*NIX SECURITY

Secure *NIX environments with a complete and integrated solution

In *NIX environments, administrative privileges tend to be an all or nothing trade off. With a need for privileged users to maintain critical systems but little control over how privileged access rights are used, organizations are often forced to grant default permanent, continuous and anonymous super-user privileges to users who may or may not be trusted.

To mitigate the inherent risks of privileged *NIX accounts and reduce the likelihood of a data breach, organizations must proactively implement *NIX security controls that protect accounts, secure all privileged credentials including passwords and SSH keys employed by users and applications, limit administrative privileges to only those necessary, and track all user access and activity during privileged sessions.

To help organizations secure *NIX environments and address audit and compliance concerns, CyberArk offers an end-to-end privileged account security solution including:

  • Complete discovery of all *NIX privileged accounts and SSH keys
  • Secure storage, automated rotation of and access controls to privileged passwords and SSH keys
  • Replacement of static passwords and locally stored SSH keys used in applications and scripts with dynamic, securely stored credentials
  • Least privilege policy enforcement with granular access controls to allow privileged super-user commands only when needed for business purposes
  • • Real-time monitoring and recording of privileged sessions to strengthen security while preserving the native command line experience that *NIX users prefer
  • Audit and reporting capabilities that provide individual accountability to the use of shared administrative accounts
  • Active Directory bridge capabilities for integrated authentication, provisioning, and reporting
  • • Behavioral analytics of *NIX privileged account activity with real-time detection of anomalous activity

This unique set of privileged *NIX security capabilities are all delivered on a single, integrated platform designed to secure all privileged accounts including in *NIX, Windows, and hybrid and public cloud environments. By incorporating *NIX x systems and accounts into a broader privileged account security strategy, organizations can gain a number of benefits, including:

Key benefits

  • Locate all privileged *NIX accounts and credentials to understand where vulnerabilities exist and set a plan to programmatically manage and secure the environment
  • Reduce the risk of unauthorized access with proactive protection of *NIX credentials including passwords and SSH keys on a single platform
  • Prevent authorized users from mistakenly or maliciously executing damaging commands by limiting the scope of privileges to what is required
  • Streamline auditing processes with detailed audit logs and centralized reporting of *NIX privileged activity
  • Improve efficiency of *NIX account administration by connecting *NIX accounts to Active Directory for integrated authentication and provisioning
  • Reduce total cost of ownership with a unified, policy-driven solution for shared-account/software-account password management (SAPM) and super-user privilege management (SUPM) in *NIX environments, eliminating the need for two separate products
  • Reduce an attacker’s window of opportunity on critical *NIX systems with real-time detection and alerting of anomalous privileged account activity
  • Implement, expand and manage a complete solution with a common infrastructure, the CyberArk Privileged Access Security Solution