With release 21.10, CyberArk Identity supports the following new features:
End-to-end encryption for credentials stored in CyberArk self-hosted vault
CyberArk Identity SSO allows you to store user credentials for business applications in the CyberArk self-hosted vault without having an active VPN connection. This enables you to provide users a frictionless experience for accessing business applications using CyberArk Identity Browser Extension, CyberArk Identity User Portal and the CyberArk Identity mobile app while maintaining complete control over user credentials. With this release, CyberArk adds end-to-end encryption between an end user's browser and the CyberArk self-hosted vault. This provides an additional layer of security to the SSL-encrypted communication channel between the endpoint and CyberArk Identity Cloud and ensures that all business user credentials stored or added to the vault are encrypted during transit. Refer to manage business application credentials in CyberArk self-hosted vault for more information.
MFA for ADFS 4.0
Active Directory Federation Services (ADFS) is a Single Sign-On (SSO) solution developed by Microsoft and used to authenticate users to a variety of applications including Office 365, cloud-based SaaS applications and applications on the corporate network. Many organizations use ADFS as their primary method of managing identities, since it is included with Office 365 and natively integrates with Active Directory. Previously, you could use ADFS 3.0 as an Identity Provider (IdP) to applications and CyberArk Identity for MFA to provide a strong method of authentication for your applications. With this release, CyberArk Identity MFA now supports ADFS 4.0 and allows customers to use the latest version of Windows Server 2016. To learn more about the MFA plugin for ADFS, please see Configure the CyberArk Identity AD FS 4.0 MFA Plugin.
For more information on the 21.10 release, please see CyberArk Identity release notes.