Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Zero Standing Privileges (ZSP), where no user or system account has access unless there is a task being performed, is a milestone goal for most security teams. No always-on accounts, no secrets sitting around “just in case,” and nothing waiting to be misused. For a long time, privileged access management (PAM) has meant using credential vaults to store, rotate, and protect privileged credentials like administrative passwords, SSH keys, and API tokens.

I've spent the last few months talking to partners and prospects across EMEA about the upcoming Cyber Security and Resilience Bill, and there's a common theme: everyone knows it's coming, but most aren't sure where to start. The conversations usually begin with "Is this just another compliance checkbox?" and end with "How do we actually implement this without ripping out our entire infrastructure?" Here's what I've learnt from these discussions.

Since Teleport 1.0, we have shipped built-in session recording and replay. Nine years later, we are shipping the biggest upgrade yet: AI Session Summaries. Teams using Teleport onboard thousands of engineers (developers, DBAs, Windows users) who run thousands of interactive sessions every day. That easily adds up to 5,000+ hours of recordings per month, which is too much for humans to review proactively.

AI agents powered by Amazon Bedrock are playing an increasingly central role in cloud operations. These agents can interact directly with core AWS services like S3, Lambda, RDS, and EC2 to perform tasks such as data retrieval, automation orchestration, and resource provisioning. Many teams rely on the Model Context Protocol (MCP) to structure agent behavior and convert natural language into actionable commands.

As enterprises embrace AI, identity has become the defining security challenge. Every new database, Kubernetes cluster, SaaS app, and now every AI agent introduces yet another identity that must be governed and protected. At the same time, attackers are weaponizing AI to accelerate identity-based threats, exploiting fragmentation and credential sprawl to devastating effect.

Security teams spend hours stitching together logs from disconnected systems during investigations. Learn how to get clarity in minutes by tracing identity signals across everything in your stack.

A common request we hear at Teleport is for immediate Just-in-Time (JIT) access. Users shouldn't have standing access to resources, but they do need an audited escalation and approval process they can personally execute when access is required. This raises an important challenge: how do we ensure users only access the resources they truly need, without creating access sprawl or slowing teams down?