enterprisesecuritymag

CyberArk: Laser-Focused on Privileged Accounts Security

Udi Mokady, Founder, Chairman and CEO, CyberArkUdi Mokady, Founder, Chairman and CEO Over the years, cybersecurity has evolved as a pressing challenge for every business. The recent years saw a seismic shift pertaining to the magnitude of breaches, the sophistication of Distributed Denial of Service attacks and distribution of ransomware payloads. Data breaches and cyber attacks are becoming more common and severe, as hackers are employing advanced techniques to circumvent the latest technologies. These factors cohesively demonstrate why cybersecurity is imperative for businesses today to safeguard their trade secrets and sensitive data. Most organizations piece together privileged account security solutions in an attempt to construct the best defense and then work to connect them crossing platforms, adjusting settings, managing them simultaneously—all in the hope to deploy better defense. However, the changing cyberattack landscape is driving organizations to end up with severe losses, more than they could ever imagine.

Meanwhile, wiser businesses protect all its privileged accounts with one integrated privileged account security solution—CyberArk. It is a unified platform that secures all the privileged accounts with multiple layers of security, provides quantifiable results while delivering better cost savings. “To deal with the changing attack landscape, you don’t need solutions, you need ‘a solution,’ and that is CyberArk,” says Udi Mokady, Founder, Chairman and CEO, CyberArk.

CyberArk offers comprehensive privileged accounts security for protecting user and application accounts and passwords and SSH credentials on-premises, in the cloud and everywhere in between— from every endpoint and application, and throughout the DevOps pipeline. This layered approach to security covers everything including credential protection, session isolation, live monitoring and recording, least privilege enforcement, threat detection, policy violation notification, and even the ability to detect in-progress attacks. CyberArk’s single platform design provides centralized management and reporting. Its simplified sign-on capability gives quantified reports of the attack surface. The platform’s out-of-the-box integration reduces the deployment cost, and automated verification lowers IT expenditure and scalability to add additional security services as the needs arise.

The company stands a mile ahead in the industry as the only security company laser-focused on striking down targeted cyber threats; attacks that make their way inside the heart of the enterprise. In addition, CyberArk solutions work in line with a customer’s internal policies and regulatory compliance with full, detailed reporting and a searchable audit trail.

The Advanced Security Solution

CyberArk’s platform secures and protects all privileged access and account credentials, monitor, and record all privileged activity while analyzing and detecting any high-risk behavior in the network.

With CyberArk, security teams can centrally secure and control access based on administratively designed secure policies, and enable secure authentication with adaptive authentication capability


It allows securing and managing passwords and other credentials for applications, scripts, configuration files, and other non-human users. The privileged account security solution’s credential protection and management capability allow discovering, securing, and protecting the privileged credentials across the organization. It not only enables security teams to isolate, monitor, and control all the session activity but also helps to lock down domain controllers with in-progress attack detection feature.

The CyberArk Endpoint Privilege Manager provides a layered solution to secure the endpoints. It encompasses the least privilege, application control and credential threat blocking while ensuring continuous productivity by automatically allowing trusted applications to run and remove admin privileges for reducing the attack surface effectively. It enables identification and blocking of malicious software on the endpoint, helping to mitigate risk. For unknown software that may pose a threat, the solution’s greylisting functionality makes it possible to control its access, limiting its impact in the environment should it prove to be malicious. Meanwhile, its targeted behavioral analytics provides secure layered protection around account credentials.

For more than a decade CyberArk has played a significant role in securing enterprises against cyber attacks that were mostly covered behind insider privileges. Today, CyberArk engraves its name as the only company delivering a new category of targeted security solution that assists leading businesses to react to cyber threats and get ahead of them. The company’s offering prevents attack escalation before any irreparable business harm.

While regulators recognize privileged accounts as the fast track for cyber attacks and demand stronger protection, CyberArk’s security solutions master high-stakes regulatory compliance while arming businesses to protect its critical assets. With offices and authorized partners worldwide, CyberArk is a vital security partner to more than 4,000 global businesses, including Hershey’s, Regal Cinemas, Qualcomm, Duracell, Rockwell Automation and Suncor Energy.

Partnering for Innovation

As nearly one-quarter of known breaches are the results of insider activity, CyberArk has partnered with some of the industry leading security solution providers to enhance its offerings. In association with Okta, CyberArk delivers solutions to monitor, manage, and enforce robust authentication processes to protect against potential threats. Once deployed, access to CyberArk vault is protected by Okta multifactor authentication solution allowing customers to experience centralized, secure privileged access to their most sensitive resources. The solution allows reducing password management risk with secure access control be a single sign-on. With CyberArk, security teams can centrally secure and control access based on administratively designed secure policies, and enable secure authentication with adaptive authentication capability.
CyberArk in Action

Committed to mitigating attacks before they harm business, CyberArk is trusted by the world’s leading companies, including some of the Fortune100 companies, to protect their highest value information assets, infrastructure, and applications. In an instance, CyberArk assisted National Gypsum in their new security initiatives. When National Gypsum’s CFO and controller demanded IT pass audits related to access control, the company decided to revamp its security program. However, National Gypsum never used any management or monitoring programs for the privileged accounts, failing to meet compliance requirements. This incompliant working was the critical reason for the firm’s significant database vulnerabilities and compliance weaknesses. Recovery from a serious security compromise could be devastating to the business unless the compromised accounts and credentials are left in place.


As a primary initiative, the team made improvements in routine production systems access controls. The company also wanted to make it easier to be secure. As part of its advanced security model, the team created more Active Directory accounts to accommodate the various roles such as for production environments and QA. The new SYS and firefighter roles institute the least privilege strategy in which users can access on-demand only to the systems needed to perform a particular task.

"To deal with the changing attack landscape, you don’t need solutions, you need ‘a’ solution, and that is CyberArk"

The manufacturer implemented the CyberArk Privileged Account Security Solution, leveraging its Digital Vault to manage nearly 2,000 passwords better, ensuring they are automatically updated, changed at regular intervals and fully auditable. National Gypsum also integrated the CyberArk Application Identity Manager solution with Opalis, a process automation system that performs a number of IT automation tasks across the manufacturer’s applications and servers. Integrating with Application Identity Manager allowed National Gypsum to remove sensitive hard-coded passwords from the Opalis jobs and benefit from secure caching capabilities to ensure business continuity even in the case of a network outage. Perhaps one of the most tangible results of the CyberArk deployment was National Gypsum achieving a major compliance milestone, by passing a privileged and production account management audit for the first time.

Paving the Way for a Secure Tomorrow

Expanding its portfolio to support the digital transformation, the company recently introduced CyberArk Privileged Session Manager for Cloud. Through a transparent user experience, the new offering extends privileged access session isolation, monitoring, and control to the most common web applications, cloud, and social media platforms. Being an integrated solution, it also leverages industry-leading risk scoring capabilities to detect and alert on suspicious privilege-related activity.

Today, CyberArk is on a mission to offer the best security solutions to its customers. The company’s experts are striving to innovate to stay one step ahead of the attackers. In the long run, CyberArk will continue investing in security offerings and R&D, and enable access to the developing technology. The firm envisions a sustainable long-term growth and expanding a new layer of security for its customers.
- Vishnu Santhosh
    December 07, 2018