Stop and Contain attacks on the endpoint
Enforcing privilege security on both endpoints and critical servers is a fundamentally important part of any organization’s security program. Available as a Software-as-a-Service and on-premises server, CyberArk Endpoint Privilege Manager is a comprehensive solution that enables organizations to block and contain attacks on desktops, laptops and servers to reduce the risk of information being stolen or encrypted and held for ransom. Only CyberArk Endpoint Privilege Manager protects against advanced threats that exploit privileged credentials by interlocking privilege management, application control and targeted credential theft protection to stop and contain damaging attacks at the endpoint Unknown applications can run in a restricted mode to contain threats while maintaining productivity, and behavioral analysis identifies and blocks credential theft attempts. These critical prevention and protection technologies are deployed as a single agent to strengthen your existing endpoint security.
To address ongoing privilege account risk posed by evolving threat tactics, the CyberArk Application Risk Analysis Service extends Endpoint Privilege Manager capabilities through machine learning and cloud-based analytics to help stop attackers from gaining a foothold on endpoints. By detecting potentially malicious applications, timely, well-informed privilege and application control policy decisions can be made.
- Automated policy creation and OOTB policy templates generates privilege elevation and application control policies for business users based on trusted sources
- Privilege management for IT administrators limits which privileges, scripts and commands administrators may use on Windows machines based on role
- On-demand privilege elevation automatically provides users with the privileges necessary to run trusted applications and carry out authorized tasks
- Application control on endpoints and servers prevents known malicious applications from entering the environment and reaching critical servers
- Protect against the unknown applications thru integration to CyberArk Application Risk Analysis server that can aid in the identification of malicious applications including variants
- Integration with Check Point, FireEye and Palo Alto Networks solutions enable the automated analysis of unknown applications
- “Greylisting” enables unknown applications to safely run in restricted mode
- Credential Theft Protection helps organizations detect and block attempted theft of Windows credentials,those stored by popular web browsers and remote access IT applications
- Automated policy updates block malicious executables from propagating and running on all computers
- OS Support for all flavors of Windows from Windows XP thru Windows Server 2016 and Mac support for Yosemite 10.10, El Capitan 10.11 and Sierra 10.12
- Provide a critical layer of protection when an attack evades traditional perimeter and endpoint security controls
- Protection against 900,000+ malware attacks (including variants) and advanced attacks with comprehensive privilege security on the endpoint using out of the box policy control
- Leverage a unique combination of technologies to protect and contain attacks on the endpoint of entry
- Provides a hardening layer that strengthens Windows desktop, laptops and servers by stopping lateral movement and privilege escalation through stolen credentials (or hashes) and reducing potential damage to the business
- Provide ability for timely, well-informed privilege and application control policy decisions leveraging CyberArk Application Risk Analysis service.
- Prevent users from installing unsanctioned applications that cause workstation instability, resulting helpdesk calls and increased support costs
- Enable removal of local administrator rights without reduced user productivity and increased helpdesk calls
- Ease deployment and management with single-agent installation, automated policy creation and choice of delivery methods
- Through complete application visibility and control, bootstrap incident response and remediation when attacks take place.