Teleport unveils real-time identity security & observability tool

Teleport has introduced a new identity security solution designed to provide security teams with real-time visibility into identity movement across technology boundaries.

The company announced the addition of full-chain observability capabilities to its platform, designed to track and detect how user identities interact with various systems, including identity providers, code repositories, and cloud infrastructure.

Identity blind spots

Many organisations face challenges due to the fragmentation of identity data across discrete platforms and services. This fragmentation can obscure the visibility of user actions and complicate efforts to respond to cybersecurity incidents. Traditional monitoring solutions typically rely on siloed logging systems, which may not provide a comprehensive picture of user activity across modern, distributed IT environments.

Teleport Identity Security seeks to address this problem, offering consolidated insight into authentication processes, role and privilege assignments, development tool activity, and infrastructure access in real time.

Ev Kontsevoy, Chief Executive Officer of Teleport, said:

"Identity is now the leading attack vector, but most cybersecurity products see only a part of the picture. Teleport connects the dots, letting security teams detect risky behaviour across fragmented systems in real time and accelerate intervention."

Solving operational challenges

Current issues that security and infrastructure teams experience include difficulty answering questions such as who has accessed a particular resource, whether such access is routine or unusual, and what activities were conducted within a session. The lack of unified data means investigators often spend significant effort correlating logs from systems like Okta, AWS, and GitHub.

Identity chain observability, as provided by Teleport's solution, promises to reduce the manual workload required for forensic investigations, to highlight identity vulnerabilities, and to present a cross-platform view of identity behaviour.

Ben Arent, Director of Product at Teleport, illustrated the practical benefits of the technology with a recent example from a customer deployment:

"One of our customers, within fifteen minutes of deployment, flagged two engineers whose accounts retained super-admin maintainer rights across 1,800 repos, far beyond their intended read-only access. This points to the significant impact Teleport Identity Security can have in reducing the attack surface and other vectors of compromise in complex infrastructure environments."

Platform features

The new capabilities include cross-platform identity tracing, which allows for the correlation of events from identity providers, code repositories, cloud services, and direct infrastructure access. The platform also detects anomalies and provides investigation tools aimed at reducing the burden of manual log analysis.

These features augment existing components such as the Access Graph - a real-time map of user, machine, role, and resource relationships - as well as monitoring for key assets and unmanaged or legacy keys that might provide unauthorised access.

Compliance and security applications

Teleport stated that its solution is targeted at security teams focused on detecting lateral movement and insider threats, accelerating forensic investigations, preventing over-privileged access, and supporting compliance efforts aligned with frameworks such as SOC 2, NIST, and ISO 42001.

Teleport Identity Security is currently available in the on-premises version of the Teleport platform, with cloud availability expected within a quarter.