Privileged Account Security

CyberArk systems are focusing on striking down targeted cyber threats, those that make their way inside to attack the heart of the enterprise. CyberArk is trusted by the world’s leading companies to protect their highest-value information assets such as credentials, SSH Keys and certificates that are used to connect to resources across the enterprise infrastructure and applications.

For over a decade CyberArk has led the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets. Today, only CyberArk is delivering a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done.

At a time when auditors and regulators are recognizing that privileged accounts are the fast track for cyber attacks and demanding stronger protection, CyberArk’s security solutions master high-stakes compliance and audit requirements while arming businesses to protect what matters most.

Cyberark Privileged AccountManagement (PAM)

Privileged accounts represent the largest security vulnerability an organization faces today. In the hands of an external attacker or malicious insider, privileged accounts allow attackers to take full control of an organization’s IT infrastructure, disable security controls, steal confidential information, commit financial fraud and disrupt operations. Stolen, abused or misused privileged credentials are used in nearly all breaches. With this growing threat, organizations need controls put in place to proactively protect against, detect and respond to in-progress cyber attacks before they strike vital systems and compromise sensitive data.

Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry’s most comprehensive Privileged Account Security Solution. Each product can be managed independently or combined for a cohesive and complete solution for operating systems, databases, applications, hypervisors, network devices, security appliances and more. The solution is designed for on-premise, hybrid cloud and OT/SCADA environments.

CyberArk Shared Technology Platform

The CyberArk Privileged Account Security Solution is based on CyberArk Shared Technology Platform™, which combines an isolated vault server, a unified policy engine, and a discovery engine to provide scalability, reliability and unmatched security for privileged accounts. CyberArk Shared Technology Platform allows customers to deploy a single infrastructure and expand the solution to meet expanding business requirements. The platform delivers enterprise-class security, scalability, and high availability on a single, integrated solution. Enterprise Class Integration includes out-of-the-box support for devices, networks, applications and servers, including web sites and social media. The extensive integrations allow organizations to leverage the Privileged Account Security Solution in any IT environment, whether on-premises or in the cloud.

Scalable, Flexible, Low-Impact Architecture delivers global scalability with minimal impact. Components of the solution work independently but take advantage of shared resources, allowing organizations to scale the solution to meet changing business needs. The system supports hundreds of thousands of users and accounts addresses the needs of growing, large organisations. Cyberark offers out-of-the-box integrations with hundreds of solutions including SIEM, ticketing systems, and identity management ensures seamless deployment in any environment.

Below there is a list of the basic components of Cyberark fully integrated solution, delivering scalability, high availability and centralized management and reporting:

CyberArk Secure Vault

The Vault is designed to discover, secure, rotate and control access to privileged account passwords used to access systems throughout the enterprise IT environment. The solution enables organizations to understand the scope of their privileged account risks and put controls in place to mitigate those risks. Flexible policies enable organizations to enforce granular privileged access controls, automate workflows and rotate passwords at a regular cadence without requiring manual IT effort. To demonstrate compliance, organizations can easily report on which users accessed what privileged accounts, when and why.

CyberArk SSH Key Manager

CyberArk SSH Key Manager is designed to securely store, rotate and control access to SSH keys to prevent unauthorized access to privileged accounts. Built on the CyberArk Shared Technology Platform, SSH Key Manager leverages the Digital Vault infrastructure to ensure that SSH keys are protected with the highest levels of security, including the encryption of keys at rest and in transit, granular access controls and integrations with strong authentication solutions. Detailed audit logs and reporting capabilities provide visibility into key usage to meet audit and compliance requirements. SSH Key Manager integrates with the CyberArk Privileged Account Security Solution, enabling organizations to protect all privileged credentials, including SSH keys and passwords, from a single integrated platform that can be built out over time in accordance with business needs.

CyberArk Privileged Session Manager

CyberArk Privileged Session Manager enables organizations to isolate, monitor, record and control privileged sessions on critical systems including Unix and Windows-based systems, databases and virtual machines. The solution acts as a jump server and single access control point, prevents malware from jumping to a target system, and records keystrokes and commands for continuous monitoring. The resulting detailed session recordings and audit logs are used to simplify compliance audits and accelerate forensics investigations.

CyberArk Privileged Threat Analytics

CyberArk Privileged Threat Analytics is a security intelligence system that allows organizations to detect, alert, and respond to cyber attacks targeting privileged accounts. The solution is designed to identify an attack in real-time and automatically respond to stop an attacker from continuing to advance the attack. At the core of the solution, the analytics engine runs a sophisticated combination of proprietary algorithms – including both deterministic and behavior-based – on users, entities, and network traffic to detect indications of compromise early in the attack lifecycle. By identifying attackers early, security teams have more of the critical time they need to be able to stop an attack before it stops business.

CyberArk Application Identity Manager

CyberArk Application Identity Manager enables organizations to protect critical business systems by eliminating hard-coded credentials from application scripts, configuration files and software code, and removing SSH keys from servers where they are used by applications and scripts. Application Identity Manager offers agent and agentless deployment options to best meet the security and availability requirements of various business applications. The product is built on the CyberArk Shared Technology Platform, delivering scalability, high availability and centralized management and reporting.

CyberArk On-Demand Privileges Manager

CyberArk On-Demand Privileges Manager is a unified access control product, allowing organizations to control and monitor the commands super-users can run based on their role and task at hand. The solution reduces the usage of privileged rights within an enterprise and enforces least privilege policies for superuser rights. CyberArk On-Demand Privileges Manager replaces siloed Unix sudo command with an enterprise-ready, scalable product with unparalleled security as well as enhanced audit capabilities.

CyberArk Viewfinity

CyberArk Viewfinity helps organizations reduce the attack surface by removing local administrative privileges for business users, granularly controlling IT administrator privileges on Windows Servers based on role, and seamlessly elevating users’ privileges when necessary and authorized. CyberArk Viewfinity also enables organizations to closely control and monitor all applications within the environment. Whitelisted applications may seamlessly run, malicious applications can be immediately blocked, and unknown applications can be “greylisted” and restricted, pending further analysis. With CyberArk Viewfinity’s privilege management and application control capabilities, organizations can dramatically reduce the Windows attack surface without frustrating business or IT users.

Cyberark Sensitive InformationManagement Solution

In today’s dynamic business environment that includes mobile, web and cloud-based interactions, users require convenient access to information wherever and whenever they need it. The ability to exchange information between users and systems has become a fundamental business requirement. Information sharing enables users to be more productive, facilitates collaboration among teams, and help organizations deliver better customer experiences. However, as organizations share increasing amounts of sensitive information, they also need to ensure that their files remain safe from compromise.

The ability for users to confidentially share files internally and externally, as well as securely keep track of login credentials to an ever-increasing number of business applications are critical requirements to maintain user productivity without compromising security. At the same time, IT and security teams are tasked with securing sensitive information shared in automated business processes while reducing costs to ensure business efficiency.

The CyberArk Sensitive Information Management Solution is a complete platform for securely storing, sharing and distributing information between users and systems. Developed with a focus on security, the solution includes patented digital vault technology, military-grade encryption and tamper-resistant auditing designed to help enterprise organizations meet compliance requirements. Organizations use the CyberArk Sensitive Information Management Solution to enable individuals to securely store and share sensitive files and business passwords, as well as automate business processes to securely collect, distribute and access sensitive information.