Blog Posts
-
The MGM Resorts Attack: Initial Analysis
The recent cyberattack on MGM Resorts International has raised serious concerns about the security of sensitive data and the vulnerabilities organizations face in today’s digital landscape. In...
-
Securing Workforce Access with Greater Visibility, Integration and Automation
Over six in 10 security decision-makers say their teams operate with limited visibility across their environments. Why? We could easily speculate that it comes down to the tools they do or don’t...
-
Cloud Identity Security Success: 3 Critical Factors
Today, more than ever, security is all about identity. Especially in the cloud, the central management and proliferation of cloud services means that with the proper identity and permissions, one...
-
Is Open Source Software Dead?
How Cloud and SaaS are Actively Disrupting Open Source Open source software (OSS) has driven technological growth for decades due to its collaborative nature and ability to share information...
-
CyberArk Named a Leader in the Gartner® Magic Quadrant™ for PAM for the Fifth Time
Today, I’m honored to share that CyberArk has been named a Leader in the “2023 Gartner® Magic Quadrant™ for Privileged Access Management.”1 This is the fifth time our company has been positioned...
-
Securing Endpoints By Applying ‘Passive Income’ Concepts
Investing in cybersecurity is a lot like working hard to save for retirement. Your budget’s already tight, but you must secure the future. You’re faced with endless headlines and market updates...
-
5 Ways CISOs Can Prepare for SEC Cybersecurity Compliance
The U.S. Securities and Exchange Commission (SEC) recently announced a ruling aimed at enhancing public companies’ cybersecurity risk management, strategy, governance and incident disclosure. To...
-
3 Types of Privileged Accounts to Secure in a Transforming Enterprise
For security teams managing their enterprises’ privileged access management (PAM) programs, times have changed and what’s considered a privileged or high-risk account has drastically shifted. In...
-
NVMe: New Vulnerabilities Made Easy
As vulnerability researchers, our primary mission is to find as many vulnerabilities as possible with the highest severity as possible. Finding vulnerabilities is usually challenging. But could...
-
CyberArk Global CIO on Balancing AI Opportunities and Risks
Generative artificial intelligence (AI) has officially arrived at the enterprise and is poised to disrupt everything from customer-facing applications and services to back-end data and...
-
Five Workforce Trends That Intensify Insider Threats
Insider threats don’t often seem like threats at all. They look like colleagues working diligently at the office, logging on to the corporate network from Starbucks or providing a critical...
-
CyberArk Achieves ISO/IEC 27018 Certification – an International Standard for Cloud Privacy
It is my distinct honor to announce that CyberArk has officially achieved ISO/IEC 27018:2019 certification – the first privacy-specific international standard for cloud service providers focused...
-
Operationalizing Identity Security in the Public Cloud
As enterprises increasingly migrate to the public cloud, identity and access management (IAM) inconsistencies across different cloud providers pose a significant hurdle. Effectively securing...
-
Fantastic Rootkits: And Where To Find Them (Part 3) – ARM Edition
Introduction In this blog, we will discuss innovative rootkit techniques on a non-traditional architecture, Windows 11 on ARM64. In the prior posts, we covered rootkit techniques applied to a...
-
The Cloud Security Layer Cake: Modern Use Cases for PAM
Warm. Rich. Chocolatey. The way I see it, a proper chocolate layer cake is the best sensory experience a human can have. Let’s go a bit further still: good chocolate cake is the height of...
-
Making Zero Standing Privileges a Reality
The most significant change in the lifespan of identity security thus far is zero standing privileges (ZSP). Considered to be the next evolution of just-in-time (JIT) access, although it may seem...
-
A Deep Dive into Penetration Testing of macOS Applications (Part 2)
Introduction This is the second part of the “A Deep Dive into Penetration Testing of macOS Application” blog series. In the first part, we learned about macOS applications and their structure and...
-
Five Ways to Secure External Identities
If you stick with any movie through the end credits, you’ll see – not just the household names who act and direct – but the full scope of players who make a film happen. The...
-
Preparing for TSA Cybersecurity Compliance with Identity Security
The aviation industry relies on a complex web of players and digital systems to fly passengers safely around the world. Billions of data points flow across this vast interconnected ecosystem –...
-
Theresa Payton on Identity Threats and the Chief ‘Influence’ Security Officer
You’re reading the CyberArk blog (and we thank you for that), so you’re likely familiar with the name Theresa Payton. The cybersecurity visionary, first female White House CIO, best-selling author...
-
Loading More...