Monday, 28th September 2020

CyberArk expands just-in-time capabilities

CyberArk has unveiled new just-in-time access capabilities that help reduce risk and improve operational efficiency as organizations implement broader least privilege strategies. By extending just-in-time support with the ability to remove unnecessary standing access to Linux systems, CyberArk remains the only privileged access management vendor to provide comprehensive just-in-time offerings across cloud and hybrid environments and on the endpoint.

Some privileged accounts are granted standing, “always on” access despite only requiring access for brief periods of time – increasing the attack surface. This is particularly true in the case of SSH keys, which are often mismanaged and easily compromised. New CyberArk capabilities feature short-lived SSH certificate authentication to secure access to existing or newly created instances in Linux systems without the need to manually manage accounts and credentials.

With today’s announcement, CyberArk continues to deliver the broadest set of just-in-time use cases to enable least privilege including:

  • Temporary Elevation: With recent just-in-time elevation and access features in CyberArk Endpoint Privilege Manager, organizations can grant temporary local admin access to Windows and Macs workstations as well as Unix and Linux servers on a per-request basis for a fixed length of time.
  • Ephemeral Accounts: Provide temporary access to Unix and Linux systems based on Microsoft Active Directory Permissions and create a short-lived ephemeral account to establish a one-time session for authorized users. CyberArk also integrates with AWS Security Token Service to request temporary, limited-privileged credentials for AWS Identity and Access Management (IAM) users.
  • Broker and Remove Access – In addition to the new CyberArk Just-in-Time Access with SSH Certificate Authentication delivered via CyberArk Core Privileged Access Security or CyberArk Privilege Cloud, the company’s privileged access management as a service offering, CyberArk Alero also provides just-in-time access to third party remote users. Through integrations with popular IT Service Management solutions, CyberArk can grant temporary elevated access after ensuring the user has a valid open ticket or has received manual confirmation from authorized managers.

“Just-in-time is a function of an overall privileged access management program that reinforces least privilege principles. When coupled with other foundational elements, it becomes a key part of an evolving strategy for protecting privileged access,” said Nir Gertner, chief security strategist, CyberArk. “By delivering the industry’s most comprehensive portfolio of just-in-time capabilities, CyberArk helps organizations reduce standing privileged access risk, simplify operations and strengthen their overall security posture across hybrid IT environments.”

MobileIron has published the results of a new consumer sentiment study, which revealed QR codes are...
New report underscores the importance of layered security as zero day malware variants, JavaScript m...
Positive Technologies has released its most recent Cyber Threatscape report, an analysis of Q2 2020...
Report on government cyber security shows phishing, remote working and election security are common...
Cybersecurity remains a top priority for SMBs worldwide, as revealed in a survey conducted by Vanson...
Only 12% of chief information security officers (CISOs) excel in all four categories of the Gartner...
Attivo Networks has published the results of a new research report conducted with Kevin Fiscus of De...
The recent Kaspersky report ‘State of Industrial Cybersecurity in the Era of Digitalisation’ has rev...