CyberArk Privileged Threat Analytics Gains Industry Recognition for Detecting Malicious Privileged Account Behavior

October 16, 2014

KuppingerCole ‘Executive View’ Praises CyberArk’s Real-Time Analytics Capabilities for Reducing the Window of Opportunity for Attackers

Newton, Mass. – Oct. 16, 2014 CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, continues to gain industry recognition for delivering privileged account security intelligence that can help customers reduce the window of opportunity for attackers, according to a new report from leading analyst firm KuppingerCole. The firm “strongly recommends evaluating CyberArk Privileged Threat Analytics both in the context of existing CyberArk deployments and in the context of security operations center infrastructures.” To download a free copy of the report examining the recently released CyberArk Privileged Threat Analytics 2.0, please visit:

In the report, KuppingerCole recognizes that privileged accounts are the primary target for attackers, and that traditional perimeter security systems such as firewalls are no longer effective against targeted attacks. CyberArk Privileged Threat Analytics specializes in detecting and analyzing potentially malicious use of privileged accounts across systems and users, requiring fewer skills to operate than a traditional security information and event management (SIEM) solution. Real-time analytics on targeted data is a departure from the ‘boil the ocean’ approach of general security analytics tools and enables companies to quickly identify in-progress attacks and respond appropriately.

“Having a specialized offering for behavioral analytics that returns targeted data on privileged account usage provides visibility that other analytics approaches do not,” said Martin Kuppinger, founder and principle analyst, KuppingerCole. “CyberArk Privileged Threat Analytics is a well thought-out solution focused on solving a major deficiency among most security strategies: understanding anomalies in the use of privileged accounts and thus increasing the ability to quickly identify and respond to attacks.”

“Attackers steal and exploit privileged and administrative credentials and are able to navigate the IT network anonymously as insiders, often for months. Once an attacker gains this foothold, they conduct reconnaissance on network architecture, elevate privileges for further access and gain a better understanding of the security systems they need to avoid,” said John Worrall, chief marketing officer, CyberArk. “This level of insider access is critical for attackers to pinpoint targets inside the network and reach their operational goals without detection. Identifying this type of malicious privileged behavior is what has been missing from general security analytics tools.”

CyberArk Privileged Threat Analytics provides out-of-the-box integration of data feeds from leading SIEM systems such as HP ArcSight ESM and Splunk Enterprise. This enables customers to prioritize threats that involve privileged account usage amongst the wealth of data their SIEM collects. For example, if an attacker tries to access a server, firewall or other endpoint directly without going through the policy-mandated workflow, CyberArk Privileged Threat Analytics can identify and alert on this.

The report highlights ease-of-use, noting that CyberArk Privileged Threat Analytics “provides a simple, intuitive user interface and well thought-out dashboards.” KuppingerCole adds that CyberArk Privileged Threat Analytics could serve as an entry into a more advanced privileged account security solution by focusing first on the analysis of account behavior.

To obtain a free copy of the KuppingerCole Executive View, please visit: