NEWTON, Mass. and PETACH TIKVAH, Israel – February 9, 2017 – CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced expanded privileged account security solutions for Amazon Web Services (AWS) to help customers better protect against, detect and respond to advanced threats.
Many organizations already run at least part of their operations in the cloud, while others are seeking to accelerate their migration strategies – with industry research predicting that up to 80 percent of workloads will run on a cloud architecture by 2024.1 Migrating from the data center to the cloud introduces different cyber security considerations, particularly associated with securing privileged user and application credentials used to manage consoles, enable applications to connect with sensitive assets, and dynamically scale elastic production environments.
For enterprises migrating to the cloud, CyberArk helps customers seamlessly extend and consistently enforce the security policies they have in place today on their on-premises infrastructure into their emerging cloud and DevOps environments.
Prioritize Risk Reduction in AWS Environments
Customers and partners can now take advantage of CyberArk’s integrations with multiple AWS services that both reduce and simplify the prioritization of privilege-related vulnerabilities:
- Simplify the Discovery and Exposure of Privileged Credential Risk – CyberArk Discovery and Audit (DNA) tool v7.1 simplifies the discovery and reporting on privileged users, instances, credentials and keys in the AWS environment. Specifically, CyberArk DNA scans and discovers the AWS environment for Identity and Access Management (IAM) users, AWS access keys and Amazon Elastic Compute Cloud (Amazon EC2) Key pairs to identify potential privilege-related risks, like unmanaged SSH keys. The CyberArk DNA integration with Amazon Inspector pulls data and findings, such as the number of high severity findings on Amazon EC2 instances, into a single CyberArk dashboard to alert and help security teams visualize and prioritize risk mitigation.
- Secure and Manage AWS Access Keys – Organizations can automatically discover and secure privileged accounts in cloud-based environments by proactively securing AWS Access Keys as well as managing and rotating those keys based on their security and compliance policy. AWS access keys are used by applications and scripts for invoking AWS APIs. It is essential to remove them from code and configuration files, and assure that they are rotated periodically to avoid the potential for uncontrolled administrative access.
When a leading provider of value-added services to telecommunication operators and retailers in Latin America chose to move its data center to AWS, it recognized the importance of ensuring privileged account security was in place to protect its cloud assets from the beginning. It chose to work with CyberArk to improve the process of managing security.
“CyberArk delivers flexible and secure protection for cloud-based environments. These new capabilities provide greater confidence to security teams that need to make sure privilege-related policies are applied consistently across the enterprise and extended into their enterprise AWS environment,” said Roy Adar, senior vice president, product management, CyberArk. “CyberArk helps build privileged account security into cloud environments from the beginning with automatic provisioning and continuous visibility during cloud migration and on-going management.”
Within organizations’ cloud environments, the rapid creation and deletion of instances and their associated administrator accounts must be closely managed. CyberArk can detect and rotate credentials based on company policy, and monitor and record privileged access to deliver greater visibility into the security of cloud assets. In addition to AWS, CyberArk supports customers across multiple cloud environments including AWS, Azure, Google, Alibaba, mixed, hybrid, on-premises and as well as DevOps environments.
New AWS integrations and support are available now through the CyberArk Discovery and Audit (DNA) tool v7.1 and CyberArk Privileged Account Security Solution v9.8. CyberArk is an Amazon Inspector Partner: https://aws.amazon.com/inspector.
CyberArk will demonstrate AWS integrations at RSA Conference 2017 in San Francisco, February 13-16 at booth #N3209.
- Case Study – FS Deploys CyberArk for Privileged Account Security and SSH Key Management
- Video – Securing the Cloud with CyberArk Privileged Account Security
- White Paper – Securing Privileges in the Cloud
- White Paper – CyberArk Privileged Account Security for Amazon Web Services (AWS)
1Intel® and Bain analysis 2016