With a monumental number of miles clocked while running around the RSA Conference floor and streets of San Francisco, I’m about to crash from a runner’s high. The week was jam-packed with conversations with customers, partners, peers and pioneers.
Although I didn’t get to attend all of the keynotes, the Cryptography Panel and “Five Most Dangerous Attacks” from the SANS Institute team were truly outstanding. Panelist Adi Shamir’s comment, “Velocity is a vector, but are we moving forward or backward?” was insightful and thought provoking, especially as companies aim to balance rapid innovation with security.
The “Five Most Dangerous Attacks” discussion gave an eye-opening view on how attacks are evolving. Ed Skoudis shared how attackers have advanced their techniques to stealthily gain insights by correlating data from multiple innocuous data sources. Johannes Ohullrich shared insights on a crypto-mining attack against an organization’s PeopleSoft infrastructure that netted $30K per month for the attackers—providing a greater ROI than traditional ransomware attacks would deliver. James Lynn shared that ICS attacks, once solely directed against DCS and SIS systems, now focus is on actual sensors themselves. This was especially sobering when you consider that most ICS attacks are not financially motivated.
It was certainly hard to juggle attending the keynotes and sessions with all of the great activity at the CyberArk booth. The conversations there were fast and furious and provided a wealth of insights on how prospects, customers and partners are tackling the privileged access security problem.
Introducing the CyberArk Marketplace
We kicked off the week by unveiling the CyberArk Marketplace, the industry’s broadest and deepest portfolio of integrations with a privileged access security solution. The Marketplace is a reflection of our philosophy that effective security must be a team game. Featuring a growing library of integrations with partners including Okta, SailPoint, ForeScout, Tenable and more, customers have the ability to secure privileged access across their entire technology stack—from security and IT operations to cloud, DevOps and Robotic Process Automation software. We held live demonstrations of the Marketplace throughout the week at our RSA booth, receiving positive feedback on available resources and collaborative ways to grow the platform. Take a tour if you haven’t already, and let us know what you think on Twitter!
Security Is a Team Game
Decked out in his CyberArk team jersey, our EVP of Global Business Development Adam Bosnian sat down with ForeScout Chief Strategy Officer Pedro Abreu to discuss this “team game” approach to security. I’ll share some highlights—you can watch the full interview here.
- “Silver bullets don’t tend to work in security.” There is no one solution that solves today’s—let alone tomorrow’s—security challenges. We have a responsibility to work better together against our common enemy, the attacker.
- “Know what you own.” After a breach, far too many organizations point to vulnerabilities or assets they never even knew existed as the culprits. The way to address this is through constant discovery of your environment. Attackers are innovative, so you have to account for every single thing connected to your network—from databases to fish tank thermometers. From there, it’s important to automate processes and integrate tools to enable seamless orchestration across your security fabric. This will help to accelerate time to response—whether that be ForeScout taking suspicious devices off the network, CyberArk shutting down the privileged pathway, or another security tool taking action.
- “Data is the “oil” of the new economy, and machine learning is the new “combustion engine.” AI depends on rich, contextual data. Together, ForeScout and CyberArk are providing this critical threat intelligence and insight into organizations’ network security posture and the areas that are most vulnerable to attack.
Secure Privilege. Stop Attacks.
Another resounding theme at this year’s show was the integral role privileged access plays in security in the digital transformation era. To illustrate these dangers, CyberArk Labs team researchers Lavi Lazarovitz and Asaf Hecht presented an RSA talk, “Sneak Your Way to Cloud Persistence—Shadow Admins Are Here to Stay,” on new, stealthy ways to maintain persistence in public cloud platforms. Using cloud shadow admins in AWS as an example, the presentation revealed how changing just one line of IAM policy can devastate an entire environment. The team also introduced an open source scanning tool to help blue and red teams mitigate these new threats. You can check out their presentation slides and this ThreatPost article for more details.
As enterprises automate IT infrastructure and institute DevOps methodologies to accelerate innovation, processes and technologies must be put in place to secure both machine and human identities. In her RSA talk, “Rise of the Machines: DevOps and the Role of Secrets Management,” CyberArk Vice President, DevOps Security, Elizabeth Lawler shared ways to apply traditional privileged access management concepts to nonhuman network entities (processes, microservices, containers) to automate IT without compromising security or velocity. Get the details in her presentation slides and check out the CyberArk Conjur open source tool.
That’s a Wrap
As we continue to innovate and deliver industry-leading security solutions to market to help organizations better protect against advanced threats, we were honored with two prestigious industry awards during this year’s conference: Winner of Cyber Defense Magazine’s InfoSec Award for “Next Gen Privileged Account Security” and winner of the Info Security Products Guide Global Excellence Award for “Privileged Access Management.” We appreciate this recognition, and we will not rest on our laurels. Attackers never sleep, after all.
It was great to pause—to unite as an industry, with a shared goal of stopping attacks and protecting precious assets of people and businesses. But, there’s much to be done and it’s time to get back to work. Until next year, RSA Conference!