The invisible threat: Machine identity sprawl and expired certificates
One unmanaged machine identity—whether a TLS certificate, SSH key, code signing certificate, or API secret—that’s all it takes to crash your website, halt transactions, and leave customers...
Read Blog
Sandworm in the supply chain: Lessons from the Shai-Hulud npm attack on developer and machine identities
Do you know why Shai-Hulud should raise your hackles? Unless you’ve spent time on Arrakis in Frank Herbert’s Dune or the npm ecosystem this month, the name Shai-Hulud might not ring a bell. In...
Read Blog
A practical guide to AI-ready machine identity governance in finance
Across financial services operations, machine identities play critical roles, but in many organizations, these cryptographic keys, API tokens, certificates, and service accounts remain chronically...
Read Blog
The AI revolution in financial cybersecurity
Financial cybersecurity has never been a static discipline. Over two decades in this industry, I’ve seen it transform from a compliance checkbox to a cornerstone of business resilience—usually...
Read Blog
Why secret sprawl may be your biggest security threat (and how to help fix it)
Picture this: You’re having your morning coffee when your phone buzzes with the kind of alert that makes security professionals break into a cold sweat. A single API key, leaked on GitHub months...
Read Blog
A CISO’s guide to post-quantum readiness: How to build crypto agility now
The quantum threat isn’t theoretical—it’s operational. Quantum computing is rapidly shifting from research to reality, forcing chief information security officers (CISOs) to rethink cryptography,...
Read Blog
Container security at scale: Strengthening software supply chains
Modern applications have undergone a paradigm shift, with containers becoming the default choice for deployment. While their flexibility and scalability are well-recognized, their adoption has...
Read Blog
Addressing recent vulnerabilities and our commitment to security
At CyberArk, the trust and security of our customers are at the heart of everything we do. Today, July 15th, we are addressing the publication of several Common Vulnerabilities and Exposures...
Read Blog