Reliability

CyberArk has assigned a limited set of authorized security engineers to alter configurations in our security systems according to the least privilege principle. Configuration management tools are utilized in our production environments to manage configurations and changes to servers. All critical changes are reviewed and approved in compliance with our change management process.

CyberArk utilizes a wide range of tools to monitor its corporate network environment. Data is collected from devices and applications in the corporate network and aggregated into the SIEM to detect and respond to anomalies and threats. The SIEM is monitored by a dedicated 24/7/365 Security Operation Center (SOC) to help rapidly detect and mitigate risks.

Our internal Standard Operating Procedures (SOP) determine how alerts are classified, investigated, escalated, and ultimately resolved. CyberArk’s SOC team issues alerts on our security analytics platform and monitors for indicators of compromise. System logs are retained for 30 days in hot backup and 365 days in cold backup.

CyberArk follows a strict change control process by which all material changes to corporate internal applications and services are required to follow an approval process. After change verification is completed, the proposed changes are presented to the Change Approval Board (CAB). This process is designed to ensure that every release is delivered at the highest quality and with minimal risk and business impact.

CyberArk maintains a formal Business Continuity Plan (BCP) for our corporate network that is regularly reviewed and updated. CyberArk’s business continuity plan enables the company to respond quickly and remain resilient in the event of most known failure modes, including natural disasters and system failures. This plan is drilled annually on a global scale by an independent, expert security firm.

CyberArk maintains a global disaster recovery program (DRP) that is approved by management and regularly reviewed, tested, and updated. Designed to prevent data loss, CyberArk performs ongoing data replication and backup at each of its data centers. CyberArk uses a disaster recovery service, which enables consistent critical services performance and minimal data loss in the event of a natural disaster or system failure.

At CyberArk we operate a comprehensive backup program, which includes our corporate internal systems, where backup measures are designed in accordance with system recovery objectives. Backups are protected using AES-256-bit encryption.

CyberArk maintains a formalized, documented Incident Response Plan (IRP) and runs annual IRP drills. The IRP outlines how security incidents are identified, classified, reported, remediated, and mitigated throughout the incident response process including post-incident assessments. The CyberArk Information Security team promptly investigates all reported anomalies and suspected security breaches on an enterprise-wide level.

CyberArk will notify customers upon the discovery of an actual security breach that materially affects the confidentiality or security of customer information and will make reasonable efforts to promptly contain and remedy any such breach.