CyberArk (NASDAQ:CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced expanded privileged account security solutions for Amazon Web Services (AWS) to help customers better protect against, detect and respond to advanced threats.
Many organizations already run at least part of their operations in the cloud, while others are seeking to accelerate their migration strategies - with industry research predicting that up to 80 percent of workloads will run on a cloud architecture by 2024.1 Migrating from the data center to the cloud introduces different cyber security considerations, particularly associated with securing privileged user and application credentials used to manage consoles, enable applications to connect with sensitive assets, and dynamically scale elastic production environments.
For enterprises migrating to the cloud, CyberArk helps customers seamlessly extend and consistently enforce the security policies they have in place today on their on-premises infrastructure into their emerging cloud and DevOps environments.
Prioritize Risk Reduction in AWS Environments
Customers and partners can now take advantage of CyberArk’s integrations with multiple AWS services that both reduce and simplify the prioritization of privilege-related vulnerabilities:
- Simplify the Discovery and Exposure of Privileged Credential Risk – CyberArk Discovery and Audit (DNA) tool v7.1 simplifies the discovery and reporting on privileged users, instances, credentials and keys in the AWS environment. Specifically, CyberArk DNA scans and discovers the AWS environment for Identity and Access Management (IAM) users, AWS access keys and Amazon Elastic Compute Cloud (Amazon EC2) Key pairs to identify potential privilege-related risks, like unmanaged SSH keys. The CyberArk DNA integration with Amazon Inspector pulls data and findings, such as the number of high severity findings on Amazon EC2 instances, into a single CyberArk dashboard to alert and help security teams visualize and prioritize risk mitigation.
- Secure and Manage AWS Access Keys – Organizations can automatically discover and secure privileged accounts in cloud-based environments by proactively securing AWS Access Keys as well as managing and rotating those keys based on their security and compliance policy. AWS access keys are used by applications and scripts for invoking AWS APIs. It is essential to remove them from code and configuration files, and assure that they are rotated periodically to avoid the potential for uncontrolled administrative access.
When a leading provider of value-added services to telecommunication operators and retailers in Latin America chose to move its data center to AWS, it recognized the importance of ensuring privileged account security was in place to protect its cloud assets from the beginning. It chose to work with CyberArk to improve the process of managing security.
“CyberArk delivers flexible and secure protection for cloud-based environments. These new capabilities provide greater confidence to security teams that need to make sure privilege-related policies are applied consistently across the enterprise and extended into their enterprise AWS environment,” said Roy Adar, senior vice president, product management, CyberArk. “CyberArk helps build privileged account security into cloud environments from the beginning with automatic provisioning and continuous visibility during cloud migration and on-going management.”
Within organizations’ cloud environments, the rapid creation and deletion of instances and their associated administrator accounts must be closely managed. CyberArk can detect and rotate credentials based on company policy, and monitor and record privileged access to deliver greater visibility into the security of cloud assets. In addition to AWS, CyberArk supports customers across multiple cloud environments including AWS, Azure, Google, Alibaba, mixed, hybrid, on-premises and as well as DevOps environments.
New AWS integrations and support are available now through the CyberArk Discovery and Audit (DNA) tool v7.1 and CyberArk Privileged Account Security Solution v9.8. CyberArk is an Amazon Inspector Partner: https://aws.amazon.com/inspector.
CyberArk will demonstrate AWS integrations at RSA Conference 2017 in San Francisco, February 13-16 at booth #N3209.
- Case Study – FS Deploys CyberArk for Privileged Account Security and SSH Key Management
- Video – Securing the Cloud with CyberArk Privileged Account Security
- White Paper – Securing Privileges in the Cloud
- White Paper – CyberArk Privileged Account Security for Amazon Web Services (AWS)
1Intel® and Bain analysis 2016
CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including 45 percent of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. A global company, CyberArk is headquartered in Petach Tikvah, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout EMEA and Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.
This release may contain forward-looking statements, which express the current beliefs and expectations of CyberArk’s management. Such statements involve a number of known and unknown risks and uncertainties that could cause the Company’s future results, performance or achievements to differ significantly from the results, performance or achievements expressed or implied by such forward-looking statements. Important factors that could cause or contribute to such differences include risks relating to: changes in the new and rapidly evolving cyber threat landscape; failure to effectively manage growth; fluctuations in quarterly results of operations; real or perceived shortcomings, defects or vulnerabilities in the Company’s solution or the failure of the solution to meet customers’ needs; the inability to acquire new customers or sell additional products and services to existing customers; competition from IT security vendors and other factors discussed under the heading “Risk Factors” in the Company’s most recent annual report on Form 20-F filed with the Securities and Exchange Commission. Forward-looking statements in this release are made pursuant to the safe harbor provisions contained in the Private Securities Litigation Reform Act of 1995. These forward-looking statements are made only as of the date hereof, and the Company undertakes no obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise.
Copyright © 2017 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.
Brian Merrill, +1-617-986-5005
Liz Campbell, +1-617-558-2191
Erica Smith, +1-617-630-6426