Blog Posts

  • TLS Certificate Validity Cut to 47 Days: What You Need to Know

    TLS Certificate Validity Cut to 47 Days: What You Need to Know

    The CA/Browser Forum’s recent unanimous vote to reduce maximum public TLS certificate validity to just 47 days by March 2029 marks a seismic shift in the digital security landscape. This new...

    Read Blog
  • The Cybersecurity Investment Most Organizations Are Failing to Secure

    The Cybersecurity Investment Most Organizations Are Failing to Secure

    Welcome to the 2025 Identity Security Landscape rollout—and to the “it’s complicated” phase of our relationship with AI. Each year, CyberArk surveys security leaders across the globe to understand...

    Read Blog
  • Modern Cybersecurity Strategies for Linux Servers

    Modern Cybersecurity Strategies for Linux Servers

    Linux servers have become widely adopted across organizations of all sizes. However, the frustrations of integrating these servers have left organizations struggling to implement strong security...

    Read Blog
  • CIEM and Secure Cloud Access: Best Practices From Wiz and CyberArk

    CIEM and Secure Cloud Access: Best Practices From Wiz and CyberArk

    Let’s cut the fluff out of cloud security. As you build and innovate in the cloud, you create a maze of roles, permissions and resources that you must secure thoughtfully. The dirty secret is that...

    Read Blog
  • Securing Identities for the Agentic AI Landscape

    Securing Identities for the Agentic AI Landscape

    Twenty-five years ago, we set out to tackle one of the most challenging problems in identity security: Securing privileged access. Today, CyberArk takes another giant step forward, extending our...

    Read Blog
  • Proactive Identity Security: Addressing Unmanaged Endpoint Risks

    Proactive Identity Security: Addressing Unmanaged Endpoint Risks

    When an electrician comes to fix something in your house, you wouldn’t just hand over the keys and leave. Instead, you’d stay to supervise and ensure everything is done correctly. Similarly,...

    Read Blog
  • CyberArk’s Vision to Pioneer Secure Access for Workloads

    CyberArk’s Vision to Pioneer Secure Access for Workloads

    Modern workloads operate across a complex landscape—cloud platforms, virtualized environments, data centers and SaaS applications. Each requires its own authentication method, from static...

    Read Blog
  • Discovery Alone Is Not Enough: You Need Context to Secure Machine Identities

    Discovery Alone Is Not Enough: You Need Context to Secure Machine Identities

    The digital landscape continues to undergo dramatic transformations. Long gone are the days when software, servers and infrastructure were monolithic and centralized. Today, organizations operate...

    Read Blog
  • Agents Under Attack: Threat Modeling Agentic AI

    Agents Under Attack: Threat Modeling Agentic AI

    Introduction The term “Agentic AI” has recently gained significant attention. Agentic systems are set to fulfill the promise of Generative AI—revolutionizing our lives in unprecedented ways. While...

    Read Blog
  • CIO POV: Identity and the Unbalanced Tension Between Attacker and Defender

    CIO POV: Identity and the Unbalanced Tension Between Attacker and Defender

    Protecting a large enterprise is like playing goalkeeper in a soccer match. A CISO’s job is to keep the net clean while multiple attackers close in from various angles, aiming to score. No matter...

    Read Blog
  • Quantum Chip Breakthroughs: Why Machine Identity Resilience Can’t Wait

    Quantum Chip Breakthroughs: Why Machine Identity Resilience Can’t Wait

    Quantum computing isn’t just coming—it’s barreling toward us, flipping the rules of cybersecurity like a table in a bad action movie fight scene. And it begs the question every CISO and IT...

    Read Blog
  • Enhancing Kubernetes Security: Strategies for Effective Secrets Management

    Enhancing Kubernetes Security: Strategies for Effective Secrets Management

    Kubernetes powers modern application deployments, yet safeguarding its secrets remains a formidable challenge. In a 2024 report, IBM estimated that 16% of data breaches stemmed from compromised...

    Read Blog
  • Lurking Threats in Post-Authentication Sessions

    Lurking Threats in Post-Authentication Sessions

    An attacker doesn’t need your password anymore. They don’t even need to break your MFA. They just need to get ahold of your session. And once they have it, they are you. Organizations have focused...

    Read Blog
  • How CISOs Can Use Identity to Advance Zero Trust

    How CISOs Can Use Identity to Advance Zero Trust

    AI is the best thing that’s ever happened to cybercriminals. It allows them to weaponize trust and launch identity-based attacks with staggering scale and sophistication. I’m talking about...

    Read Blog
  • Unmanaged Endpoints: Your Security Blind Spot

    Unmanaged Endpoints: Your Security Blind Spot

    It’s Monday morning and the coffee shop is full of telecommuters, sipping lattes and catching up on emails. The way organizations enable work has changed. With the rise of SaaS applications and...

    Read Blog
  • The Urgent Reality of Machine Identity Security in 2025

    The Urgent Reality of Machine Identity Security in 2025

    The importance of machine identity security has reached a critical juncture in 2025. With machine identities now far outnumbering human ones, securing these digital credentials has become a top...

    Read Blog
  • The Rise of AI Agents—Collaborative Intelligence

    The Rise of AI Agents—Collaborative Intelligence

    2025 marks a pivotal moment. It’s the year AI agents transition from experimental technology to an essential business objective in enterprise operations that can enable growth and scale. These...

    Read Blog
  • Captain MassJacker Sparrow: Uncovering the Malware’s Buried Treasure

    Captain MassJacker Sparrow: Uncovering the Malware’s Buried Treasure

    Cryptojacking malware—a type of malware that tries to steal cryptocurrencies from users on infected machines. Curiously, this kind of malware isn’t nearly as famous as ransomware or even...

    Read Blog
  • Workforce Passwordless Authentication: Beyond the Hype and Here to Stay

    Workforce Passwordless Authentication: Beyond the Hype and Here to Stay

    Let’s face it—passwords are a pain, especially for employees and contractors who deal with them daily. We all know that our so-called “secure” passwords often end up being something like...

    Read Blog
  • The Agentic AI Revolution: 5 Unexpected Security Challenges

    The Agentic AI Revolution: 5 Unexpected Security Challenges

    As we stand on the brink of the agentic AI revolution, it’s crucial to understand the profound impact AI agents will have on how people, applications and devices interact with systems and data....

    Read Blog
  • loading
    Loading More...