These changes build on Tailscale's Zero Trust foundation by improving what you can see, and prove, after granting access.

Tailscale is a platform providing secure networking solutions for teams and businesses. Readers can learn about VPN technology, network security, and remote access solutions. With articles, tutorials, and case studies, Tailscale offers  insights and expertise for implementing secure networking infrastructure and protecting sensitive data.

Tailscale

Tailscale's Winter Update introduces three new auditing and visibility capabilities: Kubernetes API Proxy Audit Logging (beta) that records individual API requests as structured logs, enriched network flow logs that include user and device identity alongside IP data, and identity-enriched SSH login logs on Linux that integrate with native auditing frameworks like auditd and journald. Together, these features extend Tailscale's zero-trust networking model to cover post-access governance, enabling teams to answer forensic questions about who did what and when—without deploying additional infrastructure or tooling.

Updates to Kubernetes audit logging, network flow logs, and SSH records

From “Can they connect?” to “What actually happened?”

Clear, queryable records of Kubernetes access

Marrying system logs with Tailscale identity

A simpler way to govern privileged access