Secure infrastructure access provider Teleport has introduced new features in Teleport Policy, which provides governance of access policies, that make it easier for organisations to proactively monitor and protect critical assets in their computing infrastructure.
The update allows organisations to reduce security risks from changes in access to mission-critical infrastructure, by enabling organisations to focus their attention on the most critical resources, often called “crown jewels.” This focus cuts through the alert fatigue experienced by observability teams.
Management of access policies
New features also enable organisations to identify shadow access and overprivileged users
New features also enable organisations to identify shadow access and overprivileged users. Teleport Policy unifies management of access policies for humans and machines across computing infrastructure like Kubernetes, databases, clouds, and services.
It enables organisations to uncover risky access patterns in seconds, with fine-grained oversight of privileges and access policies across hybrid infrastructure.
Three key new features
With this update, Teleport Policy introduces three key new features:
- Crown Jewels: Prioritises protection of critical resources, alerting on any change to access patterns
- SSH Key Discovery: Uncovers SSH keys throughout the organisation, a frequent source of compromise and source of shadow access
- Real-time dashboard for greater visibility into standing privileges
Access control methods
“Security teams are managing increasingly complex systems in today’s infrastructure,” says Ev Kontsevoy, CEO at Teleport. “You can’t rely on traditional access control methods anymore. You need visibility, prioritisation, and proactive risk management."
"The capabilities we’ve introduced not only improve security but the efficiency of security teams. Clear, actionable insight reduces the time spent on manually identifying risks and lets teams focus on strategic initiatives.“
Crown Jewels: Prioritise critical resources
Teams can create separate sets of crown jewels across departments, allowing self-governance
A key challenge Teleport Policy solves with a new ‘Crown Jewels’ feature is helping organisations spotlight changes in access to critical resources that need protection at all costs, like sensitive databases and mission-critical applications.
By monitoring changes in access paths or permissions more closely for the resources that matter most, teams reduce the risk of missing important alerts that are lost in the noise when every resource is monitored equally. Teams can create separate sets of crown jewels across departments, allowing self-governance.
SSH key discovery: Uncover shadow access points
Shadow access is one of the most concerning vulnerabilities in systems – essentially hidden access points that attackers exploit to create backdoors they can enter through. These happen when users create unauthorised or undocumented SSH keys that bypass formal access controls. Teleport Policy identifies SSH keys and their access permissions, uncovering shadow access risk.
“Without this feature, organisations run the risk of unknowingly leaving critical systems exposed,“ says Alexander Klizhentas, CTO at Teleport. “Shadow access can lead to a breach, as attackers often exploit such hidden pathways. Those blind spots have to be eliminated to tighten overall security.”
Real-time visibility: Identify stale or excessive standing privileges
A new dashboard gives users a real-time view of standing privileges, identifying where access may be overprivileged or stale. Identity and Access Management (IAM) pioneers can use this information to further harden governance of security posture towards least privileged access.
“One of the hardest challenges for security teams is easily identifying and prioritising users with standing privileges or policies that leave resources exposed,” says Klizhentas. “Without this visibility, potential security risks could go unnoticed, leaving critical resources vulnerable to breaches.”
- Network / IP
- Commercial security
- Security policy
- Security cameras
- Covert cameras
- Security camera systems
- Security access systems
- Video analytics
- Wireless security
- Security software
- Covert Surveillance
- Security communication
- Integration software
- Security Assessments
- Cloud security
- Mergers & Acquisitions
