Blog Posts

  • Virtual Cloak: Virtualization as Malware

    Virtual Cloak: Virtualization as Malware

    Virtualization is a double-edged sword The glorious rise of the cloud in recent years could be attributed to the gradual advancement of many different technologies, both hardware and software...

    Read Article
  • Opportunistic vs. Targeted Ransomware Attacks

    Opportunistic vs. Targeted Ransomware Attacks

    The critical infrastructure systems we rely on to deliver water, electricity, fuel and other essential services are under siege. Increasingly, ransomware is becoming cyber criminals’ attack method...

    Read Article
  • Gartner Names CyberArk a Leader in the 2020 Magic Quadrant for PAM

    Download Now
  • Video: What Nightclub Security Reveals About Privileged Access Management

    Video: What Nightclub Security Reveals About Privileged Access Management

    Let’s face it – we’re collectively ready for a night on the town. And while nightclubs may not be everyone’s bag, we predict they’re going to be bustling soon, with both regulars eager to again...

    Read Article
  • Put Your Best Foot Forward: Secure MFA Starts with the First Step

    Put Your Best Foot Forward: Secure MFA Starts with the First Step

    When attempting to implement a Zero Trust security model, that first step is the most important… but maybe not for the reasons you think. We don’t mean this in a symbolic sense – it’s not...

    Read Article
  • Can You Stop a Cyberborg Attack? Get Inside a Biohacker’s Mind at RSA 2021

    Can You Stop a Cyberborg Attack? Get Inside a Biohacker’s Mind at RSA 2021

    With a consuming curiosity, obsession with lock picking – both physical and abstract – and sharp technical mind, Len Noe has been breaking and building things nearly all of his life. Hacking, as...

    Read Article
  • Breaking Down the Codecov Attack: Finding a Malicious Needle in a Code Haystack

    Breaking Down the Codecov Attack: Finding a Malicious Needle in a Code Haystack

    Earlier this month, San Francisco-based technology company Codecov discovered that attackers had compromised its software platform — used by more than 29,000 customers worldwide to test software...

    Read Article
  • Codecov Breach Learning: Engage Developers to Protect the DevOps Pipeline

    Codecov Breach Learning: Engage Developers to Protect the DevOps Pipeline

    Regardless of what industry you’re in, software is a driving force behind digital innovation. But what happens when the software your organization builds and uses to innovate isn’t secure? It’s a...

    Read Article
  • Between a Rock and a Hard Place: The IT Help Desk Manager’s Password Dilemma

    Between a Rock and a Hard Place: The IT Help Desk Manager’s Password Dilemma

    Long-time Saturday Night Live fans will likely remember Nick Burns – a.k.a. “your company’s computer guy” – a popular recurring character played by Jimmy Fallon in the early 2000s. Sporting a...

    Read Article
  • Cloud Identity and Access Management Alphabet Soup: A Definitive Guide

    Cloud Identity and Access Management Alphabet Soup: A Definitive Guide

    Successful digital transformation depends on the security of your cloud environment. Modern organizations recognize the importance of securing identities in the zero-perimeter, Zero Trust world of...

    Read Article
  • It’s Identity Management Day: 16 Stats from the New Cybersecurity Battleground

    It’s Identity Management Day: 16 Stats from the New Cybersecurity Battleground

    Today is Identity Management Day – a U.S. awareness initiative presented by the National Cybersecurity Alliance and the Identity Defined Security Alliance (IDSA). In the midst of a dramatic...

    Read Article
  • 6 Simple Remote Work Security Mistakes and How to Avoid Them

    6 Simple Remote Work Security Mistakes and How to Avoid Them

    Since the COVID-19 outbreak there have been countless headlines and viral social media posts exposing some of the worst remote security faux pas, ranging from the financially devastating to the...

    Read Article
  • Kubesploit: A New Offensive Tool for Testing Containerized Environments

    Kubesploit: A New Offensive Tool for Testing Containerized Environments

    In this blog post, we will introduce a new open-source tool we developed, named Kubesploit, for testing Kubernetes environments. This is a full framework, dedicated to Kubernetes, to assist...

    Read Article
  • Gartner Names CyberArk a Leader in the 2020 Magic Quadrant for PAM

    Download Now
  • Hard-Coded Credentials: The Not-So-Secret Secret Putting Your Cloud at Risk

    Hard-Coded Credentials: The Not-So-Secret Secret Putting Your Cloud at Risk

    If you’ve never celebrated the Epiphany (or Mardi Gras in Louisiana), you have likely missed out on the tradition of the King Cake. It’s a coffee cake-type pastry with a small figurine baked...

    Read Article
  • Applications Are Everything and Everywhere – Does Whack-a-Mole Security Work?

    Applications Are Everything and Everywhere – Does Whack-a-Mole Security Work?

    The SolarWinds digital supply chain attack began by compromising the “heart” of the CI/CD pipeline and successfully changing application code. It highlighted the major challenges organizations...

    Read Article
  • Revelations About Securing Hybrid Cloud Environments Post-SolarWinds

    Revelations About Securing Hybrid Cloud Environments Post-SolarWinds

    In the early 1960s, J.C.R. Licklider, director of the Pentagon’s Information Processing Techniques Office (IPTO), spoke of a future “intergalactic computer network” that would serve as the “main...

    Read Article
  • New CISO View Insights on Zero Trust

    New CISO View Insights on Zero Trust

    Credential theft is on the rise, yet attackers are shifting their collective focus to non-traditional user populations that may not be adequately protected. That’s according to the “The CISO View...

    Read Article
  • CISA and NSA: The Times, They Are A-Changin.’ Identity is Everything Now

    CISA and NSA: The Times, They Are A-Changin.’ Identity is Everything Now

    The recent SolarWinds Senate hearing and a flurry of subsequent briefings have unearthed new questions around the attack, which acting director of the U.S. Cybersecurity and Infrastructure Agency...

    Read Article
  • Different IoT Breach, Same (In)Security Story, Broader Consequences

    Different IoT Breach, Same (In)Security Story, Broader Consequences

    “I always feel like somebody’s watching me… Tell me is it just a dream?” It may have been a dream in 1984 when “Somebody’s Watching Me” topped the charts, but today it’s real life: somebody...

    Read Article
  • The Mysterious Realm of JavaScriptCore

    The Mysterious Realm of JavaScriptCore

    TL;DR JavaScriptCore (JSC) is the JavaScript engine used by Safari, Mail, App Store and many other apps in MacOs. The JSC engine is responsible for executing every line of JavaScript (JS) that...

    Read Article
  • Four Trends Shaping the Future of Access Management

    Four Trends Shaping the Future of Access Management

    From a remote employee using a personal device for work, to a marketing consultant logging into a shared social media account, to a customer authenticating to use a SaaS app, someone is accessing...

    Read Article
  • loading
    Loading More...