Blog / BastionZero Stories

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get all the Info Bastion updates to your inbox!

You're on the list!
Oops! Something went wrong while submitting the form.

Meet OpenPubkey: The Future of Key Management on the Web

Single Sign-On (SSO) has become one of the most common ways for users to access applications and infrastructure. While there is a standard authentication protocol for SSO called OpenID Connect (OIDC), it’s missing a crucial security feature: the ability to bind public keys to identities. That’s why we created OpenPubkey — an open source project that enhances SSO security by introducing a cryptographic object known as a PK Token that binds public keys to identities. In this post, we’ll introduce OpenPubkey and share a few of its early use cases from Docker and BastionZero.

Read More

It’s Not Just You. Secure Database Credential Management Is Overwhelming — And Here’s How to Fix It.

Making sure databases are secure is a non-negotiable part of a security team’s job. To make that happen, companies need zero trust failsafes to ensure only the right users get into the right databases. Unfortunately, while security teams build these systems with the best intentions, the systems themselves often become so complicated and have so many nested login requirements that they become liabilities of their own.

Read More

Using a Business VPN is an Act of Trust in a World Where You Can’t Trust Anyone

When your goal is to protect your customers' data and your application infrastructure, paranoia abounds. If everyone and everything you know is vulnerable to being compromised, who do you trust? No one. Especially not your business VPN, which has experienced a major fall from grace.

Read More