Secure Unix environments with a complete and integrated solution

In Unix environments, administrative privileges tend to be an all or nothing trade off. With a need for privileged users to maintain critical systems but little control over how privileged access rights are used, organizations are often forced to grant default permanent, continuous and anonymous super-user privileges to users who may or may not be trusted.

To mitigate the inherent risks of privileged Unix accounts and reduce the likelihood of a data breach, organizations must proactively protect accounts, secure all privileged credentials including passwords and SSH keys employed by users and applications, limit administrative privileges to only those necessary, and track all user activity during privileged sessions.

For organizations with security, audit and compliance concerns in their Unix environments, CyberArk offers an end-to-end privileged account security solution including:

  • Complete discovery of all Unix privileged accounts and SSH keys
  • Secure storage, automated rotation of and access controls to privileged passwords and SSH keys
  • Replacement of static passwords and locally stored SSH keys used in applications and scripts with dynamic, securely stored credentials
  • Least privilege policy enforcement with granular access controls to allow privileged super-user commands only when needed for business purposes
  • Real-time monitoring and recording of privileged sessions to strengthen security while preserving the native command line experience that Unix users prefer
  • Audit and reporting capabilities that provide individual accountability to the use of shared administrative accounts
  • Active Directory bridge capabilities for integrated authentication, provisioning, and reporting
  • Behavioral analytics of Unix privileged account activity with real-time detection of anomalous activity

This unique set of privileged Unix security capabilities are all delivered on a single, integrated platform designed to secure all privileged accounts including in Unix, Windows, and hybrid and public cloud environments.  By incorporating Unix systems and accounts into a broader privileged account security strategy, organizations can gain a number of benefits, including:

Key benefits

  • Locate all privileged Unix accounts and credentials to understand where vulnerabilities exist and set a plan to programmatically manage and secure the environment
  • Reduce the risk of unauthorized access with proactive protection of Unix credentials including passwords and SSH keys on a single platform
  • Prevent authorized users from mistakenly or maliciously executing damaging commands by limiting the scope of privileges to what is required
  • Streamline auditing processes with detailed audit logs and centralized reporting of Unix/Linux privileged activity
  • Improve efficiency of Unix account administration by connecting Unix accounts to AD for integrated authentication and provisioning
  • Reduce total cost of ownership with a unified, policy-driven solution for shared-account/software-account password management (SAPM) and super-user privilege management (SUPM) in UNIX/Linux environments, eliminating the need for two separate products
  • Reduce an attacker’s window of opportunity on critical Unix systems with real-time detection and alerting of anomalous privileged account activity
  • Implement, expand and manage a complete privileged account security solution with a common infrastructure, the CyberArk Shared Technology Platform