Teleport 17 enhances security for cloud infrastructure

Infrastructure identity provider Teleport has released its Teleport 17 update, aimed at improving the management of access controls and permissions for large enterprises.

With the increasing complexity of cloud attack surfaces, organisations are finding it challenging to secure their infrastructures effectively. Recent figures indicate that almost half of organisations suffered a cloud data breach in 2024, with human error and misconfigurations identified as the leading causes. A significant incident that year involved threat actors targeting AWS customers through misconfigured public websites, resulting in the exposure of thousands of credentials.

Teleport 17 is designed to provide a solution to these challenges by enhancing the platform's secretless architecture. This architecture aims to make identity attacks ineffective and help infrastructures remain resilient against human errors. The update introduces several new features tailored to the needs of organisations managing secure infrastructure access at scale.

One of the key updates is the integration between the Teleport Access Platform and AWS IAM Identity Center. This development allows for federated authentication across accounts and eliminates the need for static, long-lived credentials.

"AWS administrators can now control AWS access using Teleport access lists to easily implement the principle of least privilege with just-in-time access," the release states. This is intended to reduce the risk for large organisations dealing with multiple AWS instances and improve efficiency for users logging into AWS consoles across various accounts.

Teleport 17 also includes multi-region high availability, aiming to ensure that mission-critical infrastructure remains operational around the clock. With the introduction of multi-region failover across nine availability zones and an uptime guarantee of 99.99%, the update seeks to address potential disruptions due to regional outages.

The platform additionally offers enhanced oversight, control, and audit of access privileges across enterprises. This is meant to reduce the burden of configuring and auditing role-based access controls (RBAC) while supporting compliance requirements, particularly for critical infrastructure resources.

"The scale and complexity of computing infrastructure creates overhead and risk," said Ev Kontsevoy, CEO at Teleport. "Managing access, identities, and policies across the many thousands of diverse infrastructure resources that large enterprises juggle across platforms and regions is extremely daunting."

"Traditional access solutions frequently falter under that complexity, introducing inefficiencies and security risks. The proof is in the many record-breaking data breaches that have happened in 2024. With Teleport 17, we're making secure infrastructure access at scale an achievable objective for large enterprises."

Additional features introduced in Teleport 17 include workload identities, new cryptographic signature algorithms, and expanded support for hardware private keys like YubiKey. These features aim to secure communications even if an identity is compromised. Moreover, deeper integration with solutions such as Okta, Terraform Cloud, and GitHub helps unify access strategies while maintaining existing workflows.

Alexander Klizhentas, CTO at Teleport, commented on the update: "The larger the organisation, the more costly and difficult it becomes to secure infrastructure in an efficient, scalable, and resilient way. Resiliency, in particular, should be top of mind for any engineering and infrastructure teams maintaining round-the-clock operations. You can't afford not to ask, 'What's the worst thing that could happen to my infrastructure? What would the damage be?'"

Klizhentas continued, "One of our goals with Teleport 17 is to make infrastructure immune to any potential damage from breaches. We want every head of infrastructure and security to be able to meet their resiliency goals with confidence."