- Privileged Session Manager (PSM) enhancements
- Updated third-party DLLs in the CyberArk Marketplace
- Accessibility improvements
Customers using CyberArk Privilege Cloud v14.0 on the CyberArk Identity Security Platform also receive conditional access to establish connections from specified IP addresses. In addition, customers using CyberArk Endpoint Privilege Manager (EPM) benefit from the automatic discovery of Linux accounts on endpoints.
Release highlights include:
Conditional Access – Improved security with connections from authorized IP addresses
Customers can now configure conditional access for users, whereby only machines from authorized IP addresses can establish connections to target resources. This improves security by preventing access from malicious sources. Secure zones can be configured in the Identity Administration portal.
Automatic discovery and secrets rotation for local Linux accounts on endpoints
CyberArk Privilege Cloud customers on the CyberArk Identity Security Platform who use CyberArk Endpoint Privilege Manager (EPM) SaaS can now automatically discover local admin accounts on Linux machines, onboard them to CyberArk Privilege Cloud and apply automatic secrets rotation. This adds to the existing coverage of Windows and macOS accounts. After discovery, review and onboarding, the discovered accounts are managed together with all the other system accounts.
Automatic discovery is available through both the RESTful API and the CyberArk Privilege Cloud Web Portal under Accounts > Accounts Feed > Discovered Accounts.
The new Linux loosely connected device platform is available in the CyberArk Marketplace.
Improvements to CyberArk Privileged Session Manager (PSM)
- Improved efficiency for upgrading CyberArk PSM with new automated processes:
- CyberArk PSM logs are now automatically zipped and placed in a dedicated archive folder.
- Automatic name change:
- Default or domain PSMConnect or PSMAdminConnect.
- Automatically replace the username in the PSMConfigureAppLocker.ps1 and PSMHardning.ps1 scripts.
- Support for time-based one-time password (TOTP) in CyberArk PSM sessions with custom connection components. The Secure Web Application Connectors Framework now supports automatic connection to web applications enforced by MFA, with TOTP.
- Customization of recordings safes retention extension permissions. PAM admins can now change the recording retention period on the PSM recordings safes through the CyberArk Privilege Cloud Web Portal (PVWA).
Enhanced security and technical improvements with updated third-party DLLs, now in the CyberArk Marketplace:
- SAP NetWeaver
- Microsoft Azure Application Keys
- Microsoft Azure Password Management
- Google Cloud Platform (GCP) Account Management plugin – MFA Support
- Google Cloud Platform (GCP) – Service Account
- CyberArk CPM Identity Administration
CyberArk Privilege Cloud Web Portal (Modern UI) Accessibility Improvements:
Accounts and requests screens are now compatible with WCAG 2.1 (AA) for item 1.4.10 (AA) – Zoom and Reflow.
Voluntary Product Accessibility Template (VPAT®) Report:
The VPAT report for compliance evaluation with WCAG is now available for CyberArk Privilege Cloud (PVWA).
To learn more about CyberArk Privilege Cloud’s new features, please visit:
Additionally, component downloads are available in the CyberArk Marketplace.