White Paper

The Hidden Risks of Commercial Off-the-Shelf (COTS) Applications Using Privileged Credentials

As organizations are increasingly aware of the risks posed by privileged credentials, it is important they recognize and focus on privileged credentials used by COTS applications. These credentials are attractive targets for attackers because they often remain unchanged and they …

White Paper

How CyberArk can help mitigate security vulnerabilities in Industrial Control Systems

For decades, Industrial Control Systems (ICS) were not connected to other systems or the Internet. They were physically separated from other networks within industrial organizations, a practice known as “air gapping”. The critical nature of industrial operations required ICS manufacturers …

White Paper

Know the Path of an Attacker and Block it with Privileged Account Security

Organizations are struggling to stop advanced attacks from both external attackers and malicious internal users. These attackers follow a pattern of gaining access to accounts (i.e., local business user accounts) and using those to gain access to additional assets, accumulating …

White Paper

IDC Market Spotlight: Minimizing Cybersecurity Risk with Vigilant SSH Key Management

This IDC Market Spotlight: Minimizing Cybersecurity Risk with Vigilant SSH Key Management highlights the challenges and risks associated with a lax approach to SSH key management and offers guidance on how organizations can mitigate this risk and improve their security …

White Paper

CyberArk Privileged Account Security for Amazon Web Services (AWS)

Managing and securing privileged accounts in Amazon Web Services (AWS) including administrative accounts on virtual machines and management consoles as well as APIs is a critical component of a comprehensive Privileged Account Security strategy. Download this white paper to learn …

White Paper

The KuppingerCole Leadership Compass: Privilege Management 2015

The KuppingerCole Leadership Compass: Privilege Management 2015 report provides an overview of the market to help organizations make intelligent vendor choices to proactively protect against privileged account compromise. The independent analyst firm reviewed 12 vendor solutions; as a result of …

White Paper

The Balancing Act: The CISO View on Improving Privileged Access Controls

Cyber-attacks have reached a level of sophistication that allows attackers to potentially evade existing security controls and access privileged credentials. To mitigate the risks, many organizations now proactively shore up privileged access controls. There is much to learn from these …

White Paper

CyberArk Labs: Analyzing Real-World Exposure to Windows Credential Theft Attacks

This paper documents research conducted by CyberArk Labs to investigate real-world exposure to successful credential theft attacks against privileged accounts in Microsoft Windows networks composed of Windows servers and workstations. The research demonstrated that nearly every organization is at significant …

White Paper

NIST 800-82 Revision 2: Guide to Industrial Control Systems (ICS) Security

In 2006 the National Institute of Standards and Technology (NIST) published Special Publication (SP) 800-82, Guide to Industrial Control Systems (ICS) Security. This standard provides an overview of ICS typical system topologies, identifies common threats and vulnerabilities to these systems, and …

White Paper

Maintain Control of Your Business: Protect your Domain Controllers from Kerberos Attacks

In many cases, advanced attackers are focused on achieving domain administrator privileges because of the unrestricted access and control these credentials have in the IT landscape. With proactive protection and threat detection, organizations can effectively thwart attackers’ attempts to steal …

White Paper

IDC MarketScape: Worldwide Privileged Access Management 2014 Vendor Assessment

This IDC MarketScape: Worldwide Privileged Access Management 2014 Vendor Assessment (doc #253303, December 2014) assesses ten vendors offering products in the privileged access management (PAM) market and notes that, “CyberArk is the PAM pure-play ‘big gorilla’ with the most revenue …

White Paper

To sudo or not to sudo? That is the question

Organizations looking to enforce least privilege policies often begin by asking the question “to sudo or not to sudo?” Download this solution brief to weigh the benefits and drawbacks of sudo and to help you make more informed decisions about …

White Paper

Nucleus Research Guidebook: CyberArk Privileged Account Security Solution

Nucleus Research has released a Return On Investment (ROI) study identifying the CyberArk Privileged Account Security Solution as critical for protecting against advanced threats that exploit privileged accounts. The report goes further, and illustrates that customers can achieve complete payback …

White Paper

Addressing the Monetary Authority of Singapore (MAS) Technology Risk Management (TRM) Guidelines with CyberArk Solutions

Protecting privileged access is an essential part of addressing the MAS TRM guidelines. With the evolving threat landscape and growing complexities and reliance on IT systems in the financial sector, financial institutions must implement controls to secure their IT environment – not …

White Paper

Privileged Account Security in U.S. Federal Agencies

In April of 2014, the U.S. Department of Homeland Security published an RFI for Phase 2 of the Continuous Diagnostics and Mitigation (CDM) program focusing on Least Privilege and Infrastructure Integrity. CyberArk solutions address multiple requirements in Phase 2 of …

White Paper

Implementing ISO/IEC 27002 Security Controls with the CyberArk Solution

Many organizations globally use the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27002 standard as part of their information security program. The standard calls on organizations to pay particular attention to privileged user accounts, given their …

White Paper

Threat Report: Privileged Account Exploits Shift the Front Lines of Security

Cyber Threat Investigators Uncover Privileged Account Vulnerabilities in Most Serious Security Breaches CyberArk’s threat report provides an expert’s vantage point into targeted cyber attacks by tapping into the experiences of seasoned threat investigators at five firms renowned for detecting, analyzing …

White Paper

Discover the Keys to Securing SSH

SSH keys provide users and applications with privileged access to critical systems, but all too often these privileged credentials are left unsecured and unmanaged, leaving a gaping hole in any privileged account security strategy. To effectively protect the heart of …

White Paper

Securing Privileges in the Cloud

A Clear View of Challenges, Solutions and Business Benefits Cloud environments are widely adopted because of the powerful, flexible infrastructure and efficient use of resources they provide to organizations of all sizes. Whether organizations are using private, public or hybrid cloud …

White Paper

KuppingerCole: CyberArk Privileged Threat Analytics

This executive view provides an overview of CyberArk’s Privileged Threat Analytics offering. CyberArk, a leading vendor in the PxM market, has released a major update to their behavioral analytics solution that specifically focuses on analyzing abnormal and potentially malicious use of privileged accounts. …

White Paper

Securing Privileged Accounts: Meeting the Payment Card Industry (PCI) Data Security Standard (DSS) 3.0 with CyberArk Solutions

Any organization involved in payment card processing is well-aware of their obligations to protect cardholder data in compliance with the Payment Card Industry Data Security Standard (PCI DSS). All entities that store, process or transmit cardholder data and/or sensitive authentication …

White Paper

Isolation, Control and Monitoring in Next Generation Jump Servers

Jump servers have emerged in recent years as a security best practice to create a separation between networks with different security requirements. Creating separation is strongly recommended to minimize the risk of a potential attacker accessing critical systems, but does …

White Paper

Addressing the Australian Signals Directorate (ASD) Top 35 Mitigation Strategies

In February 2014, the Australian Signals Directorate (ASD) updated its list of thirty five mitigation strategies designed to help organisations reduce the risk of unauthorised access and minimise the exposure of sensitive information in case of a breach. The directorate …

White Paper

CyberArk’s Solutions for Virtualization Security

CyberArk is pioneering the Virtualization Security market with innovative solutions for managing and securing privileged access to the Hypervisor, isolating, controlling and recording privileged sessions on these machines. As the virtual environment grows at a fast pace, organizations are starting …