CyberArk Identity
Administrator Activity Report
CyberArk Identity now provides a built-in report that tracks all administrator activities. This new report queries all changes made by an administrator over a specified period. For example, you can use this report to see all actions taken by a particular admin over a specific date range – or to determine which admin took a particular action, such as deleting a user or creating a role. Customers can use the admin activity report out of the box, to simplify compliance initiatives; they can also customize it to meet their business and audit needs. The report can be found under the Compliance section within the CyberArk Identity Reports feature.
Learn more about the administrator activity report.
Enhanced Login Experience for Users with Multiple Tenants
CyberArk Identity now makes the login experience easier for customers with multiple tenants. With this release, a new landing page allows endusers to choose the tenant they want to log into, or to search for a different tenant. Customers can quickly search for another tenant using the tenant ID or URL. This update allows end users to access multiple tenants with the same username. It also reduces friction for users during their first instance of accessing CyberArk Identity from the CyberArk Identity Browser Extension and the CyberArk Identity Mobile app. In addition, federated users can more easily access multiple tenants with the same username.
Users can now easily switch to an additional tenant.
Learn more about the latest login enhancements
Enhanced Routing for External IDP Authentication
CyberArk Identity now allows you to route authentication requests to external IDPs based on client type. Previously, all external IDP authentication was performed using SAML or OIDC protocols. This required end-users to open a web browser to complete authentication steps. Now, authentication requests from non-browser clients, such as Remote Desktop Protocol (RDP) terminals, can be performed inline utilizing the RADIUS protocol. This streamlines the authentication process and eliminates the need for end-users to take actions within web browsers for non-browser-initiated logins.
Learn more about enhanced routing for external IDP authentication.
Multi-Factor Authentication
YubiKey One-Time Password (OTP) Support for RADIUS Authentication
YubiKey is a physical authentication device that enables strong multi-factor and passwordless authentication, qualifying for NIST Authentication Assurance Level 2 (AAL2). With this release, you can now configure YubiKey OTP as an authentication factor to log in with RADIUS protocol. This enables you to securely authenticate into endpoints when using RADIUS. Configuring YubiKey OTP as an authentication factor for RADIUS login reduces the risk of phishing attacks and eliminates the reliance on passwords, which delivers a more secure and frictionless login experience.
Learn more about YubiKey OTP support for RADIUS authentication.
Workforce Password Management
Attach Files to Secured Items
Workforce Password Management (WPM) allows users to securely store and share credentials and other sensitive text-based information in the form of notes, called Secured Items. With this release, you can now attach files to your Secured Items. For example, you can now add images, certificate files, PDFs of sensitive documents, and other files to your Secured Items.
All WPM file attachments are protected with strong encryption and securely stored in the CyberArk Identity Cloud. In addition, the file storage capability includes access and sharing controls. Specifically, organizations can allow or block file attachments for all users, and specific users can hide their files when sharing Secured Items.
Workforce Password Management end users can add attachments to Secured Items and can chose to hide the file when sharing the secured note.
Learn more about file storage in Workforce Password Management.
Share Custom Folders
Workforce Password Management (WPM) now enables users to share custom folders that contain applications and Secured Items. In the CyberArk Identity 23.6 release, end users gained the ability to drag and drop their preferred applications and Secured Items to custom folders within WPM. With this release, you can now instantly grant your peers access to your custom folders. In addition, you can define access rules, such as “view” or “edit” permissions, and specify the period the access is valid for. This improves user productivity and simplifies cross-organizational collaboration. For example, you can now help new employees quickly ramp up by sharing access to relevant folders containing must-read notes and documents and enable colleagues working on the same project to easily share access to appropriate business applications.
Learn more about custom folder sharing.
Identity Flows
Audit and Replay Workflows
CyberArk Identity Flows allows customers to build and run complex workflows using a flexible, user-friendly no-code interface. When using this tool to orchestrate and automate processes, users need a detailed way to view and analyze the status of a workflow — particularly if errors are causing a failure in the flow’s execution. With this release, you can view a more detailed audit of your workflows, including data on each node within the flow. This new capability also allows you to replay flows from a particular step in the workflow to the end — or a specific step only — rather than having to run the flow from start to finish. This greatly reduces troubleshooting time and helps you quickly pinpoint and resolve problems.
Flows users can now access detailed audit data for each node within their workflows to analyze failures and replay flows from a specific point in time.
Learn more about replaying Flows.
Secure Web Sessions
Edge Browser Extension Now Available for Download in the Microsoft Store
The CyberArk Secure Web Sessions Browser Extension for Microsoft Edge is now available in the Microsoft store. CyberArk Secure Web Sessions enables organizations to monitor, record and audit end-user activity within high-risk and high-value web applications. Secure Web Sessions leverages a browser extension to capture a user’s activities within a web session. The extension can be deployed on managed devices and browsers by administrators to ensure it is upgraded in accordance with your enterprise standards, and to prevent removal from the endpoint by the end user.
Learn more about the Secure Web Sessions Browser Extension for Microsoft Edge.
