Blog Posts
-
How external attackers and malicious insiders exploit standing privileges in the cloud
For many of us, the term “cloud security breach” conjures meticulous attack plans executed by sophisticated criminal syndicates. But in reality, “attacks” can be far more mundane: maybe some...
-
Rethinking secondary accounts: How zero standing privileges (ZSP) reshape identity security
For years, separating day-to-day user activity from administrative tasks through secondary accounts was considered a security best practice. But as identity threats grow more sophisticated and...
-
Bridging runtime visibility and secrets management in Kubernetes with Sweet Security and CyberArk
Secrets management is a foundational pillar of cloud security. It enables secure storage, rotation, and access control for application secrets. But in Kubernetes environments, secrets don’t just...
-
CIO POV: What am I actually supposed to do with agentic AI?
For every enterprise CISO in the world right now, the burning question isn’t about cloud, TPRM, or internal threats. It’s about how to securely and responsibly adopt AI—specifically, agentic AI,...
-
CyberArk empowers Australia’s cyber resilience with IRAP assessment completion at the protected level
As ransomware strains hospital operations and supply‑chain attacks target energy grids, Australia’s public and regulated sectors need proven cyber resilience. At the heart of most breaches lie...
-
‘Plague’ malware exploits Pluggable Authentication Module to breach Linux systems
Understanding the ‘Plague’ Pluggable Authentication Module (PAM*) backdoor in Linux systems ‘Plague’ represents a newly identified Linux backdoor that has quietly evaded detection by traditional...
-
The life and death of an AI agent: Identity security lessons from the human experience
AI agents are on the rise. They can spin up, act independently, use tools, and make decisions—often without real-time human oversight. They promise incredible productivity but also introduce new...
-
CyberArk Secure Cloud Access achieves CSA STAR Level 1 certification
When you hand over the keys to your cloud, you’d better know who’s holding them—and for how long. In a world where speed is everything and complexity is the norm, organizations need more than...
-
Container security at scale: Strengthening software supply chains
Modern applications have undergone a paradigm shift, with containers becoming the default choice for deployment. While their flexibility and scalability are well-recognized, their adoption has...
-
CyberArk earns Wiz partner award for advancing cloud identity innovation
Cloud complexity is growing. So are the risks—and the opportunities. As organizations scale their infrastructure across hybrid environments to innovate quickly, security strategies must evolve...
-
Illusion of control: Why securing AI agents challenges traditional cybersecurity models
Enterprise security teams commonly focus on controlling AI agent conversations through prompt filters and testing edge cases to prevent unauthorized information access. While these measures...
-
Responding to ToolShell: A Microsoft SharePoint zero-day vulnerability
What is the ToolShell exploit? A newly discovered exploit, “ToolShell,” is fueling a wave of targeted attacks against on-premises Microsoft SharePoint servers. The zero-day exploit chains two...
-
Modern application control, done right with least privilege
When attackers gain access to a single endpoint—like a developer’s workstation or an HR system—it’s often game over. With some skill and patience, that foothold can escalate into full-blown...
-
Developers fly the plane: AI guardrails for secure cloud innovation
Developers now chart courses through environments as dynamic and unpredictable as open skies, plotting efficient courses through shifting clouds of technology to reach ambitious goals....
-
How the 16 billion password leak impacts your security strategy
The June 2025 disclosure that over 16 billion passwords were leaked has raised significant concerns in the digital community. Reports suggest that many of these credentials are recycled from...
-
Addressing recent vulnerabilities and our commitment to security
At CyberArk, the trust and security of our customers are at the heart of everything we do. Today, July 15th, we are addressing the publication of several Common Vulnerabilities and Exposures...
-
Identity security at inception: A CISO’s guide to proactive protection
Modern enterprises are facing an identity explosion. Fueled by cloud adoption, DevOps acceleration, and now agentic AI, the number of human and machine identities is growing faster than most...
-
Rise of the privileged access guardian: An admin’s origin story
Alex was the kind of IT administrator who kept everything humming smoothly behind the scenes at QuantumAxis Corp. Servers, user accounts, random requests at 4:55 PM on Fridays—he put out the fires...
-
Scattered Spider Unmasked: How an identity-focused APT is redefining cyber threats
Scattered Spider has emerged as one of the most disruptive advanced persistent threats in recent years, breaching major organizations across telecom, gaming, transportation, and retail. In the...
-
The quantum-AI collision: What CISOs must do now to stay ahead
Technology is moving at the speed of light, and two forces—quantum computing and AI agents—are poised to shake up cybersecurity. We’re not talking about some far-off future; this is happening now....
-
Loading More...