to tighten overall security.

Real-time visibility

A new dashboard gives users a real-time view of standing privileges, identifying where access may be overprivileged or stale. Identity and Access Management (IAM) leaders can use this information to further harden governance of security posture towards least privileged access. 

One of the hardest challenges for security teams is easily identifying and prioritising users with standing privileges or policies that leave resources exposed,” says Klizhentas. “Without this visibility, potential security risks could go unnoticed, leaving critical resources vulnerable to breaches.

Download PDF version Download PDF version

In case you missed it

Anviz Global expands palm vein tech for security
Anviz Global expands palm vein tech for security

The pattern of veins in the hand contains unique information that can be used for identity. Blood flowing through veins in the human body can absorb light waves of specific wavelen...

Bosch sells security unit to Triton for growth
Bosch sells security unit to Triton for growth

Bosch is selling its Building Technologies division’s product business for security and communications technology to the European investment firm Triton. The transaction enc...

In age of misinformation, SWEAR embeds proof of authenticity into video data
In age of misinformation, SWEAR embeds proof of authenticity into video data

The information age is changing. Today, we are at the center of addressing one of the most critical issues in the digital age: the misinformation age. While most awareness of thi...

Quick poll
What is the most significant challenge facing smart building security today?