Proactively protect SSH keys used to access privileged accounts and administer critical systems

SSH keys are a commonly used means of authentication within enterprise IT environments. However, due to a lack of centralized visibility and control, many organizations overlook these valuable credentials when building a privileged account security strategy.  Much like passwords, SSH keys are used to protect access to privileged user accounts and verify trust in automated application to application communications. As such, organizations should proactively secure, manage and monitor the use of privileged SSH keys, just as they manage privileged passwords today.

CyberArk Privileged Account Security enables organizations to implement a comprehensive SSH key security solution that includes the discovery of SSH keys across the IT environment, proactive protection of private SSH keys, SSH key management and rotation, and monitoring of SSH session activity to detect threats already on the inside. With CyberArk Privileged Account Security solutions, organizations are able to secure SSH keys and passwords from a single common infrastructure that can be administered behind a single pane of glass.

Key Benefits:

  • Discover all SSH key pairs, trust relationships and orphan keys in order to programmatically manage and secure the environment
  • Reduce the risk of unauthorized access to critical systems by proactively securing, rotating and controlling access to privileged SSH keys
  • Protect data residing in business systems by eliminating locally stored private SSH keys used to authenticate applications
  • Gain operational efficiencies and reduce the burden on IT by automating SSH key management processes, including key pair rotation, public key distribution and private key storage processes
  • Rapidly detect suspicious privileged user activity by monitoring SSH sessions in real-time
  • Enable security teams to remotely terminate suspicious SSH sessions to stop attacks underway
  • Accelerate incident response times with indexed and searchable SSH session audit logs and DVR-like session recordings
  • Streamline privileged account security management by protecting and monitoring all privileged credentials, including both passwords and SSH keys, from a single platform with centralized policy creation and enforcement and reporting