Blog Posts

  • Identity security at inception: A CISO’s guide to proactive protection

    Identity security at inception: A CISO’s guide to proactive protection

    Modern enterprises are facing an identity explosion. Fueled by cloud adoption, DevOps acceleration, and now agentic AI, the number of human and machine identities is growing faster than most...

    Read Blog
  • Rise of the privileged access guardian: An admin’s origin story

    Rise of the privileged access guardian: An admin’s origin story

    Alex was the kind of IT administrator who kept everything humming smoothly behind the scenes at QuantumAxis Corp. Servers, user accounts, random requests at 4:55 PM on Fridays—he put out the fires...

    Read Blog
  • Scattered Spider Unmasked: How an identity-focused APT is redefining cyber threats

    Scattered Spider Unmasked: How an identity-focused APT is redefining cyber threats

    Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the...

    Read Blog
  • The quantum-AI collision: What CISOs must do now to stay ahead

    The quantum-AI collision: What CISOs must do now to stay ahead

    Technology is moving at the speed of light, and two forces—quantum computing and AI agents—are poised to shake up cybersecurity. We’re not talking about some far-off future; this is happening now....

    Read Blog
  • C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption

    C4 Bomb: Blowing Up Chrome’s AppBound Cookie Encryption

    In July 2024, Google introduced a new feature to better protect cookies in Chrome: AppBound Cookie Encryption. This new feature was able to disrupt the world of infostealers, forcing the malware...

    Read Blog
  • How agentic AI could transform enterprise workflows: Insights from MIT GenAI Lab

    How agentic AI could transform enterprise workflows: Insights from MIT GenAI Lab

    The line between human and machine is blurring—and it’s not a question of whether machines can do more, but how far we’re willing to let them go. The frontier lies in tackling the chaos and...

    Read Blog
  • Machine identity mayhem: The volume, variety, velocity challenge

    Machine identity mayhem: The volume, variety, velocity challenge

    Machine identities—like the API keys, certificates, and access tokens that secure machine-to-machine connections—are swarming businesses. Yet, many teams still reach for manual tools while their...

    Read Blog
  • Now on AWS Marketplace: CyberArk Enterprise Support for cert-manager

    Now on AWS Marketplace: CyberArk Enterprise Support for cert-manager

    Running Kubernetes on Amazon EKS? You’re likely already using cert-manager—the open source standard for TLS and mTLS certificate automation in Kubernetes clusters. Today, we’re excited to announce...

    Read Blog
  • Post-quantum cryptography (PQC): how to build resilience while padlocks still work

    Post-quantum cryptography (PQC): how to build resilience while padlocks still work

    This blog is the second part of a two-part series on post-quantum cryptography (PQC). In Part 1, we explored how the Harvest Now, Decrypt Later (HNDL) strategy has moved from crypto-conspiracy...

    Read Blog
  • Is your AI safe? Threat analysis of MCP (Model Context Protocol)

    Is your AI safe? Threat analysis of MCP (Model Context Protocol)

    Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a...

    Read Blog
  • This message will self-decrypt in 5 years: why post-quantum prep starts now

    This message will self-decrypt in 5 years: why post-quantum prep starts now

    This blog is the first part of a two-part series on post-quantum cryptography (PQC). In this piece, we explore why quantum threats are no longer theoretical. In Part 2, we’ll cover practical steps...

    Read Blog
  • The future of identity governance: fast, secure, and scalable

    The future of identity governance: fast, secure, and scalable

    If the mere mention of identity governance and administration (IGA) stresses you out, you’re in good company. Managing digital identities and access privileges is a significant challenge that only...

    Read Blog
  • Unified Security: Bridging the Gaps with a Defense-in-Depth Approach

    Unified Security: Bridging the Gaps with a Defense-in-Depth Approach

    The identity is the main attack vector for cybercriminals, with cybercriminals using stolen identity to infiltrate the organization, move laterally and vertically throughout the organization, and...

    Read Blog
  • CIO POV: Closing the trust gap in SaaS security

    CIO POV: Closing the trust gap in SaaS security

    “The modern ‘software as a service’ (SaaS) delivery model is quietly enabling cyber attackers and—as its adoption grows—is creating a substantial vulnerability that is weakening the global...

    Read Blog
  • Poison everywhere: No output from your MCP server is safe

    Poison everywhere: No output from your MCP server is safe

    The Model Context Protocol (MCP) is an open standard and open-source project from Anthropic that makes it quick and easy for developers to add real-world functionality — like sending emails or...

    Read Blog
  • TLS action lead time is closing: 5 practical steps to prepare for 47-day TLS certificates

    TLS action lead time is closing: 5 practical steps to prepare for 47-day TLS certificates

    Have you ever been on a tight deadline, and suddenly, your organization’s core services go dark because a TLS certificate expired without warning? It’s a nightmare scenario no team wants to face....

    Read Blog
  • Federal IT Modernization: Balancing Efficiency with Advanced Cybersecurity

    Federal IT Modernization: Balancing Efficiency with Advanced Cybersecurity

    As 2025 unfolds, U.S. federal agencies are navigating significant operational shifts that are impacting their overarching cybersecurity strategies. Government security leaders have always...

    Read Blog
  • Securing Red Hat OpenShift Virtualization with CyberArk: Identity Security for VMs and Containers

    Securing Red Hat OpenShift Virtualization with CyberArk: Identity Security for VMs and Containers

    As organizations modernize IT infrastructure, many are adopting platforms like OpenShift Virtualization to run both traditional virtual machines (VMs) and containerized workloads on a single,...

    Read Blog
  • How Poor User Experience (UX) Can Undermine Your Enterprise Security

    How Poor User Experience (UX) Can Undermine Your Enterprise Security

    For years, cybersecurity has been chasing a future where passwords no longer exist. And yet, here we are in 2025—still resetting them, reusing them and getting breached because of them. The...

    Read Blog
  • Precision in Machine Identity: Securing the NHIs That Matter

    Precision in Machine Identity: Securing the NHIs That Matter

    Imagine walking into your next board meeting and saying, “We need to secure all the non-humans.” You can probably picture the reactions: furrowed brows, confused glances—not exactly a solid...

    Read Blog
  • loading
    Loading More...