White Paper

Addressing the NIST SP 800-171 CUI requirements with CyberArk

This paper provides federal contractors with guidance on protecting Controlled Unclassified Information (CUI) and addresses the NIST 800-171 requirements related to privileged account security.

White Paper

Protecting the Grid: Addressing NERC CIP Requirements for Securing Privileged Accounts

The NERC CIP standards were introduced to protect the electric utilities generation and transmission systems of the electric grid. The standards contain cyber, physical and organizational measures that must be implemented by the electric utilities in order to protect the …

White Paper

CyberArk Labs: Ransomware

Ransomware is a type of malware designed to infect machines, encrypt files and hold the needed decryption key for ransom until the victim submits the required payment. In 2015, this attack method was used to successfully extort over $400 million …

White Paper

Guide to Industrial Control Systems (ICS) Security

Download this whitepaper to learn more about how CyberArk can help meet the unique security requirements of Industrial Control Systems.

White Paper

Maintain Control of Your Business: Protect your Domain Controllers from Kerberos Attacks

In many cases, advanced attackers are focused on achieving domain administrator privileges because of the unrestricted access and control these credentials have in the IT landscape. With proactive protection and threat detection, organizations can effectively thwart attackers’ attempts to steal …

White Paper

The Hidden Risks of Commercial Off-the-Shelf (COTS) Applications Using Privileged Credentials

As organizations are increasingly aware of the risks posed by privileged credentials, it is important they recognize and focus on privileged credentials used by COTS applications. These credentials are attractive targets for attackers because they often remain unchanged and they …

White Paper

How CyberArk can help mitigate security vulnerabilities in Industrial Control Systems

For decades, Industrial Control Systems (ICS) were not connected to other systems or the Internet. They were physically separated from other networks within industrial organizations, a practice known as “air gapping”. The critical nature of industrial operations required ICS manufacturers …

White Paper

Know the Path of an Attacker and Block it with Privileged Account Security

Organizations are struggling to stop advanced attacks from both external attackers and malicious internal users. These attackers follow a pattern of gaining access to accounts (i.e., local business user accounts) and using those to gain access to additional assets, accumulating …

White Paper

CyberArk Privileged Account Security for Amazon Web Services (AWS)

Managing and securing privileged accounts in Amazon Web Services (AWS) including administrative accounts on virtual machines and management consoles as well as APIs is a critical component of a comprehensive Privileged Account Security strategy. Download this white paper to learn …

White Paper

The Balancing Act: The CISO View on Improving Privileged Access Controls

Cyber-attacks have reached a level of sophistication that allows attackers to potentially evade existing security controls and access privileged credentials. To mitigate the risks, many organizations now proactively shore up privileged access controls. There is much to learn from these …

White Paper

CyberArk Labs: Analyzing Real-World Exposure to Windows Credential Theft Attacks

This paper documents research conducted by CyberArk Labs to investigate real-world exposure to successful credential theft attacks against privileged accounts in Microsoft Windows networks composed of Windows servers and workstations. The research demonstrated that nearly every organization is at significant …

White Paper

To sudo or not to sudo? That is the question

Organizations looking to enforce least privilege policies often begin by asking the question “to sudo or not to sudo?” Download this solution brief to weigh the benefits and drawbacks of sudo and to help you make more informed decisions about …

White Paper

Addressing the Monetary Authority of Singapore (MAS) Technology Risk Management (TRM) Guidelines with CyberArk Solutions

Protecting privileged access is an essential part of addressing the MAS TRM guidelines. With the evolving threat landscape and growing complexities and reliance on IT systems in the financial sector, financial institutions must implement controls to secure their IT environment – not …

White Paper

Privileged Account Security in U.S. Federal Agencies

In April of 2014, the U.S. Department of Homeland Security published an RFI for Phase 2 of the Continuous Diagnostics and Mitigation (CDM) program focusing on Least Privilege and Infrastructure Integrity. CyberArk solutions address multiple requirements in Phase 2 of …

White Paper

Implementing ISO/IEC 27002 Security Controls with the CyberArk Solution

Many organizations globally use the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27002 standard as part of their information security program. The standard calls on organizations to pay particular attention to privileged user accounts, given their …

White Paper

Threat Report: Privileged Account Exploits Shift the Front Lines of Security

Cyber Threat Investigators Uncover Privileged Account Vulnerabilities in Most Serious Security Breaches CyberArk’s threat report provides an expert’s vantage point into targeted cyber attacks by tapping into the experiences of seasoned threat investigators at five firms renowned for detecting, analyzing …

White Paper

Discover the Keys to Securing SSH

SSH keys provide users and applications with privileged access to critical systems, but all too often these privileged credentials are left unsecured and unmanaged, leaving a gaping hole in any privileged account security strategy. To effectively protect the heart of …

White Paper

Securing Privileges in the Cloud

A Clear View of Challenges, Solutions and Business Benefits Cloud environments are widely adopted because of the powerful, flexible infrastructure and efficient use of resources they provide to organizations of all sizes. Whether organizations are using private, public or hybrid cloud …

White Paper

Securing Privileged Accounts: Meeting the Payment Card Industry (PCI) Data Security Standard (DSS) 3.2 with CyberArk Solutions

Any organization involved in payment card processing is well-aware of their obligations to protect cardholder data in compliance with the Payment Card Industry Data Security Standard (PCI DSS). All entities that store, process or transmit cardholder data and/or sensitive authentication …

White Paper

Isolation, Control and Monitoring in Next Generation Jump Servers

Jump servers have emerged in recent years as a security best practice to create a separation between networks with different security requirements. Creating separation is strongly recommended to minimize the risk of a potential attacker accessing critical systems, but does …

White Paper

Addressing the Australian Signals Directorate (ASD) Top 35 Mitigation Strategies

In February 2014, the Australian Signals Directorate (ASD) updated its list of thirty five mitigation strategies designed to help organisations reduce the risk of unauthorised access and minimise the exposure of sensitive information in case of a breach. The directorate …

White Paper

CyberArk’s Solutions for Virtualization Security

CyberArk is pioneering the Virtualization Security market with innovative solutions for managing and securing privileged access to the Hypervisor, isolating, controlling and recording privileged sessions on these machines. As the virtual environment grows at a fast pace, organizations are starting …

White Paper

Protecting Financial Information: Sarbanes-Oxley

Undoubtedly, The Public Company Accounting Reform and Investor Protection Act of 2002, also known as Sarbanes- Oxley Act (SOA), is having a major impact on corporate culture and various operational aspects of companies subject to SOA. SOA legislates a far …

White Paper

Websense Data Security Suite and CyberArk Inter-Business Vault®

The joint solution provides the following benefits for managing sensitive data throughout its lifecycle: Sensitive Data Discovery Highly Secure Sensitive Data Repository Data Leak Prevention for Data in Motion and Data in Use Conduct secure communications with business partners, customers …