Blog Posts

  • Make Memcpy Safe Again: CodeQL

    Make Memcpy Safe Again: CodeQL

    Last February, I went to #OffensiveCon20 and, as you might expect, it was awesome. The talks were great, but the real gem was the CodeQL workshop that was held the second day of the event....

    Read Article
  • CyberArk Extends Cloud Deployment Options, Improves Simplicity and Scalability with v11.6

    CyberArk Extends Cloud Deployment Options, Improves Simplicity and Scalability with v11.6

    “Change is the only constant in life” is a well-known adage first attributed to the Ancient Greek philosopher Heraclitus of Ephesus. While the world has evolved dramatically since Heraclitus’ day,...

    Read Article
  • Gartner Names CyberArk a Leader in the 2020 Magic Quadrant for PAM

    Download Now
  • Missed Impact Live? Watch all the content On-Demand now!

    GET STARTED
  • Using Kubelet Client to Attack the Kubernetes Cluster

    Using Kubelet Client to Attack the Kubernetes Cluster

    In this blog post, we are going to look at the Kubernetes agent, kubelet (see Figure 1), which is responsible for the creation of the containers inside the nodes and show how it can be...

    Read Article
  • Time to Re-examine Remote Access After VPN Password Leak

    Time to Re-examine Remote Access After VPN Password Leak

    Just days ago, a list of plaintext usernames, passwords and IP addresses for more than 900 Pulse Secure VPN servers was published online along with SSH keys for each server, a list of all local...

    Read Article
  • The Gartner 2020 Magic Quadrant for PAM is Here!

    The Gartner 2020 Magic Quadrant for PAM is Here!

    Today, we announced that CyberArk has been named a Leader in the Gartner 2020 Magic Quadrant for Privileged Access Management.1 CyberArk was positioned both highest in ability to execute and...

    Read Article
  • Making Azure Cloud Environments Even More Secure with CyberArk

    Making Azure Cloud Environments Even More Secure with CyberArk

    A recent survey of technology executives at large firms showed that Microsoft Azure continues to be the most popular provider of public cloud services, even as Amazon leads the market overall in...

    Read Article
  • Masking Malicious Memory Artifacts – Part III: Bypassing Defensive Scanners

    Masking Malicious Memory Artifacts – Part III: Bypassing Defensive Scanners

    Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

    Read Article
  • Source Code Leak Lesson: Secure Development Environments

    Source Code Leak Lesson: Secure Development Environments

    Once again we are seeing how vulnerable and easily development environments can be exploited with the recent news of a massive trove of leaked code from 50+ enterprises across multiple industries,...

    Read Article
  • 7 Best Practices for Securely Enabling Remote Work

    7 Best Practices for Securely Enabling Remote Work

    At Impact Live 2020 we spent a lot of time discussing strategies for maintaining a strong cybersecurity posture in the age of remote work. Today’s users need flexibility to do their jobs...

    Read Article
  • DIY: Hunting Azure Shadow Admins Like Never Before

    DIY: Hunting Azure Shadow Admins Like Never Before

    TL;DR Cloud technologies are ubiquitous and most organizations rely on cloud vendors to provide them with critical services and computing workloads. This ecosystem makes organizations deeply...

    Read Article
  • The Blurring Line Between Privileged and Non-Privileged Users

    The Blurring Line Between Privileged and Non-Privileged Users

    “Identity truly  is the new perimeter” was one of the big topics  at Impact Live. This is because  organizations are dealing with a new set of operational and security challenges related to...

    Read Article
  • What Twitter Attack Says on Human Nature, Social Engineering

    What Twitter Attack Says on Human Nature, Social Engineering

    Last week, Twitter suffered a breach that led to the compromise of numerous high-profile accounts, including those of Barak Obama, Joe Biden, Jeff Bezos and Elon Musk. I took the opportunity to...

    Read Article
  • Gartner Names CyberArk a Leader in the 2020 Magic Quadrant for PAM

    Download Now
  • Missed Impact Live? Watch all the content On-Demand now!

    GET STARTED
  • A Look Back at the Impact Live 2020: Our Largest Impact Yet

    A Look Back at the Impact Live 2020: Our Largest Impact Yet

    As our CyberArk team wraps up a banner week of Impact Live – the world’s largest gathering of privileged access management (PAM) and identity and access management (IAM) professionals – we’re...

    Read Article
  • Security for the Modern OT Environment

    Security for the Modern OT Environment

    Operational Technology (OT) – the hardware and software that’s used to monitor, detect and control changes to devices, processors and events of industrial equipment are popular targets for cyber...

    Read Article
  • Masking Malicious Memory Artifacts – Part II: Insights from Moneta

    Masking Malicious Memory Artifacts – Part II: Insights from Moneta

    Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

    Read Article
  • Are You Ready for Impact Live?  7 Reasons to Register Today

    Are You Ready for Impact Live?  7 Reasons to Register Today

    On July 21 and 22, CyberArk will host Impact Live, a virtual version of CyberArk Impact – the premier event for privileged access management (PAM) and identity and access management (IAM)...

    Read Article
  • Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing

    Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing

    Introduction With fileless malware becoming a ubiquitous feature of most modern Red Teams, knowledge in the domain of memory stealth and detection is becoming an increasingly valuable skill to add...

    Read Article
  • The Egregious 11: Examining the Top Cloud Computing Threats

    The Egregious 11: Examining the Top Cloud Computing Threats

    Each year, the Cloud Security Alliance (CSA) releases its “Top Threats to Cloud Computing” study to raise awareness of key risks and vulnerabilities in the cloud and promote strong security...

    Read Article
  • Cyber Attacks in the Pandemic Era: More of the Same  

    Cyber Attacks in the Pandemic Era: More of the Same  

    Since COVID-19 began to spread rapidly across the globe, we’ve seen near-constant headlines of cyber attacks hitting organizations in the midst of chaos. An elite group of cyber criminals launched...

    Read Article
  • How Security Islands Prevent Effective Secrets Management

    How Security Islands Prevent Effective Secrets Management

    The past few years have been an exciting time for the tech industry. The DevOps revolution has led to increased adoption of Kubernetes. Modern software development toolkits enable developers to...

    Read Article
  • loading
    Loading More...