Blog Posts

  • How external attackers and malicious insiders exploit standing privileges in the cloud

    How external attackers and malicious insiders exploit standing privileges in the cloud

    For many of us, the term “cloud security breach” conjures meticulous attack plans executed by sophisticated criminal syndicates. But in reality, “attacks” can be far more mundane: maybe some...

    Read Blog
  • Rethinking secondary accounts: How zero standing privileges (ZSP) reshape identity security

    Rethinking secondary accounts: How zero standing privileges (ZSP) reshape identity security

    For years, separating day-to-day user activity from administrative tasks through secondary accounts was considered a security best practice. But as identity threats grow more sophisticated and...

    Read Blog
  • Bridging runtime visibility and secrets management in Kubernetes with Sweet Security and CyberArk

    Bridging runtime visibility and secrets management in Kubernetes with Sweet Security and CyberArk

    Secrets management is a foundational pillar of cloud security. It enables secure storage, rotation, and access control for application secrets. But in Kubernetes environments, secrets don’t just...

    Read Blog
  • CIO POV: What am I actually supposed to do with agentic AI?

    CIO POV: What am I actually supposed to do with agentic AI?

    For every enterprise CISO in the world right now, the burning question isn’t about cloud, TPRM, or internal threats. It’s about how to securely and responsibly adopt AI—specifically, agentic AI,...

    Read Blog
  • CyberArk empowers Australia’s cyber resilience with IRAP assessment completion at the protected level

    CyberArk empowers Australia’s cyber resilience with IRAP assessment completion at the protected level

    As ransomware strains hospital operations and supply‑chain attacks target energy grids, Australia’s public and regulated sectors need proven cyber resilience. At the heart of most breaches lie...

    Read Blog
  • ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    ‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems

    Understanding the ‘Plague’ Pluggable Authentication Module (PAM*) backdoor in Linux systems ‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional...

    Read Blog
  • The life and death of an AI agent: Identity security lessons from the human experience

    The life and death of an AI agent: Identity security lessons from the human experience

    AI agents are on the rise. They can spin up, act independently, use tools, and make decisions—often without real-time human oversight. They promise incredible productivity but also introduce new...

    Read Blog
  • CyberArk Secure Cloud Access achieves CSA STAR Level 1 certification

    CyberArk Secure Cloud Access achieves CSA STAR Level 1 certification

    When you hand over the keys to your cloud, you’d better know who’s holding them—and for how long. In a world where speed is everything and complexity is the norm, organizations need more than...

    Read Blog
  • Container security at scale: Strengthening software supply chains

    Container security at scale: Strengthening software supply chains

    Modern applications have undergone a paradigm shift, with containers becoming the default choice for deployment. While their flexibility and scalability are well-recognized, their adoption has...

    Read Blog
  • CyberArk earns Wiz partner award for advancing cloud identity innovation

    CyberArk earns Wiz partner award for advancing cloud identity innovation

    Cloud complexity is growing. So are the risks—and the opportunities. As organizations scale their infrastructure across hybrid environments to innovate quickly, security strategies must evolve...

    Read Blog
  • Illusion of control: Why securing AI agents challenges traditional cybersecurity models

    Illusion of control: Why securing AI agents challenges traditional cybersecurity models

    Enterprise security teams commonly focus on controlling AI agent conversations through prompt filters and testing edge cases to prevent unauthorized information access. While these measures...

    Read Blog
  • Responding to ToolShell: A Microsoft SharePoint zero-day vulnerability

    Responding to ToolShell: A Microsoft SharePoint zero-day vulnerability

    What is the ToolShell exploit? A newly discovered exploit, “ToolShell,” is fueling a wave of targeted attacks against on-premises Microsoft SharePoint servers. The zero-day exploit chains two...

    Read Blog
  • Modern application control, done right with least privilege

    Modern application control, done right with least privilege

    When attackers gain access to a single endpoint—like a developer’s workstation or an HR system—it’s often game over. With some skill and patience, that foothold can escalate into full-blown...

    Read Blog
  • Developers fly the plane: AI guardrails for secure cloud innovation

    Developers fly the plane: AI guardrails for secure cloud innovation

    Developers now chart courses through environments as dynamic and unpredictable as open skies, plotting efficient courses through shifting clouds of technology to reach ambitious goals....

    Read Blog
  • How the 16 billion password leak impacts your security strategy

    How the 16 billion password leak impacts your security strategy

    The June 2025 disclosure that over 16 billion passwords were leaked  has raised significant concerns in the digital community. Reports suggest that many of these credentials are recycled from...

    Read Blog
  • Addressing recent vulnerabilities and our commitment to security

    Addressing recent vulnerabilities and our commitment to security

    At CyberArk, the trust and security of our customers are at the heart of everything we do. Today, July 15th, we are addressing the publication of several Common Vulnerabilities and Exposures...

    Read Blog
  • Identity security at inception: A CISO’s guide to proactive protection

    Identity security at inception: A CISO’s guide to proactive protection

    Modern enterprises are facing an identity explosion. Fueled by cloud adoption, DevOps acceleration, and now agentic AI, the number of human and machine identities is growing faster than most...

    Read Blog
  • Rise of the privileged access guardian: An admin’s origin story

    Rise of the privileged access guardian: An admin’s origin story

    Alex was the kind of IT administrator who kept everything humming smoothly behind the scenes at QuantumAxis Corp. Servers, user accounts, random requests at 4:55 PM on Fridays—he put out the fires...

    Read Blog
  • Scattered Spider Unmasked: How an identity-focused APT is redefining cyber threats

    Scattered Spider Unmasked: How an identity-focused APT is redefining cyber threats

    Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the...

    Read Blog
  • The quantum-AI collision: What CISOs must do now to stay ahead

    The quantum-AI collision: What CISOs must do now to stay ahead

    Technology is moving at the speed of light, and two forces—quantum computing and AI agents—are poised to shake up cybersecurity. We’re not talking about some far-off future; this is happening now....

    Read Blog
  • loading
    Loading More...