|
By CyberArk Labs
There’s a dark joke in cybersecurity: each year ends with an unwelcome holiday surprise—a major security incident. This timing isn’t random. Threat actors target this timing, knowing security teams operate with skeleton crews that impact detection, investigation and response times. It’s a calculated strategy that works reliably, year after year. And now there’s another holiday surprise to add to the list—the recent attack on the U.S. Treasury Department.
|
By CyberArk
In this episode of the Trust Issues podcast, host David Puner dives into the complexities of secrets management with Ritesh Desai, General Manager at AWS Secrets Manager. They discuss the evolving landscape of secrets management, emphasizing the importance of a multi-layered defense strategy as organizations increasingly adopt cloud services, digital transformation and agile development practices.
|
By Yuval Moss
The rise of generative AI (GenAI) over the past two years has driven a whirlwind of innovation and a massive surge in demand from enterprises worldwide to utilize this transformative technology. However, with this drive for rapid innovation comes increased risks, as the pressure to build quickly often leads to cutting corners around security. Additionally, adversaries are now using GenAI to scale their malicious activities, making attacks more prevalent and potentially more damaging than ever before.
|
By Lavi Lazarovitz
The year 2025 started with a bang, with these cybersecurity stories making headlines in the first few days: As the global threat landscape intensifies, the need for in-depth research and information sharing has never been greater. Our mission at CyberArk Labs is to empower cyber defenders with threat insights that help strengthen their identity security strategies.
|
By Sam Flaster
In 2025, global cybersecurity trends like the rise of Zero Trust, tightening data privacy and AI regulations and growing concerns over cloud security will only accelerate. Each of these evolving forces will also shift paradigms for the privileged access management (PAM) programs charged with safeguarding IT, cloud ops and third-party vendor users as they perform high-risk operations.
|
By Florin Lazurca
The discussion about managing the impact of shorter TLS certificate lifespans began with the proposal from Google to shorten the lifespan of public-facing certificates to 90 days. And then the plot thickened when Apple jumped in with a 45-day certificate proposal. We’re not fortune tellers, but we do believe these changes, or something close to them, will happen in the not-too-distant future.
|
By Omer Grossman
Let’s begin 2025 with an understatement about last year: 2024 was an eventful year for cybersecurity. That in itself is no surprise. The specifics, though, looked like this: AI use accelerated (for good and for bad), ransomware surged and relentless attacks on third parties shifted focus to cyber resilience.
|
By Len Noe
As 2024 comes to a close, today, I’m reflecting on some of the key events and trends that shaped my offensive security research this year. From publishing my first book to writing regular blogs on some of cybersecurity’s hottest topics, each piece has contributed to a clearer understanding of the evolving digital landscape.
|
By CyberArk
In this episode, Trust Issues host David Puner wraps up 2024 with a conversation with Red Hat’s Field CTO Ambassador E.G. Nadhan about the future of cybersecurity. They discuss the importance of cloud security principles, the impact of emerging technologies like AI and quantum computing, and the challenges of managing machine identities.
|
By Omer Grossman
Many years ago, the philosopher Phaedrus said, “Things are not always what they seem; the first appearance deceives many; the intelligence of a few perceives what has been carefully hidden.” He couldn’t have possibly imagined today’s world, yet his warning encapsulates deepfakes, one of the greatest threats of modern times. As AI advances, digital disinformation is blurring the lines between fact and fiction.
|
By CyberArk
In this video, learn how to seamlessly integrate Wiz with CyberArk Privilege Cloud to enhance cloud security and streamline privileged account management (PAM).
|
By CyberArk
Discover how CyberArk and Wiz are revolutionizing cloud security! In this exclusive interview with Information Security Media Group, CyberArk Chief Strategy Officer Clarence Hinton and Wiz Vice President of Product Extensibility & Partnerships Oron Noah discuss how their partnership addresses critical cloud challenges: Key Highlights: Watch now to explore how CyberArk and Wiz empower organizations to secure their cloud environments effortlessly!
|
By CyberArk
Discover how CyberArk's transformation into a SaaS company reshaped its business and finance operations. SVP Nili Serr-Reuven shares insights on scaling a SaaS delivery model, the critical role of finance in transformation, and lessons learned along the way. Tune in for expert advice on driving growth and innovation in the SaaS space.
|
By CyberArk
Discover how the powerful integration between Wiz and CyberArk enhances cloud security by identifying and controlling excessive cloud privileges. In this demo, you'll see how Wiz flags risky access, while CyberArk applies just-in-time privileged access for secure administrative operations in multi-cloud environments. By leveraging the principle of least-privilege, CyberArk's Secure Cloud Access ensures all sessions are monitored for compliance and audit without slowing down your cloud development.
|
By CyberArk
Any user can become privileged in certain conditions. This includes everyday employees using business applications in which they can access - and take actions with - the resources attackers aim to exploit. And whether you're a CIO or a PAM admin, you likely see this evolution of privilege occurring regularly. Protecting your users' identities - from securing authentication to granting, certifying and revoking access - is essential. But it's not easy, as the users and apps requiring protection grow in number and scope. So how can your team rise to this challenge?
|
By CyberArk
With perimeter-focused architectures quickly becoming irrelevant, enterprises are looking toward identity-focused security measures to protect new "perimeterless" networks and new forms of working. Identity Security for Dummies is a primer on securing digital identities across the enterprise. This conversational book is written for technical and business stakeholders alike with plenty of examples, analogies and elements designed to make this security topic more approachable.
|
By CyberArk
Regardless of where enterprises are in their cloud journey, CyberArk's goal is to enable enterprises to protect their assets in AWS by providing powerful solutions for securing privileged access at each stage of their journey. Download this white paper to learn how CyberArk Identity Security solutions can be deployed with CyberArk's automation capabilities and used to proactively protect privileged access and detect threats in real-time in AWS environments.
|
By CyberArk
A quick read for actionable tips, technical insight and best practices. Privileged access represents one of the largest security vulnerabilities in today's digital landscape. Privileged accounts, credentials and secrets are everywhere throughout your IT infrastructure: on-premises, across multi-cloud and hybrid environments, in applications, on endpoints and in DevOps pipeline. Most security breaches involve a stolen privileged credential. That's why Privileged Access Management (PAM) is a critical part of any cyber security program.
|
By CyberArk
In January 2023, EU member states formally enacted a revision of the 2016 Network and Information Systems (NIS) Directive. Conceived in response to several widely publicized and damaging cyberattacks, the NIS2 Directive strengthens security requirements, streamlines reporting obligations and introduces more stringent supervisory measures and stricter enforcement requirements. This paper provides a brief introduction to NIS2 and explains how it might affect your business and how you can prepare.
|
By CyberArk
Cloud migration and digital transformation have led to an explosion of non-human identities that need to be secured across multiple cloud and hybrid environments. And more identities mean more secrets that need to be secured, rotated and managed. That's where SaaS-based secrets management can help. In this eBook, you'll learn about: Want to learn more about SaaS-based secrets management? Schedule a meeting to speak to one of our experts today!
- January 2025 (7)
- December 2024 (14)
- November 2024 (13)
- October 2024 (15)
- September 2024 (14)
- August 2024 (9)
- July 2024 (17)
- June 2024 (19)
- May 2024 (12)
- April 2024 (14)
- March 2024 (11)
- February 2024 (21)
- January 2024 (14)
- December 2023 (13)
- November 2023 (11)
- October 2023 (13)
- September 2023 (9)
- August 2023 (14)
- July 2023 (13)
- June 2023 (15)
- May 2023 (14)
- April 2023 (11)
- March 2023 (13)
- February 2023 (13)
- January 2023 (19)
- November 2022 (1)
- October 2022 (4)
By applying intelligent privilege controls to all identities – human and machine – CyberArk enables secure access to any resource, anywhere, everywhere – with a single Identity Security platform.
Seamlessly secure identities throughout the cycle of accessing any resource across any infrastructure, including hybrid, SaaS and multi-cloud. The CyberArk Identity Security Platform is the first line of defense against malicious actors and unauthorized access to protect what matters most.
Apply Intelligent Privilege Controls Across the Entire Identity Lifecycle:
- Workforce & Customer Access: Ensure that the right users have secure access to the right resources at the right times, by protecting workforce and customer credentials and tightly controlling access to on-premises and cloud-based applications, services and IT infrastructure.
- Endpoint Privilege Security: Take control over unmanaged privilege on the endpoints to significantly reduce the area of attack and defend from threats by removing local admin rights, enforcing role-specific least privilege and improving audit-readiness.
- Privileged Access Management: Secure privileged credentials and secrets with comprehensive capabilities for operating systems, endpoints, cloud infrastructure and workloads, servers, databases, applications, hypervisors, network devices, security appliances and more.
- Secrets Management: Secure and manage the secrets and credentials used by applications, machines and other non-human identities to access IT and other sensitive resources across both enterprise and external IT environments.
- Cloud Privilege Security: Extend privilege controls to cloud environments by analyzing, securing and monitoring access. Discover and remove excessive permissions by visualizing access for human, machine and federated identities.
- Identity Management: Automate the management of digital identities across enterprise IT environments and centrally create, maintain and analyze access to right-size permissions on the journey to least privilege.
Don’t just manage identities. Secure them.