goteleport.com
Open in
urlscan Pro
2606:4700::6812:717
Public Scan
URL:
https://goteleport.com/
Submission: On December 06 via manual from IL — Scanned from DE
Submission: On December 06 via manual from IL — Scanned from DE
Form analysis
0 forms found in the DOMText Content
Are you using multiple AWS accounts to separate your environments? Dec 14 Virtual Learn More Platform PLATFORM Why TeleportIdentity Governance & SecurityHow It Works ACCESS CONTROL SSHKubernetesDatabasesInternal WebappsWindowsAWS Console Our Features AssistSingle Sign OnJust In Time Access RequestsRole Based Access ControlAudit and Session RecordingsDevice TrustPasswordless Solutions BY USE CASE Privileged Access ManagementMachine-to-Machine AccessUnified Infrastructure ConsolePasswordless Infrastructure Access BY INDUSTRY E-commerce & EntertainmentFinancial ServicesSoftware-as-a-service (SaaS) Providers BY CLOUD PROVIDER Infrastructure Access for AWS BY COMPLIANCE STANDARD FedRAMPHIPAASOC 2 Resources TRY TELEPORT Teleport LabsTeleport TeamIntegrations Community Our CustomersGitHubTeleport Connect 2023 Resources BlogEventsWebinarsPodcastsTech PapersHot TakesLearn SUPPORT Support PortalCommunity SlackGitHub DiscussionsSystem Status Featured Resource Documentation DocumentationTeleport ClientsHow It WorksTeleport LabsTeleport CommunityTeleport Slack ChannelGitHub Pricing Community Getting Started with OSSDownloadsCommunity SlackGitHubGitHub DiscussionsPodcasts Sign In Get Started THE OPEN INFRASTRUCTURE ACCESS PLATFORM The easiest, most secure way to access all your infrastructure. Get Started Terminal $ tsh login Launching SSO with 2FA via browser... Single Sign On Single Sign On Verify Multi Factor Authentication Security Key or Biometric Authenticator Multi Factor Authentication Authentication Successful Replay Animation WHAT IS TELEPORT? DevOps teams use Teleport to access SSH and Windows servers, Kubernetes, databases, AWS Console, and web applications. Teleport prevents phishing by moving away from static credentials towards ephemeral certificates backed by biometrics and hardware identity, and stops attacker pivots with the Zero Trust design. Servers Databases Kubernetes Applications Desktops Activity Team Servers 600 total Add Server HostnameAddressLabelsActions ip-10-0-0-115 ⟵ tunnelregion: us-west-1Connect ip-10-0-0-20 ⟵ tunnelregion: sa-east-1Connect ip-10-0-0-60 ⟵ tunnelregion: us-west-2Connect ip-10-0-0-85 ⟵ tunnelregion: eu-west-1Connect ip-10-0-0-90 ⟵ tunnelregion: us-east-1Connect NameTypeLabelsActions aurora RDS PostgreSQLenv: devpostgresConnect mongodb Self-hosted MongoDBenv: dev-1mongodbConnect gcloud GCP SQL Postgresenv: prodsqlConnect Cockroach Self-hosted CockroachDBenv: prodcrdbConnect mysql Self-hosted Mysqlenv: dev-2mysqlConnect NameLabelsActions eks-stg-cluster env: stg2region: us-west-2Connect eks-prod-cluster env:prodregion:us-east-2Connect galactus env:prodentropy-serviceConnect eks-dev-cluster env:stgregion:us-east-2Connect galaxy env:stgEKSConnect NameAddressLabelsActions aws https://dev.runteleport.comenv: devConnect grafana https://grafana.runteleport.comenv: workConnect jenkins https://jenkins.runteleport.comenv: workConnect metabase https://meta.runteleport.comenv: devConnect gitlab https://gitlab.runteleport.comenv: devConnect AddressNameLabelsActions 10.0.0.10 Windowsname: BaseConnect 10.0.40.10 Windows Prodname: ProdConnect 10.0.32.10 Windows Devname: DevConnect 10.0.130.2 Windows Bizopsname: BizConnect 10.0.157.72 Windows Sysname: SysConnect NodeUser(s)DurationActions ip-10-0-0-51 alice5 minsPlay ip-10-0-0-120 bob7 minsPlay ip-10-0-0-51 slack-plugin10 minsPlay ip-10-0-0-22 terraform5 minsPlay ip-10-0-0-120 eve7 minsPlay UsernameRolesTypeActions alice accessGitHubOptions bob accessGitHubOptions terraform terraformLocal UserOptions slack-plugin slackLocal UserOptions eve accessLocal UserOptions 200% REDUCE RISK Teleport’s use of identity instead of credentials will, as demonstrated, reduce this risk by 200% compared to that posed by static credentials Paul Stringfellow Access Whitepaper IDENTITY GOVERNANCE & SECURITY Protect identities across all of your infrastructure with Teleport. REDUCE ATTACK SURFACE Enforce principle of least privilege with just-in-time access requests and automated access reviews. ELIMINATE WEAK ACCESS PATTERNS Access Monitoring provides visibility into privileged access to critical data and infrastructure. RESPOND TO IDENTITY THREATS Take immediate action with identity locking in your incident response. Lock suspicious or compromised identities and stop them in their tracks, across all protocols and services. REDUCE ATTACK SURFACE Enforce principle of least privilege with just-in-time access requests and automated access reviews. DYNAMIC INVENTORY OF EVERYTHING YOU HAVE Teleport provides an automated and holistic view of all privileged infrastructure resources within your organization. This eliminates access silos, protects from impersonation attacks and provides a single place to manage policy. TRUSTED INFRASTRUCTURE Self-updating inventory of privileged resources: servers, cloudinstances, databases, Kubernetes clusters, and internal webapps. TRUSTED CLIENT DEVICES Inventory of enrolled TPM-equipped client laptops, workstations, Yubikeys and other phishing-resistant MFA devices.. WORLDWIDE VIEW The inventory supports IoT devices, multiple clouds, on-premise environments and the private environments of your clients. TRUSTED INFRASTRUCTURE Self-updating inventory of privileged resources: servers, cloudinstances, databases, Kubernetes clusters, and internal webapps. TRUSTED CLIENT DEVICES Inventory of enrolled TPM-equipped client laptops, workstations, Yubikeys and other phishing-resistant MFA devices.. WORLDWIDE VIEW The inventory supports IoT devices, multiple clouds, on-premise environments and the private environments of your clients. SECRETLESS ACCESS TO EVERYTHING Secrets such as passwords, private keys, and browser cookies are the #1 source of data breach. They are vulnerable to phishing attacks, credential sharing, theft, client device loss and other forms of human errors. Teleport doesn’t use secrets. BIOMETRICS FOR HUMANS Phishing-resistant MFA and passwordless authentication supporting Touch ID, YubiKey Bio and other supported devices. MACHINE IDENTITY No more private host keys. Embrace strong machine identities for service accounts, CI/CD automation and microservices. Teleport Machine ID can be hardened by HSM or virtual HSM. SHORT-LIVED CERTIFICATES Built-in certificate authority for X.509 and SSH certificates for all resources, including legacy systems. Teleport PKI infrastructure is fully automatic and does not require management. BIOMETRICS FOR HUMANS Phishing-resistant MFA and passwordless authentication supporting Touch ID, YubiKey Bio and other supported devices. MACHINE IDENTITY No more private host keys. Embrace strong machine identities for service accounts, CI/CD automation and microservices. Teleport Machine ID can be hardened by HSM or virtual HSM. SHORT-LIVED CERTIFICATES Built-in certificate authority for X.509 and SSH certificates for all resources, including legacy systems. Teleport PKI infrastructure is fully automatic and does not require management. ONE PLACE TO MANAGE ALL PRIVILEGES Break access silos. Consolidate privileges for humans and machines across all protocols and resource types in one place. Lower the operational overhead of managing access and enforcing policy. ACCESS REQUESTS Implement the principle of least privilege, when a client is temporarily given only minimal privileges to complete the task. DUAL AUTHORIZATION FedRAMP AC-3 and other compliance frameworks like SOC 2 require that highly privileged actions must be approved by multiple authorized team members. How does this work? SESSION SHARING AND MODERATION An interactive session can contain multiple simultaneous clients. Highly privileged sessions can be configured to always include a moderator to prevent a single client from being a point of failure. ACCESS REQUESTS Implement the principle of least privilege, when a client is temporarily given only minimal privileges to complete the task. DUAL AUTHORIZATION FedRAMP AC-3 and other compliance frameworks like SOC 2 require that highly privileged actions must be approved by multiple authorized team members. SESSION SHARING AND MODERATION An interactive session can contain multiple simultaneous clients. Highly privileged sessions can be configured to always include a moderator to prevent a single client from being a point of failure. TRUE ZERO TRUST Move away from network-based perimeter security and prevent attackers from pivoting. Teleport implements Zero Trust on the application level, enforcing authentication and encryption natively for all protocols. ZERO NETWORK EXPOSURE Critical infrastructure resources do not need to listen on the network. They are accessed via encrypted reverse tunnels to Teleport identity-aware Proxy. UNIVERSAL CONNECTIVITY Manage access to remote devices running on 3rd party networks behind NAT with latency-optimized routing. TRUST FEDERATION Multiple organizations can manage trust across teams and securely access shared infrastructure via role mapping. ZERO NETWORK EXPOSURE Critical infrastructure resources do not need to listen on the network. They are accessed via encrypted reverse tunnels to Teleport identity-aware Proxy. UNIVERSAL CONNECTIVITY Manage access to remote devices running on 3rd party networks behind NAT with latency-optimized routing. TRUST FEDERATION Multiple organizations can manage trust across teams and securely access shared infrastructure via role mapping. CONSOLIDATED VISIBILITY AND AUDIT Collect all security events generated by humans and machines across your entire infrastructure in one place and export to any SIEM or threat detection platforms for further analysis. RICH AUDIT LOGS Security logs are collected on the application level, giving you rich protocol-native context for what happened and who’s responsible. SESSION RECORDINGS Interactive sessions for all protocols are recorded and can be replayed in a YouTube-like interface. REAL-TIME LIVE SESSIONS See what is happening with every active authenticated connection across all resources in your entire infrastructure. Interfere if needed. RICH AUDIT LOGS Security logs are collected on the application level, giving you rich protocol-native context for what happened and who’s responsible. SESSION RECORDINGS Interactive sessions for all protocols are recorded and can be replayed in a YouTube-like interface. REAL-TIME LIVE SESSIONS See what is happening with every active authenticated connection across all resources in your entire infrastructure. Interfere if needed. WHY USE TELEPORT BEFORE AND AFTER TELEPORT BEFORE TELEPORT * Access silos everywhere. Engineers use a mixture of VPNs, bastion hosts and proxies. * High operational overhead of managing privileges across different infrastructure layers. * Vulnerable to phishing because access is granted based on static credentials. * Connectivity, authentication, authorization and audit are handled by stitched together systems such as IAM, SASE, PAM, and SIEM. * Privileges are granted based on static user roles. AFTER TELEPORT * A single login command gives engineers access to all infrastructure layers they need. * Single place to manage all privileges for all layers of the stack, for humans and machines. * Phishing-proof access is based on ephemeral or single-use certificates. * Vertically integrated access platform tailored to the scale and security considerations of cloud-native infrastructure. * Minimal privileges are dynamically granted to complete a given task. * > Teleport allows us to comply with the regulatory hurdles that come with > running an international stock exchange. The use of bastion hosts, > integration with our identity service and auditing capabilities give us a > compliant way to access our internal infrastructure. > > > > Brendan Germain > > Systems Reliability Engineer, Nasdaq * > Teleport has made obtaining a FedRAMP-Moderate ATO that much more > achievable via their FIPS 140-2 endpoints, ease in integration with our SSO > and MFA , and the view into audit logs of remote connection sessions > provide the appropriate insight for Continuous Monitoring. > > > > Jeff Gill > > Senior Director of Engineering, SumoLogic * > We use Teleport Access Requests in combination with Auth0 to easily manage > access to our infrastructure. Prior to Teleport, we manually managed SSH > keys and a bastion machine and it was an organizational nightmare. It has > great configuration options, and the UI is great for junior engineers that > may need access to certain infrastructure, but aren't very SSH savvy. > > > > Dylan Stamat > > CTO, VerticalChange * * * WORKS WITH EVERYTHING YOU HAVE TELEPORT INTEGRATES WITH OVER 170 CLOUD BASED RESOURCES Our vision for Teleport Terminal is to become the universal user interface for everything in the cloud. Below is the list of the resources it supports, and we’ll be adding new protocols quickly: Rancher AWS CLI GitLab Redis Snowflake Windows Server GitHub Okta Keptn MongoDB Elasticsearch CockroachDB ...AND MANY MORE Terminal # on a client$ tsh login --proxy=example.com # on a server$ apt install teleport # in a Kubernetes cluster$ helm install EASY TO GET STARTED Teleport is easy to deploy and use. We believe that simplicity and good user experience are key to first-class security. Teleport consists of just two binaries. 1. The tsh client allows users to login to retrieve short-lived certificates. 2. The teleport agent can be installed on any server or any Kubernetes cluster with a single command. Download Teleport TRY TELEPORT TODAY In the cloud, self-hosted, or open source. View developer docs Get Started * PROTOCOLS * Teleport Overview * SSH * Kubernetes * Databases * Applications * Windows * Teleport Features * Teleport Pricing * DOCUMENTATION * Teleport Documentation * Download Teleport * How Teleport works * GitHub repository * LEARN * Why Teleport? * Teleport Learn * Blog * Customers * Resources * Events * What is SSH? * What is a Kubernetes cluster? * COMPANY * About us * Security * Careers * News * Partners * Status * GET IN TOUCH * (855) 818 9008 * General inquiries * Customer support * CONNECT * Teleport Community * Slack * GitHub * Twitter * LinkedIn * YouTube © 2023 Gravitational Inc.; all rights reserved. * Terms of Service * Website Terms of Use * Privacy * Job Applicant Privacy Policy