CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced it was recently awarded another patent (U.S. Patent 9,386,044) by the U.S. Patent and Trademark Office for innovative security risk detection technology. This patent follows a previously granted patent (U.S. Patent 9,185,136) and demonstrates CyberArk’s expertise in detecting the risks that make cyber attacks possible in organizational networks.
The patent for correlation-based security risk identification covers methods and systems to map risks arising from credentials, especially privileged credentials, present on machines in the network that, once compromised, enable attackers to access and compromise other machines in the network.
CyberArk has implemented this innovative technology in the CyberArk Discovery and Audit (DNA) tool. CyberArk DNA is a valuable tool for security practitioners to quantify privileged account security-related risks and gain visibility into the vulnerable attack surface that exists within enterprise environments.
Once compromised by an attacker, privileged credentials can enable lateral movement to other machines in the network. Using CyberArk DNA, organizations can identify specific security risks, such as those associated with Pass-the-Ticket and Pass-the-Hash attacks, and visualize how attackers could abuse credentials and associated access rights to operate in the network.
CyberArk DNA is a free tool that enables organizations to complete risk assessment audits to:
- Discover where privileged accounts exist on their networks;
- Clearly assess privileged account security risks;
- Identify privileged credentials including SSH keys, embedded and hard-coded credentials, and password hashes;
- Collect reliable and comprehensive audit information to better lock down these powerful accounts and secure their networks.
“CyberArk continues to make strong investments in product research and development, with this latest patent reinforcing the importance of innovation for detecting risks and potential abuse of privileged credentials,” said Andrey Dulkin, director of cyber innovation at CyberArk Labs. “Incorporating these technologies into CyberArk DNA has a direct impact on helping organizations understand the risks associated with unmanaged credentials, with risk mapping as an important first step to establishing a proactive privileged account security program.”
Research by CyberArk Labs found that, on average, 40 percent of network machines can provide cyber attackers with credentials enabling them to start an attack that could compromise an organization’s entire network. To learn more, download the associated report, “Analyzing Real-World Exposure to Windows Credential Theft Attacks.”
To learn more about using CyberArk DNA to conduct a free risk assessment, please visit: http://www.cyberark.com/discover-privileged-accounts-exist-cyberark-dna/
CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including 45 percent of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. A global company, CyberArk is headquartered in Petach Tikvah, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout EMEA and Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.
Copyright © 2016 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.
Brian Merrill, +1-617-986-5005
Liz Campbell, +1-617-558-2191
Erica Smith, +1-617-630-6426