Identify Shadow Access With Teleport's New Features

Secure infrastructure access provider Teleport has introduced new features in Teleport Policy, which provides governance of access policies, that make it easier for organizations to proactively monitor and protect critical assets in their computing infrastructure.

Crown jewels

The update allows organizations to reduce security risks from changes in access to mission-critical infrastructure, by enabling organizations to focus their attention on the most critical resources, often called “crown jewels.”

This focus cuts through the alert fatigue experienced by observability teams. New features also enable organizations to identify shadow access and overprivileged users.

Teleport Policy

It enables organizations to uncover risky access patterns in seconds, with fine-grained oversight of privileges

Teleport Policy unifies management of access policies for humans and machines across computing infrastructure like Kubernetes, databases, clouds, and services.

It enables organizations to uncover risky access patterns in seconds, with fine-grained oversight of privileges and access policies across hybrid infrastructure.

Key features

With this update, Teleport Policy introduces three key new features:

• Crown Jewels: Prioritizes protection of critical resources, alerting on any change to access patterns.
• SSH Key Discovery: Uncovers SSH keys throughout the organization, a frequent source of compromise and source of shadow access.
• Real-time dashboard for greater visibility into standing privileges.

Proactive risk management

“Security teams are managing increasingly complex systems in today’s infrastructure,” says Ev Kontsevoy, CEO at Teleport. “You can’t rely on traditional access control methods anymore."

"You need visibility, prioritization, and proactive risk management. The capabilities we’ve introduced not only improve security but the efficiency of security teams. Clear, actionable insight reduces the time spent on manually identifying risks and lets teams focus on strategic initiatives.“

Prioritize critical resources

Teleport Policy solves with a new ‘Crown Jewels’ feature is helping organizations spotlight changes

A key challenge Teleport Policy solves with a new ‘Crown Jewels’ feature is helping organizations spotlight changes in access to critical resources that need protection at all costs, like sensitive databases and mission-critical applications.

By monitoring changes in access paths or permissions more closely for the resources that matter most, teams reduce the risk of missing important alerts that are lost in the noise when every resource is monitored equally. Teams can create separate sets of crown jewels across departments, allowing self-governance.

SSH key discovery

Shadow access is one of the most concerning vulnerabilities in systems – essentially hidden access points that attackers exploit to create backdoors they can enter through.

These happen when users create unauthorized or undocumented SSH keys that bypass formal access controls. Teleport Policy identifies SSH keys and their access permissions, uncovering shadow access risk. 

Uncover shadow access points

“Without this feature, organizations run the risk of unknowingly leaving critical systems exposed,“ says Alexander Klizhentas, CTO at Teleport.

“Shadow access can lead to a breach, as attackers often exploit such hidden pathways. Those blind spots have to be eliminated to tighten overall security.”

Real-time visibility

A new dashboard gives users a real-time view of standing privileges, identifying where access may be overprivileged or stale. Identity and Access Management (IAM) leaders can use this information to further harden governance of security posture towards least privileged access. 

“One of the hardest challenges for security teams is easily identifying and prioritizing users with standing privileges or policies that leave resources exposed,” says Klizhentas. “Without this visibility, potential security risks could go unnoticed, leaving critical resources vulnerable to breaches.”