CyberArk Identity 21.11 Release

November 1, 2021 Stas Neyman

With release 21.11, CyberArk Identity supports the following new features:

CyberArk Workforce Identity

Single Sign-On

Sharing of business application credentials for end-users

With this release, application owners (end-users who have added a username and password application to their user portal) can securely manage shared access to their business apps. Previously, only administrators could configure and share application credentials with multiple users. This required application owners to submit a request to IT, provide shared credentials and indicate specific users to share the credentials with. In addition, IT administrators had to be notified when access was no longer needed. Now, application owners can allow other users to access shared username and password applications without involving IT. For example, a marketing team lead can now share access to a social media application that uses a single set of credentials with their team members. The team lead can also grant permission to view or edit the application credentials for a specified duration or revoke access to the shared app without requiring assistance from IT. As an additional security measure, companies can require users to validate their identity by passing multi-factor authentication challenges before launching or viewing shared applications.

To learn more about this feature, please see here.

Multi-Factor Authentication 

SMS message retry for authentication challenges

CyberArk Identity MFA supports a wide range of authentication factors, including one-time passcodes (OTP) sent via SMS messages. With this release, you can now allow end-users to request a new OTP message if the original SMS message is not received during a pre-defined period. This feature improves the sign-in experience for end-users who might be experiencing phone connectivity issues and helps reduce Help Desk tickets due to account lockouts.

To learn more about configuring resend link for SMS messages, please see here.

Syslog writer for events captured by User Behavior Analytics

CyberArk Identity User Behavior Analytics (UBA) collects, analyzes and visualizes user behavior and threat data to help administrators assess risk and investigate security incidents. With this release, we are introducing a new System Logging Protocol (Syslog) writer that pulls security events directly from the CyberArk Identity UBA service and allows administrators to import captured data into third-party security information and event management (SIEM) solutions. For example, security teams can now analyze high-risk events identified in the CyberArk Identity service with Splunk or QRadar solutions by downloading logs created by the new syslog writer.

To learn more about this feature, please see here.

CyberArk Customer Identity

QR code authenticator SDK for iOS 

CyberArk Customer Identity allows secure access to your apps and websites with a broad range of secondary authentication methods. With this release, you can now use a software development kit (SDK) to add QR code authenticator to your iOS applications. This enables you to embed risk-based authentication workflows into your web applications and provide end-users a fast, secure and convenient authentication experience. For example, you can use QR codes to give users access to your web applications without entering usernames and passwords, set up QR codes as a secondary authentication mechanism or require end-users to scan QR codes with their iOS devices before allowing them to perform high-risk activities. In addition, the mobile application with the embedded QR code authenticator can be protected with username and password or on-device biometrics authentication mechanisms, such as facial recognition cameras or fingerprint readers to validate the user scanning the QR code.  

This feature is currently in preview and available on GitHub.com.

For more information on the 21.11 release, please see CyberArk Identity release notes.

Previous Article
CyberArk Identity 21.12 Release
CyberArk Identity 21.12 Release

CyberArk Identity 21.12 release supports new capabilities for shared access to business apps, automated set...

Next Article
Cloud Entitlements Manager – Detection of Entitlements for Federated Identities in AWS
Cloud Entitlements Manager – Detection of Entitlements for Federated Identities in AWS

Cloud Entitlements Manager now provides visibility into permissions usage for employee identities accessing...