Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2024

Discovering Hidden Vulnerabilities in Portainer with CodeQL

Recently, we researched a project on Portainer, the go-to open-source tool for managing Kubernetes and Docker environments. With more than 30K stars on GitHub, Portainer gives you a user-friendly web interface to deploy and monitor containerized applications easily. Since Portainer is an open-source, we thought CodeQL, an advanced code analysis tool, be a good fit to check its codebase for any security issues.

Building Trust in Digital Retail: How Identity Security Protects E-Commerce

As retailers prepare for a season of high-demand online shopping, the risks of cyberthreats continue to grow, much like the need for increased security in a bustling mall on busy shopping days. In today’s retail landscape, identity security serves as the “mall security team” of the digital world—working behind the scenes to protect customer trust and to help ensure seamless, secure shopping experiences.

New Discovery Service Boosts Security and Efficiency for IT Admins in the CyberArk Identity Security Platform

The new discovery service, delivered by the CyberArk Identity Security Platform, introduces new capabilities and streamlines the scanning of environments containing *nix, Windows and MacOS target machines. The new service offers SaaS-based flexible scans, local accounts discovery based on endpoint agents, data collection and enhanced automation using Discovery rules.

How to Protect Your IoT and OT Devices from Cyberthreats

The rise of the Internet of Things (IoT) and Operational Technology (OT) devices is reshaping industries, accelerating innovation and driving new efficiencies. However, as organizations increasingly depend on these devices, the security challenges associated with them are mounting. Traditional security measures often fall short in protecting these critical assets from cyberthreats, leaving organizations vulnerable to potentially severe disruptions.

EP 64 - Identity Reinvention: Insights From the World's First Augmented Ethical Hacker

In this episode of the Trust Issues Podcast, host David Puner sits down with CyberArk’s resident technical evangelist, white hat hacker and transhuman, Len Noe. They dive into Len’s singular journey from a black hat hacker to an ethical hacker, exploring his identity reinvention and the fascinating world of subdermal microchip implants and offensive security.

CIO POV: Building Trust in Cyberspace

Trust lies at the heart of every relationship, transaction and encounter. Yet in cyberspace—where we work, live, learn and play—trust can become elusive. Since the dawn of the Internet nearly 50 years ago, we’ve witnessed incredible digital transformations paired with increasingly formidable threats. Knowing who and what to trust has become so difficult that the very notion of trust has been flipped on its head.

Intelligent Privilege Controls: A Quick Guide to Secure Every Identity

Security used to be simpler. Employees, servers and applications were on site. IT admins were the only privileged identities you had to secure, and a strong security perimeter helped to keep all the bad guys out. Times have changed. Attackers targeting identities is not new. What’s different is the dramatic increase in the quantities and types of identities, attacks and environments.

EP 63 - Jailbreaking AI: The Risks and Realities of Machine Identities

In this episode of Trust Issues, host David Puner welcomes back Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, for a discussion covering the latest developments in generative AI and the emerging cyberthreats associated with it. Lavi shares insights on how machine identities are becoming prime targets for threat actors and discusses the innovative research being conducted by CyberArk Labs to understand and mitigate these risks.

Who's Responsible for Your Security?

Antivirus, malware protection, email security, EDR, XDR, next-generation firewalls, AI-enabled analytics – the list of protective controls and vendors appears to go on forever. Each day, bad actors discover new attack vectors that provide them with new roads to create chaos and destruction. News of data leaks, breaches and exposures has reached the point where it leaves most people numb and apathetic.

Six Key Measures for Upholding Election Security and Integrity

Decision 2024 – the ultimate election year – is in full swing, with more than 60 countries holding national elections this cycle. In the United States, where presidential candidates are polling neck and neck and stakes are high, this “first true AI election” has brought election security to the forefront of the conversation.

A New Era of Machine Identity Security: Welcome Venafi to CyberArk

We are thrilled to announce that we have completed the acquisition of Venafi, a recognized leader in machine identity management. This strategic move aligns with our commitment to not just protecting human identities but expanding our capabilities for securing the rapidly growing world of machine identities.

Secure Cloud Access with Wiz & CyberArk: Enhance Multi-Cloud Security at Cloud Speed | CyberArk

Discover how the powerful integration between Wiz and CyberArk enhances cloud security by identifying and controlling excessive cloud privileges. In this demo, you'll see how Wiz flags risky access, while CyberArk applies just-in-time privileged access for secure administrative operations in multi-cloud environments. By leveraging the principle of least-privilege, CyberArk's Secure Cloud Access ensures all sessions are monitored for compliance and audit without slowing down your cloud development.