The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
I use Teleport to replace the normal authentication mechanism as part of a zero-trust architecture. It is particularly useful because, in a remote environment, I cannot trust any devices. I can share access remotely with anyone via a browser for more secure tracking of data.
Teleport has replaced earlier methods like a bastion server or a jump server, which required connecting to physical servers. It integrates well with single sign-on (SSO) and Ansible Playbooks, allowing me to manage inventories easily.
Teleport provides a straightforward setup process with a single command line, making it easier to manage the onboarding and offboarding of team members.
I cannot download or share session recordings directly with others, which would be useful for documentation or reviews.
Additionally, while the backend worker can be upgraded, there is a limitation with scaling, as it supports only a single node even in Kubernetes.
I have been using Teleport for two years.
Initially, there were stability issues when integrating with single sign-on and storing sessions. After resolving them, Teleport has been stable.
Teleport supports only a single node in the Kubernetes environment, which limits its scalability. It is straightforward for single standalone components, however, the UI component cannot be upgraded directly.
Previously, I used a jump server and accessed systems with an SSH key and a normal VM login.
I switched to Teleport since colleagues and friends recommended it, highlighting its enterprise-level capabilities.
The initial setup was straightforward due to my expertise in Linux, particularly Red Hat and Ubuntu operating systems. I found the setup to be very easy.
With Teleport, my time spent on onboarding and offboarding has reduced significantly. I no longer need to manually manage access, which saves time and effort.
Another option I considered was HashiCorp's Boundary, however, it had a complex setup that was difficult for beginners. Teleport's straightforward setup was more appealing.
I rate Teleport nine out of ten.
Security-wise, it is very secure and easy to use for remote access. I recommend it for its straightforward setup and strong security features.
We had other solutions that we used. One solution was that we did not have something exactly similar to what Element is doing. For example, we were using Bitsight, Evelin, and also Tenable Cloud Security. However, those products are different. Element was exactly the product we needed to cover close to real-time external surface monitoring. We also used Microsoft Defender for Endpoint, but the Defender product requires substantial manual labor. We were interested in having a tool that would not require too much manual labor and would be more proactive.
The Element team is easy to discuss with. They created modules for integrations, such as with DNS. They collect records automatically and add assets to the platform, which is very useful because we do not have to check each day for new records or remove old ones. Their integration with Azure and AWS makes it great for us. It streamlines the process and gives us assurance that all new assets will be automatically added to the platform.
I am not entirely sure about monitoring cloud applications as I have not used it extensively for that purpose. That is why we implemented Element and have other tools, as we are not using it exactly for that scope.
Element is precisely what we needed for close to real-time external surface monitoring. The automatic integration capabilities, particularly with DNS, Azure, and AWS, are extremely valuable. The platform automatically collects records and adds assets, eliminating the need for daily manual checking and updating.
The streamlined process ensures that all new assets are automatically added to the platform, reducing manual labor and making the system more proactive. The ease of communication with the Element team and their responsiveness to integration needs has been particularly beneficial.
Making the system smarter would be beneficial. Adding modules for integration with AWS and Azure would be helpful. Adding capabilities for the scanner to automatically pick up changes and add assets automatically would be valuable.
When discussing a big company, it is mandatory to have tools that will assist us rather than waiting for manual input to add hosts. Adding assets manually is prone to mistakes. Humans might forget to add an asset or make errors when adding multiple assets.
Taking the human element out of the context and making it more streamlined is the future for security. The human should be involved where expertise is needed, such as analysis and decision-making. Currently, with resource constraints, we need tools to collect and aggregate data, eliminate false positives as much as possible, and present relevant information to employees for action.
I first tested the product in November last year, and we implemented it starting in February.
I would rate it as 10 for experience. As with any other solution in the market, they may have small bugs or false positives. However, whenever I encountered an issue, I sent an email to them and they managed to fix it. They investigated and provided full details for further investigation. In situations where there was a platform issue, they fixed it immediately and provided a complete explanation for the occurrence.
Working with Element is straightforward and efficient. For comparison, while working with Bitsight is not difficult, it takes considerably longer. Bitsight is a larger company, and while they will provide the answers needed, the process is more time-consuming. With Bitsight, requesting integrations or new features involves submission and approval processes with uncertain timelines.
With Element, if you need a feature, you can discuss it with them, and if implementation is possible, you will have that feature within a month or two, depending on complexity. Simple integrations, such as DNS integration, can be completed in approximately a week.
Positive
Tenable Cloud Security is a mature and trustworthy product. I have been using it since it was available on laptops approximately 10 years ago or more. I initially used it for penetration testing, though currently I perform more manual penetration testing and use the scanner primarily to validate subnets or findings.
I started with Nessus installed on my computer, then moved to server deployment, and finally to Tenable Cloud Security. We still maintain Tenable Cloud Security but have reduced the number of licenses. We now use it occasionally to validate specific items rather than monitoring the entire surface, for which we use Element.
Tenable Cloud Security offers various features including discovery, web scanning, and primarily vulnerability scanning. It increases awareness of system vulnerabilities. In today's environment, information comes from multiple sources including Defender, Nessus, and various other tools within an organization. Using multiple tools is necessary to cover as much of the attack surface as possible, both internal and external.
My review rating for the solution is 10 out of 10.
