Contain attacks on the endpoint

CyberArk Viewfinity with enhanced protection is now CyberArk Endpoint Privilege Manager

Enforcing privilege security on the endpoint is a fundamental part of your security program. However, this can impact user and helpdesk productivity. CyberArk Endpoint Privilege Manager helps remove this barrier and allows organizations to block and contain attacks at the endpoint, reducing the risk of information being stolen or encrypted and held for ransom.

A powerful combination of privilege management and application control reduces the risk of malware infection. Unknown applications can run in a restricted mode to contain threats while maintaining productivity, and behavioral analysis identifies and blocks credential theft attempts. These critical prevention and protection technologies are deployed as a single agent to strengthen your existing endpoint security.

  1. Features
  2. Benefits
  • Automated policy creation generates privilege elevation and application control policies for business users based on trusted sources
  • Privilege management for IT administrators limits which privileges, scripts and commands administrators may use on Windows machines based on role
  • On-demand privilege elevation automatically provides users with the privileges necessary to run trusted applications and carry out authorized tasks
  • Application control prevents known malicious applications from entering the environment
  • Integration with Check Point, FireEye and Palo Alto Networks solutions enable the automated analysis of unknown applications
  • “Greylisting” enables unknown applications to safely run in restricted mode
  • Behavioral analysis helps organizations detect and block attempted theft of Windows credentials and those stored by popular web browsers
  • Threat detection capabilities can the original source and all instances of malicious applications in the environment
  • Automated policy updates block malicious executables from propagating and running on all computers
  • Deployment options include Microsoft Group Policy (GPO), on-premises server and Software-as-a-Service
  • Provide an additional critical layer of protection when an attack evades traditional perimeter and endpoint security controls
  • Protect against malware and non-malware based attacks with comprehensive security on the endpoint
  • Leverage a unique combination of technologies to protect against, block and contain attacks on the endpoint, reducing potential damage to the business
  • Strengthen the prevention, protection and detection capabilities of existing endpoint security solutions
  • Prevent users from installing unsanctioned applications that cause workstation instability, resulting helpdesk calls and increased support costs
  • Enable removal of local administrator rights without reduced user productivity and increased helpdesk calls
  • Ease deployment and management with single-agent installation, automated policy creation and choice of delivery methods
  • Contain the spread of attacks across the network, reducing remediation time and effort