What’s the connection between privileged account security and Saint Patrick’s Day? Absolutely nothing, but for any Irish-American like myself this excuse is as good as any to kick start one of the most celebrated cultural holidays of the year (note: despite the lack of a connection, there will still be many Irish Proverbs and sayings used throughout this blog). We here at CyberArk are thrilled to announce the release of CyberArk Privileged Account Security Solution Version 10.2. This release extends the theme of improving risk reduction and simplification for privileged account security one step further, as well as showcasing our ability to continue to strengthen the overall security and protection of privilege on the endpoint and throughout the DevOps pipeline. We recently streamlined the CyberArk solution’s user interface to simplify adoption and usability for our key user personas. We’ve taken the next step to build new processes directly into this interface and include many enterprise-ready features to meet the evolving needs of our customers.
Irish Proverb #1 – There’s No Need to Fear the Wind if Your Haystacks are Tied Down
Fear not! We’ve broadened integrations between our solutions to protect your privileged haystack from external attackers and malicious insiders alike. Our session management and threat analytics solutions have been expanded to now include the automatic suspension of a privileged session as well as a detailed audit of Software-as-a-Service (SaaS) and other (web or client) applications. I could throw in more Irish Proverbs here but I’ll save you that and ask you to watch the following demo video to see automatic risk-based session suspension in action. This new capability allows our customers to pre-define risky activities, automatically suspend the session and enable their security operations team to manually resume it when it’s evident that the activity presents no material threat to the organization.
Furthermore, we’ve extended session management connection components to support the Google Chrome browser and secure connections for a wider range of applications that are tied to that browser specifically. For threat detection, CyberArk can now detect both attackers attempting to take over an account and reset passwords – or – a rogue IT employee who wants to bypass organizational policy and take control over the accounts under management. This is the latest addition to the ever growing list of real-time detection capabilities of malicious attempts to bypass privileged account security controls.
To simplify the onboarding of privileged accounts, our customers now have the ability to create automatic onboarding rules directly within the new user interface to automatically onboard accounts from both ‘Accounts Discovery’ and from the ‘Add Pending Accounts’ REST API, as well as backdoor accounts detected by CyberArk Privileged Threat Analytics. To see how this takes shape, watch the demo video.
In terms of managing privilege, we’ve incorporated a comprehensive health dashboard that provides detail on the overall health of the infrastructure and individual components, with drill down functionality for Vault administrators looking to get into the minutia (e.g. list of installed components, component identifiers, IP addresses, connectivity status, etc.). This feature enables users to identify specific instances of each CyberArk component and provide them with the details they need to get an end-to-end view of system health. Furthermore, we’ve automated Microsoft patching on the CyberArk Digital Vault with strong security throughout the process to make the system more secure during a patch update. This reduces deployment friction and complexity around Microsoft patching and through this automation, we can now make it a part of routine operations for the IT team.
Irish Proverb #2 – It’s Easy to Halve the Potato Where There’s Love
Okay so there are no potatoes involved here but there’s plenty of love between the CyberArk Privileged Account Security Solution and CyberArk Conjur, our DevOps secrets management solution. By the end of this month, CyberArk’s Enterprise Password Vault (v9.5 and up) will officially be integrated with CyberArk Conjur providing a way to synchronize secrets that are managed in the Vault with Conjur. CyberArk customers who store and manage their credentials in the Vault will benefit from CyberArk Conjur’s capabilities in serving up secrets for applications built on containers leveraging DevOps methodologies. The powerful combination of CyberArk Enterprise Password Vault and Conjur delivers immediate value to the install base and enables central policy enforcement for DevOps use cases such as secrets rotation, monitoring, and auditing that is consistent with enterprise policy. Additional details are available here.
And the love doesn’t end there. For endpoint protection, we now support the ability to manage local privileged credentials on the endpoint that are not directly connected to the corporate network. Through tight integration with the Enterprise Password Vault, this new capability ensures security and operational policies are met for privileged credential protection for workstations – including “loosely connected” endpoints that only connect to the corporate network intermittently. Lastly, we’ve made several enhancements to our industry leading credential theft protection including the ability to block credential attacks in the Microsoft Windows Internet Explorer and Edge browsers and the Windows Credential Manager. Learn more by visiting the CyberArk Endpoint Privilege Manager webpage.
Irish Proverb #3 – A New Broom Sweeps Clean, but an Old One Knows the Corners
When it comes to security, you can’t beat experience and when it comes to experience, no one beats CyberArk. We’ve seen more and done more in privileged account security than any other vendor. The v10.2 release is another example of our dedication to innovation and continual investment in research and development. We’ve also included many specific customer requests of which we’ve prioritized and implemented – you’ve asked and we’ve heard you! These new features and capabilities continue to strengthen our position as the #1 undisputed leader in the privileged account security market.
Interested in learning more about the latest version of CyberArk Privileged Account Security Solution? Register for our webcast to hear more about some of these exciting new capabilities in greater detail.