CyberArk Software Ltd. introduced new features to its SaaS portfolio for enhanced privileged access security and management.
The vendor added CyberArk Alero to its Privileged Access Security product lineup and enhanced capabilities for CyberArk Endpoint Privilege Manager and CyberArk Privilege Cloud to reduce risk of cyberattack on privileged access accounts and reduce security breaches, enhancing organizations' overall cybersecurity.
According to CyberArk, customers increasingly operate in SaaS and cloud-first environments, requiring cybersecurity protection specifically for hybrid environments. Privileged access accounts -- having elevated permissions and access to an organization's critical information and resources -- are often targets for attack; those successful in hacking a privileged access account can potentially have full control of data and assets across the enterprise.
According to a 2019 Verizon data breach investigations report, privileged account misuse was the leading pattern for security incidents and the third-leading cause of security breaches. Gartner identifies four best practices for privileged access management to reduce the risk of security incidents: track and secure privileged accounts, govern and control access, record and audit privileged activity, and operationalize privileged tasks.
CyberArk Alero mitigates risks associated with remote vendors that access critical systems through CyberArk. Alero provides zero-trust access and provides the organization with full visibility and control of privileged activities. In addition to zero-trust access, CyberArk Alero combines biometric authentication and just-in-time provisioning without VPNs, agents or passwords. The vendor claims this offering reduces remote vendor onboarding time from hours to minutes.
The platform upgrade also brings just-in-time elevation and access to CyberArk Endpoint Privilege Manager. The updates reduce risk of unmanaged administrative access on both Windows and Mac endpoints and enables organizations to allow admin-level access to endpoints on demand for a specific period of time, with a full audit log and ability to revoke access, reducing operational friction.
CyberArk also improved its security-as-a-service offering, CyberArk Privilege Cloud. Updates to the cloud enable midsize businesses to continuously discover and manage privileged credentials as well as record and audit privileged sessions for compliance. CyberArk Privilege Cloud supports over 150 integrations for credential and privileged session management.
CyberArk Alero and the upgraded versions of CyberArk Endpoint Manager and CyberArk Privilege Cloud will be generally available later this quarter.