CyberArk Enables Immediate Termination of Suspicious Database Activity with Enhanced Privileged Session Management Solution

February 22, 2012

NEWTON, Mass. – February 22, 2012 – At the upcoming RSA® Conference 2012 (booth #2153), Cyber-Ark® Software, a leading global information security provider for protecting and managing privileged accounts and sessions, critical applications and sensitive information, will announce powerful real-time session monitoring capabilities that enable immediate termination of suspicious activity. With the recent release of its Privileged Session Management Suite (version 7), Cyber-Ark is unveiling enhanced capabilities to better isolate, control and monitor activity to protect databases, virtual environments, network devices and servers from insider threats and external cyber attacks.

Making the case for more granular, centralized session monitoring controls, the recent Trustwave® 2012 Global Security Report found that the top three methods for propagating an intrusion in 2011 were: use of weak administrative credentials (80 percent); default hidden administrative shares (15 percent) and remote access solution credential caching (5 percent). According to Cyber-Ark, a Privileged Session Management solution is the key to ensuring secure access to sensitive systems while not exposing the privileged credentials to the remote vendor.

“When enabling connections to sensitive systems, whether locally or remotely for third-parties, it’s critical to ensure that the connection is secured and user credentials are never exposed to the end user, nor do they reach the user’s workstation. The Cyber-Ark Privileged Session Management Suite protects the target server, isolates the session connection and provides a central control point for role-based access and session management,” said Roy Adar, vice president of product management, Cyber-Ark Software. “With our new real-time and granular command level monitoring, organizations gain better security protection by being able to identify suspicious sessions in real-time or search a recording at the command level and view it from that point in time for quicker and more efficient forensic analysis and compliance support.”

Advanced Forensics, Real-Time Monitoring and Auditor Proof
With an easy-to-deploy, zero footprint approach, Cyber-Ark’s Privileged Session Management Suite provides the ability to protect against cyber attacks as well as isolate sensitive assets to prevent a malware-infected desktop from infecting sensitive target machines. It delivers continuous monitoring and compliance with detailed activity reports across all target systems, databases and virtual servers. Additional enhancements focus on the following key areas:

  • Web-Based Application Access and Monitoring: Using Privileged Single Sign-On capabilities, administrators can connect to sensitive web applications as well as manage access credentials and monitor and record privileged sessions, extending an organization’s ability to secure and control activity on enterprise web applications.
  • Command Level Advanced Forensics and Audit Proof: Users can record any activity that occurs in a privileged database session creating a highly compressed and searchable DVR recording. All recordings are stored in the tamper-proof Digital Vault Server and can be accessible for audits and reporting. With advanced forensic capabilities via command level search of SQL/SSH events in privileged sessions, administrators benefit from intuitive, icon-driven “Click to Play” capabilities, enabling point-in-time insight into specific events including privileged access to sensitive database tables.
  • Quicker Root-Cause Analysis: Through the ability to easily search, locate and alert on sensitive events, root-cause analysis can quickly be assessed, minimizing potential damage due to a security breach or human error. Moreover, DVR recordings help users gain a complete picture of what happened in a session, in a user friendly manner, versus filtering through an exhaustive and many times partial list of logs.

The Privileged Session Management Suite can also be integrated with Session Information and Event Management (SIEM) tools for real-time alerting including those from HP ArcSight, LogLogic, McAfee NitroSecurity®, Q1Labs® (an IBM company) and RSA® enVision. This benefits organizations from a security management perspective because administrators or auditors can receive an alert, immediately log into the session in question, monitor activity and even terminate if necessary. Additional value for auditors is driven by Cyber-Ark’s forensic capabilities and full session DVR-like playback, which can be used to prove that appropriate controls around privileged access and accountability are in place to support compliance requirements associated with NIST 800-53, PCI DSS, SOX, HIPAA, Basel II and more.

Additional Suite Details and Availability
Available now, the Privileged Session Management Suite version 7 includes Privileged Session Manager® for Servers, Privileged Session Manager® for Databases and Privileged Session Manager® for Virtualization. Visit booth #2153 at RSA Conference 2012 for more information and live demo. Cyber-Ark recently announced availability of its complementary Privileged Identity Management Suite (version 7), featuring extended auto-discovery capabilities for proactively detecting privileged accounts within virtualized environments. For more information, please contact [email protected] or call 1-888-808-9005 or +1 (617) 965-1544.