Blog Posts

  • How Poor User Experience (UX) Can Undermine Your Enterprise Security

    How Poor User Experience (UX) Can Undermine Your Enterprise Security

    For years, cybersecurity has been chasing a future where passwords no longer exist. And yet, here we are in 2025—still resetting them, reusing them and getting breached because of them. The...

    Read Blog
  • Precision in Machine Identity: Securing the NHIs That Matter

    Precision in Machine Identity: Securing the NHIs That Matter

    Imagine walking into your next board meeting and saying, “We need to secure all the non-humans.” You can probably picture the reactions: furrowed brows, confused glances—not exactly a solid...

    Read Blog
  • Unlocking ROI: Proving the Value of Your Identity Security Program to the C-Suite

    Unlocking ROI: Proving the Value of Your Identity Security Program to the C-Suite

    Cybersecurity is no longer just a technical concern; it’s a business-critical investment. Yet, gaining the C-suite’s backing often hinges on one essential question: “What’s the ROI?” Proving the...

    Read Blog
  • Unlocking New Jailbreaks with AI Explainability

    Unlocking New Jailbreaks with AI Explainability

    TL;DR In this post, we introduce our “Adversarial AI Explainability” research, a term we use to describe the intersection of AI explainability and adversarial attacks on Large Language Models...

    Read Blog
  • Whole-of-State Cybersecurity: A Unified Approach to Protecting Government

    Whole-of-State Cybersecurity: A Unified Approach to Protecting Government

    In today’s era, where the digital landscape is as critical as the physical, the urgency to adapt and reinforce our cybersecurity infrastructure is more pressing than ever. For government...

    Read Blog
  • TLS Certificate Validity Cut to 47 Days: What You Need to Know

    TLS Certificate Validity Cut to 47 Days: What You Need to Know

    The CA/Browser Forum’s recent unanimous vote to reduce maximum public TLS certificate validity to just 47 days by March 2029 marks a seismic shift in the digital security landscape. This new...

    Read Blog
  • The Cybersecurity Investment Most Organizations Are Failing to Secure

    The Cybersecurity Investment Most Organizations Are Failing to Secure

    Welcome to the 2025 Identity Security Landscape rollout—and to the “it’s complicated” phase of our relationship with AI. Each year, CyberArk surveys security leaders across the globe to understand...

    Read Blog
  • Modern Cybersecurity Strategies for Linux Servers

    Modern Cybersecurity Strategies for Linux Servers

    Linux servers have become widely adopted across organizations of all sizes. However, the frustrations of integrating these servers have left organizations struggling to implement strong security...

    Read Blog
  • CIEM and Secure Cloud Access: Best Practices From Wiz and CyberArk

    CIEM and Secure Cloud Access: Best Practices From Wiz and CyberArk

    Let’s cut the fluff out of cloud security. As you build and innovate in the cloud, you create a maze of roles, permissions and resources that you must secure thoughtfully. The dirty secret is that...

    Read Blog
  • Securing Identities for the Agentic AI Landscape

    Securing Identities for the Agentic AI Landscape

    Twenty-five years ago, we set out to tackle one of the most challenging problems in identity security: Securing privileged access. Today, CyberArk takes another giant step forward, extending our...

    Read Blog
  • Proactive Identity Security: Addressing Unmanaged Endpoint Risks

    Proactive Identity Security: Addressing Unmanaged Endpoint Risks

    When an electrician comes to fix something in your house, you wouldn’t just hand over the keys and leave. Instead, you’d stay to supervise and ensure everything is done correctly. Similarly,...

    Read Blog
  • CyberArk’s Vision to Pioneer Secure Access for Workloads

    CyberArk’s Vision to Pioneer Secure Access for Workloads

    Modern workloads operate across a complex landscape—cloud platforms, virtualized environments, data centers and SaaS applications. Each requires its own authentication method, from static...

    Read Blog
  • Discovery Alone Is Not Enough: You Need Context to Secure Machine Identities

    Discovery Alone Is Not Enough: You Need Context to Secure Machine Identities

    The digital landscape continues to undergo dramatic transformations. Long gone are the days when software, servers and infrastructure were monolithic and centralized. Today, organizations operate...

    Read Blog
  • Agents Under Attack: Threat Modeling Agentic AI

    Agents Under Attack: Threat Modeling Agentic AI

    Introduction The term “Agentic AI” has recently gained significant attention. Agentic systems are set to fulfill the promise of Generative AI—revolutionizing our lives in unprecedented ways. While...

    Read Blog
  • CIO POV: Identity and the Unbalanced Tension Between Attacker and Defender

    CIO POV: Identity and the Unbalanced Tension Between Attacker and Defender

    Protecting a large enterprise is like playing goalkeeper in a soccer match. A CISO’s job is to keep the net clean while multiple attackers close in from various angles, aiming to score. No matter...

    Read Blog
  • Quantum Chip Breakthroughs: Why Machine Identity Resilience Can’t Wait

    Quantum Chip Breakthroughs: Why Machine Identity Resilience Can’t Wait

    Quantum computing isn’t just coming—it’s barreling toward us, flipping the rules of cybersecurity like a table in a bad action movie fight scene. And it begs the question every CISO and IT...

    Read Blog
  • Enhancing Kubernetes Security: Strategies for Effective Secrets Management

    Enhancing Kubernetes Security: Strategies for Effective Secrets Management

    Kubernetes powers modern application deployments, yet safeguarding its secrets remains a formidable challenge. In a 2024 report, IBM estimated that 16% of data breaches stemmed from compromised...

    Read Blog
  • Lurking Threats in Post-Authentication Sessions

    Lurking Threats in Post-Authentication Sessions

    An attacker doesn’t need your password anymore. They don’t even need to break your MFA. They just need to get ahold of your session. And once they have it, they are you. Organizations have focused...

    Read Blog
  • How CISOs Can Use Identity to Advance Zero Trust

    How CISOs Can Use Identity to Advance Zero Trust

    AI is the best thing that’s ever happened to cybercriminals. It allows them to weaponize trust and launch identity-based attacks with staggering scale and sophistication. I’m talking about...

    Read Blog
  • Unmanaged Endpoints: Your Security Blind Spot

    Unmanaged Endpoints: Your Security Blind Spot

    It’s Monday morning and the coffee shop is full of telecommuters, sipping lattes and catching up on emails. The way organizations enable work has changed. With the rise of SaaS applications and...

    Read Blog
  • loading
    Loading More...