Teleport

Teleport, the secure infrastructure access company, announced its debut on the Citizens JMP Cyber 66 list, which recognizes the 66 hottest privately held cybersecurity companies.

In today's security landscape, relying on firewalls alone is no longer enough. This article explores how Teleport Workload Identity enables secure, short-lived X.509 certificates for internal services using Mutual TLS (mTLS), eliminating long-lived secrets and enhancing workload trust. Learn how to configure and audit mTLS connections between services like NGINX and a client using SPIFFE-compliant certificates, all backed by fine-grained RBAC and detailed audit logging.

In collaboration with Teleport, Doyensec has developed the Security Policy Evaluation Framework (SPEF) — a dynamic testing and benchmarking tool for evaluating the security, performance, and reliability of popular authorization policy engines like Rego, Cedar, OpenFGA, and Teleport ACD. Built with modular architecture and containerized execution, SPEF allows researchers and engineers to validate policies under consistent, controlled conditions. This article walks through its architecture, supported engines, and key insights from early testing across 27 threat-driven test cases.

As Large Language Models (LLMs) begin interfacing directly with real infrastructure, securing their access becomes critical. This article explores how the Model Context Protocol (MCP) enables LLMs to interact with databases and systems—and how Teleport’s Infrastructure Identity Platform ensures secure, auditable access. Learn how teams can enforce least-privilege policies, prevent over-permissioning, and maintain full audit trails even with AI in the loop.

Modern software supply chains face increasing complexity and risk, especially from supply chain attacks like SUNBURST. This article explores how Sigstore and Teleport's Machine & Workload Identity can fortify your CI/CD pipeline. Learn how Sigstore enables keyless, verifiable artifact signing, and how Teleport integrates these signatures into workload attestation using SPIFFE-based SVIDs. Discover how to enforce policies that block compromised containers from accessing sensitive resources, and how cryptographic identity can replace static secrets for secure service-to-service communication. A must-read for DevSecOps teams aiming to embed security into the development lifecycle.