Blog Posts

The June 2025 disclosure that over 16 billion passwords were leaked  has raised significant concerns in the digital community. Reports suggest that many of these credentials are recycled from...

At CyberArk, the trust and security of our customers are at the heart of everything we do. Today, July 15th, we are addressing the publication of several Common Vulnerabilities and Exposures...

Modern enterprises are facing an identity explosion. Fueled by cloud adoption, DevOps acceleration, and now agentic AI, the number of human and machine identities is growing faster than most...

Alex was the kind of IT administrator who kept everything humming smoothly behind the scenes at QuantumAxis Corp. Servers, user accounts, random requests at 4:55 PM on Fridays—he put out the fires...

Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the...

Technology is moving at the speed of light, and two forces—quantum computing and AI agents—are poised to shake up cybersecurity. We’re not talking about some far-off future; this is happening now....

In July 2024, Google introduced a new feature to better protect cookies in Chrome: AppBound Cookie Encryption. This new feature was able to disrupt the world of infostealers, forcing the malware...

The line between human and machine is blurring—and it’s not a question of whether machines can do more, but how far we’re willing to let them go. The frontier lies in tackling the chaos and...

Machine identities—like the API keys, certificates, and access tokens that secure machine-to-machine connections—are swarming businesses. Yet, many teams still reach for manual tools while their...

Running Kubernetes on Amazon EKS? You’re likely already using cert-manager—the open source standard for TLS and mTLS certificate automation in Kubernetes clusters. Today, we’re excited to announce...

This blog is the second part of a two-part series on post-quantum cryptography (PQC). In Part 1, we explored how the Harvest Now, Decrypt Later (HNDL) strategy has moved from crypto-conspiracy...

Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a...

This blog is the first part of a two-part series on post-quantum cryptography (PQC). In this piece, we explore why quantum threats are no longer theoretical. In Part 2, we’ll cover practical steps...

If the mere mention of identity governance and administration (IGA) stresses you out, you’re in good company. Managing digital identities and access privileges is a significant challenge that only...

The identity is the main attack vector for cybercriminals, with cybercriminals using stolen identity to infiltrate the organization, move laterally and vertically throughout the organization, and...

“The modern ‘software as a service’ (SaaS) delivery model is quietly enabling cyber attackers and—as its adoption grows—is creating a substantial vulnerability that is weakening the global...

The Model Context Protocol (MCP) is an open standard and open-source project from Anthropic that makes it quick and easy for developers to add real-world functionality — like sending emails or...

Have you ever been on a tight deadline, and suddenly, your organization’s core services go dark because a TLS certificate expired without warning? It’s a nightmare scenario no team wants to face....

As 2025 unfolds, U.S. federal agencies are navigating significant operational shifts that are impacting their overarching cybersecurity strategies. Government security leaders have always...