This is the age-old question faced by so many tech teams: do we build or buy a system we need? TL:DR, Buying can save your engineer time for building the core stack and for the fun experiments needed to determine when to shake up the core stack.
A multi-protocol access proxy is a powerful concept for securing access to infrastructure. But accessing numerous computing resources distributed across the globe via a single endpoint presents a latency challenge. Today we are announcing that the hosted edition of Teleport Access Plane is now available in 5 regions all over the world.
Those of us that work with technology get this question a lot: “What do you do?” “I work in technology — more specifically, I work as a pre-sales engineer.” Sound familiar? Working in IT can mean a lot of different things, and to those outside of this world, it quickly becomes deeply technical and complicated to explain to non-IT people. Even explaining what you do to IT people can become complicated.
There is a growing discussion among network engineers, DevOps teams, and security professionals about the security benefits of bastions. Many assume that they are the “old way” of network access and have little relevance in the modern cloud native stack. These speculations are not irrelevant as in recent years, the corporate IT network perimeter as we knew it is diminishing, and the concept has been shifted to data, identity, and compute perimeter.
In April 2021, I discovered an attack vector that could allow a malicious Pull Request to a Github repository to gain access to our production environment. Open source companies like us, or anyone else who accepts external contributions, are especially vulnerable to this. For the eager, the attack works by pivoting from a Kubernetes worker pod to the node itself, and from there exfiltrating credentials from the CI/CD system.