The CyberArk Blog

  • When AI agents become admins: Rethinking privileged access in the age of AI

    When AI agents become admins: Rethinking privileged access in the age of AI

    From resetting passwords and approving workflows to pulling HR data and orchestrating cloud infrastructure, AI agents now perform tasks that previously required a human with privileged access. AI...

    Read Blog

  • CyberArk Named a Leader in the 2024 Gartner® Magic Quadrant™ for Privileged Access Management – again.

    View the Report
  • The invisible threat: Machine identity sprawl and expired certificates

    The invisible threat: Machine identity sprawl and expired certificates

    One unmanaged machine identity—whether a TLS certificate, SSH key, code signing certificate, or API secret—that’s all it takes to crash your website, halt transactions, and leave customers...

    Read Blog
  • Sandworm in the supply chain: Lessons from the Shai-Hulud npm attack on developer and machine identities

    Sandworm in the supply chain: Lessons from the Shai-Hulud npm attack on developer and machine identities

    Do you know why Shai-Hulud should raise your hackles? Unless you’ve spent time on Arrakis in Frank Herbert’s Dune or the npm ecosystem this month, the name Shai-Hulud might not ring a bell. In...

    Read Blog
  • Persuasion engineering: how to influence humans, LLMs, and AI agents

    Persuasion engineering: how to influence humans, LLMs, and AI agents

    We’ve spent decades treating persuasion like an art—something you could master if you had charisma, practice, or luck. Lawyers use it to hone arguments. Marketers use it to craft taglines. On the...

    Read Blog
  • A practical guide to AI-ready machine identity governance in finance

    A practical guide to AI-ready machine identity governance in finance

    Across financial services operations, machine identities play critical roles, but in many organizations, these cryptographic keys, API tokens, certificates, and service accounts remain chronically...

    Read Blog
  • The AI revolution in financial cybersecurity

    The AI revolution in financial cybersecurity

    Financial cybersecurity has never been a static discipline. Over two decades in this industry, I’ve seen it transform from a compliance checkbox to a cornerstone of business resilience—usually...

    Read Blog
  • Is autofill safe? Clickjacking risks and security tradeoffs explained

    Is autofill safe? Clickjacking risks and security tradeoffs explained

    When new security research hits the headlines, it often sparks a predictable wave of worry: should we turn off features we rely on? Should we rethink basic workflows? That’s exactly the case with...

    Read Blog
  • User Access Reviews and Compliance: The Auditor’s Perspective

    User Access Reviews and Compliance: The Auditor’s Perspective

    This blog was originally published by Zilla Security, now a CyberArk Company and may reference legacy product names that are now part of the CyberArk IGA portfolio. Protecting company assets and...

    Read Blog
  • Effective User Access Reviews

    Effective User Access Reviews

    This blog was originally published by Zilla Security, now a CyberArk Company and may reference legacy product names that are now part of the CyberArk IGA portfolio. You want to get the most out of...

    Read Blog
  • Why secret sprawl may be your biggest security threat (and how to help fix it)

    Why secret sprawl may be your biggest security threat (and how to help fix it)

    Picture this: You’re having your morning coffee when your phone buzzes with the kind of alert that makes security professionals break into a cold sweat. A single API key, leaked on GitHub months...

    Read Blog
  • Salesloft Drift incident overview and CyberArk’s response

    Salesloft Drift incident overview and CyberArk’s response

    It was recently reported that Salesloft’s Drift application was breached, allowing unauthorized access to its customers’ Salesforce data and affecting hundreds of organizations, including...

    Read Blog
  • Securing cloud console and CLI access for agile software development

    Securing cloud console and CLI access for agile software development

    Fast-moving cloud environments demand speed, but without the right access controls they invite risk. Resources such as virtual machines, containers, and services are created, modified, and...

    Read Blog
  • Automating Certificate Management to Minimize Your TLS Security Risk

    Automating Certificate Management to Minimize Your TLS Security Risk

    As the world’s top organizations prepare for the future, you can bet that certificate lifespans will continue to shorten. Factors such as the pace of continuous development and rapidly evolving...

    Read Blog
  • Declutter your crypto: Machine identity security for a post-quantum world

    Declutter your crypto: Machine identity security for a post-quantum world

    In a bad dream, you open the closet. You think you know exactly what’s in there: a few SSH keys, a bunch of TLS certificates, and some secrets like API keys locked in what you...

    Read Blog
  • A CISO’s guide to post-quantum readiness: How to build crypto agility now

    A CISO’s guide to post-quantum readiness: How to build crypto agility now

    The quantum threat isn’t theoretical—it’s operational. Quantum computing is rapidly shifting from research to reality, forcing chief information security officers (CISOs) to rethink cryptography,...

    Read Blog
  • How external attackers and malicious insiders exploit standing privileges in the cloud

    How external attackers and malicious insiders exploit standing privileges in the cloud

    For many of us, the term “cloud security breach” conjures meticulous attack plans executed by sophisticated criminal syndicates. But in reality, “attacks” can be far more mundane: maybe some...

    Read Blog
  • Rethinking secondary accounts: How zero standing privileges (ZSP) reshape identity security

    Rethinking secondary accounts: How zero standing privileges (ZSP) reshape identity security

    For years, separating day-to-day user activity from administrative tasks through secondary accounts was considered a security best practice. But as identity threats grow more sophisticated and...

    Read Blog
  • CIO POV: What am I actually supposed to do with agentic AI?

    CIO POV: What am I actually supposed to do with agentic AI?

    For every enterprise CISO in the world right now, the burning question isn’t about cloud, TPRM, or internal threats. It’s about how to securely and responsibly adopt AI—specifically, agentic AI,...

    Read Blog
  • ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    Understanding the ‘Plague’ Pluggable Authentication Module (PAM*) backdoor in Linux systems ‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional...

    Read Blog
  • The life and death of an AI agent: Identity security lessons from the human experience

    The life and death of an AI agent: Identity security lessons from the human experience

    AI agents are on the rise. They can spin up, act independently, use tools, and make decisions—often without real-time human oversight. They promise incredible productivity but also introduce new...

    Read Blog
  • loading
    Loading More...
Load More