Newton, MA, USA
Sep 29, 2023   |  By Omer Grossman
Every IT and security leader loses sleep over insider threats. They’re notoriously difficult to detect, costly to mitigate and can lead to widespread loss and reputational damage. Despite efforts to mitigate insider threats, current global risks and economic pressure are fueling the flame. There’s no silver bullet for insider threat protection, however a greater focus on culture, engagement and empowerment can make a real difference.
Sep 22, 2023   |  By Andy Thompson
The recent cyberattack on MGM Resorts International has raised serious concerns about the security of sensitive data and the vulnerabilities organizations face in today’s digital landscape. In this blog post, we will dive into the details of the attack based on the information currently available, analyze its root causes and discuss key takeaways to help organizations strengthen their security posture.
Sep 21, 2023   |  By CyberArk
Our guest today is Phillip Wylie, an offensive security professional and evangelist, author and podcast host who recently added director of services and training at Scythe to his extensive CV. Wylie talks with host David Puner about the critical need for ethical hacking in cybersecurity, identity security revelations from years of penetration testing, and his fascinating career arc, which began in professional wrestling. Considering a cybersecurity career?
Sep 21, 2023   |  By Gil Rapaport
Over six in 10 security decision-makers say their teams operate with limited visibility across their environments. Why? We could easily speculate that it comes down to the tools they do or don’t use. However, two-thirds of enterprises now have tools from up to 40 different security vendors in place, and they’re still struggling for insights into the constant cycle of identities seeking access. I believe there’s a bigger-picture challenge we need to – and can – solve for.
Sep 19, 2023   |  By Yonatan Klein
Today, more than ever, security is all about identity. Especially in the cloud, the central management and proliferation of cloud services means that with the proper identity and permissions, one can do almost anything (legitimate or malicious).
Sep 14, 2023   |  By John Walsh
Open source software (OSS) has driven technological growth for decades due to its collaborative nature and ability to share information rapidly. However, major OSS security vulnerabilities like Log4j, Heartbleed, Shellshock and others have raised concerns about the security and sustainability of similar projects. At the same time, major open source-based companies have changed their OSS licenses, like MongoDB, Elastic (formerly ElasticSearch), Confluent, Redis Labs and most recently, HashiCorp.
Sep 11, 2023   |  By Barak Feldman
Today, I’m honored to share that CyberArk has been named a Leader in the “2023 Gartner® Magic Quadrant™ for Privileged Access Management.” This is the fifth time our company has been positioned as a Leader in this report.
Sep 8, 2023   |  By Andrey Pozhogin
Investing in cybersecurity is a lot like working hard to save for retirement. Your budget’s already tight, but you must secure the future. You’re faced with endless headlines and market updates that make you nervous about making the wrong choices – or not making moves quickly enough amid fast-changing conditions.
Sep 7, 2023   |  By CyberArk
In this episode, we welcome back Shay Nahari, VP of CyberArk Red Team Services. His discussion with host David Puner revolves around attacker innovation, focusing on key areas like cascading supply chain attacks and session cookie hijacking. Lean in as Nahari explains how the Red Team simulates real-world attacks to help organizations identify vulnerabilities and improve their security posture.
Aug 30, 2023   |  By James Imanian
The U.S. Securities and Exchange Commission (SEC) recently announced a ruling aimed at enhancing public companies’ cybersecurity risk management, strategy, governance and incident disclosure. To sum it up, companies must report cyberattacks within four days of determining an incident is “material” and divulge details about their cybersecurity programs annually.
Aug 7, 2023   |  By CyberArk
CyberArk CIO, Omer Grossman discusses how to target the ransomware kill chain during Cyber Week Tel Aviv 2023.
Jul 26, 2023   |  By CyberArk
Fireside chat with Udi Mokady, CyberArk Founder & Executive Chairman, and Keren Elazari, Cyber analyst & researcher.
Jul 25, 2023   |  By CyberArk
IMPACT is CyberArk's annual customer and industry conference. More than 3,000 security leaders and practitioners participated in Boston and virtually to discuss the ever-expanding attack surface, attacker techniques and trends in identity-based cyberattacks, and the latest innovations in Identity Security technology. In-person attendees took advantage of hands-on product training and labs sessions, and obtained valuable certifications, as well as exchanged best practices and learnings with other customers.
Jul 13, 2023   |  By CyberArk
BBC World News "Talking Business" host Aaron Heslehurst speaks with CyberArk CEO Matt Cohen about identity security, attacker innovation, ransomware as service (RaaS) and how business can keep themselves secure from attacks.
Jun 16, 2023   |  By CyberArk
We are so proud to share CYBR Pride Employee Resource Group members Luke Thomas, Ani King and Fayssal Chenna as they discuss the importance of visibility and what it means for the LGBTQIA+ community. Listen to them talk about the power of representation and how we can all contribute to creating a safe space for everyone.
Mar 3, 2023   |  By CyberArk
Any user can become privileged in certain conditions. This includes everyday employees using business applications in which they can access - and take actions with - the resources attackers aim to exploit. And whether you're a CIO or a PAM admin, you likely see this evolution of privilege occurring regularly. Protecting your users' identities - from securing authentication to granting, certifying and revoking access - is essential. But it's not easy, as the users and apps requiring protection grow in number and scope. So how can your team rise to this challenge?
Mar 3, 2023   |  By CyberArk
With perimeter-focused architectures quickly becoming irrelevant, enterprises are looking toward identity-focused security measures to protect new "perimeterless" networks and new forms of working. Identity Security for Dummies is a primer on securing digital identities across the enterprise. This conversational book is written for technical and business stakeholders alike with plenty of examples, analogies and elements designed to make this security topic more approachable.
Feb 1, 2023   |  By CyberArk
Regardless of where enterprises are in their cloud journey, CyberArk's goal is to enable enterprises to protect their assets in AWS by providing powerful solutions for securing privileged access at each stage of their journey. Download this white paper to learn how CyberArk Identity Security solutions can be deployed with CyberArk's automation capabilities and used to proactively protect privileged access and detect threats in real-time in AWS environments.
Feb 1, 2023   |  By CyberArk
A quick read for actionable tips, technical insight and best practices. Privileged access represents one of the largest security vulnerabilities in today's digital landscape. Privileged accounts, credentials and secrets are everywhere throughout your IT infrastructure: on-premises, across multi-cloud and hybrid environments, in applications, on endpoints and in DevOps pipeline. Most security breaches involve a stolen privileged credential. That's why Privileged Access Management (PAM) is a critical part of any cyber security program.
Jan 1, 2023   |  By CyberArk
In January 2023, EU member states formally enacted a revision of the 2016 Network and Information Systems (NIS) Directive. Conceived in response to several widely publicized and damaging cyberattacks, the NIS2 Directive strengthens security requirements, streamlines reporting obligations and introduces more stringent supervisory measures and stricter enforcement requirements. This paper provides a brief introduction to NIS2 and explains how it might affect your business and how you can prepare.
Jan 1, 2023   |  By CyberArk
Cloud migration and digital transformation have led to an explosion of non-human identities that need to be secured across multiple cloud and hybrid environments. And more identities mean more secrets that need to be secured, rotated and managed. That's where SaaS-based secrets management can help. In this eBook, you'll learn about: Want to learn more about SaaS-based secrets management? Schedule a meeting to speak to one of our experts today!

By applying intelligent privilege controls to all identities – human and machine – CyberArk enables secure access to any resource, anywhere, everywhere – with a single Identity Security platform.

Seamlessly secure identities throughout the cycle of accessing any resource across any infrastructure, including hybrid, SaaS and multi-cloud. The CyberArk Identity Security Platform is the first line of defense against malicious actors and unauthorized access to protect what matters most.

Apply Intelligent Privilege Controls Across the Entire Identity Lifecycle:

  • Workforce & Customer Access: Ensure that the right users have secure access to the right resources at the right times, by protecting workforce and customer credentials and tightly controlling access to on-premises and cloud-based applications, services and IT infrastructure.
  • Endpoint Privilege Security: Take control over unmanaged privilege on the endpoints to significantly reduce the area of attack and defend from threats by removing local admin rights, enforcing role-specific least privilege and improving audit-readiness.
  • Privileged Access Management: Secure privileged credentials and secrets with comprehensive capabilities for operating systems, endpoints, cloud infrastructure and workloads, servers, databases, applications, hypervisors, network devices, security appliances and more.
  • Secrets Management: Secure and manage the secrets and credentials used by applications, machines and other non-human identities to access IT and other sensitive resources across both enterprise and external IT environments.
  • Cloud Privilege Security: Extend privilege controls to cloud environments by analyzing, securing and monitoring access. Discover and remove excessive permissions by visualizing access for human, machine and federated identities.
  • Identity Management: Automate the management of digital identities across enterprise IT environments and centrally create, maintain and analyze access to right-size permissions on the journey to least privilege.

Don’t just manage identities. Secure them.