Valued at $1.1 billion, Teleport becomes latest cybersecurity Unicorn
Oakland, Calif-based infrastructure access management firm Teleport has raised $110 million in a Series C funding round led by Bessemer Venture Partners, and with participation from Insight Partners and existing investors. This latest investment brings the total raised to $169.2 million and values the firm at $1.1 billion.
The funding will be used to expand the firm’s go-to-market operations and bolster its R&D organization.
Teleport provides identity-based infrastructure access management. As migration to the cloud increases, and the hybrid home/office work environment strengthens, secure remote access to cloud assets becomes both more complex and more necessary. Teleport offers a solution that decreases the complexity and increases the security of remote access management.
Typically, remote access is currently splintered, or siloed. Access to Linux assets would use SSH, while access to PostgreSQL or MySQL databases or Kubernetes require separate remote access processes. Simplifying this is part of the Teleport solution – it provides a single remote access method for all assets. CEO and cofounder Ev Kontsevoy says, “It’s like having many different televisions in your home, and having one remote control device that can be used for all the different TVs.”
At the same time as increasing the convenience of remote access, Teleport also heightens its security. Traditionally, access would be dependent on secrets such as passwords, private keys, access tokens and even browser cookies. These secrets need to be stored securely, but empirically we know that this is difficult if not impossible to guarantee.
Teleport doesn’t use secrets: it uses certificate-controlled identity-based access management. Certificates are identities that don’t require secrets. “Teleport uses identity for all humans in the organization,” explained Kontsevoy. “Teleport also uses identities for all applications and all hardware devices and servers. So, by having certificates on the wire for all these pillars of computing, it enables access to be completely without secrets – and this makes it more secure and easier to achieve compliance.”
Without the secrets that can be lost or stolen, Teleport customers have a degree of immunity to credential-based attacks.
Teleport’s certificates are not stored – they expire automatically. They are issued when the access is required, and disappear when the access is completed. They cannot be reused or shared between multiple users. They can also be tied to a specific machine so that remote access is only possible from an allowed device.
The system is entirely software and requires no additional infrastructure. The software is open source, and can be downloaded and examined (and used) by customers and potential customers without reference to Teleport. It is agnostic to the infrastructure – powerful enough for large data center servers, but small enough to fit into IoT devices and Raspberry Pi. It can be run inside a drone or self-driving vehicle.
It is the enterprise version that is sold by Teleport. This can be downloaded and deployed across the enterprise. “Or,” said Kontsevoy, “customers can take a cloud-hosted version, where we will host the access control plane for them. This speeds up deployment considerably.”
Kontsevoy believes that the growing complexity of modern cloud environments is causing the management of secure access to infrastructure to break, “as evidenced,” he said, “by the increased frequency and severity of breaches.” Teleport is designed for those organizations who believe the right way to scale access is consolidation across all protocols and environments. “Our platform, the open-source Teleport Access Plane,” he added, “addresses these challenges by giving every engineer, every piece of hardware and every application an identity. With identity-based access for everyone and everything, more security threats are neutralized, and the impact of breaches is dramatically reduced without impacting developer productivity.”
Teleport, headquartered in the San Francisco Bay Area, was founded in 2015 by Alexander Klizhentas (CTO), Ev Kontsevoy (CEO), and Taylor Wakefield (COO). It raised $30 million in a Series B round in August 2021.
Related: The Enduring Password Conundrum
Related: Identity-Based Access Provider Elisity Raises $26 Million
Related: Cyber Insights 2022: Identity
Related: Identity Protection Firm Obsidian Security Raises $20 Million