“Change is the only constant in life” is a well-known adage first attributed to the Ancient Greek philosopher Heraclitus of Ephesus. While the world has evolved dramatically since Heraclitus’ day, this quote continues to ring true.
Fast forward to the summer of 2020 and everything feels in continuous flux. From a business and IT perspective, organizations have moved quickly to support their remote workforce and are continuing to explore new cloud-based solutions to help their organizations stay productive. Meanwhile, attackers are preying on global uncertainty and are specifically targeting these new enabling technologies, hoping to take advantage of misconfigurations and unknown vulnerabilities.
As security teams continue to adjust to the new normal, keeping their CyberArk privileged access management (PAM) deployments up to date with the latest enhancements is an important step to stay one step ahead of the attackers. So let’s take a look at some of the new features we’ve released in the CyberArk Privileged Access Security Solution version 11.6 (v11.6) to help security teams achieve security at scale in a changing landscape.
Vault Deployment – Have PAM Your Way with a Hybrid, Single or Multi-Cloud Deployment
As the volume of cyber attacks continues to increase, most attackers continue to rely on the exploitation of privileged credentials. As the attack surface grows with remote work environments and expanded cloud deployments, organizations are turning to PAM solutions that help prevent credential theft, stop vertical and lateral movement, and limit privilege escalation and abuse. Maintaining the availability of key PAM processes is an important element of a defense in-depth strategy.
With v11.6, CyberArk now supports Vault deployments in hybrid cloud architectures, in which Vaults are deployed between on-premises data centers and AWS or Azure cloud-based data centers for increased availability.
For example, organizations can now deploy their primary Vault on-premises while locating their Disaster Recovery Vault in their cloud environment, or vice-versa.
CyberArk customers can now optimize their Vault deployment for their specific environment: entirely on-premises, in a hybrid cloud environment, across different regions or availability zones in a single cloud provider network, or in a multi-cloud AWS and Azure architecture.
As many of our customers adopt software as a service (SaaS)-based approaches to their technology stack, CyberArk Privilege Cloud, our PAM as a Service solution, is an increasingly popular option. With CyberArk Privilege Cloud, failover between availability zones for the vault is offered as part of the service.
New Bulk Upload Features and REST APIs Simplify Onboarding and Discovery
Version 11.6 also introduces two new features to improve reporting and onboarding capabilities.
First, a new bulk upload feature makes it faster and easier to onboard privileged accounts, such as Windows and Linux admin accounts and SSH keys, supporting organizations as they scale their PAM solutions to secure more of their workloads. The bulk upload method reduces the time required to onboard accounts by 50% compared to existing REST API scripts, and by 75% compared to the Password Upload Utility.
Additionally, new REST API scripts provide users increased insight and detail on the status of privileged account discovery and onboarding. CyberArk administrators can measure the success and progress of discovery and onboarding efforts, enabling them to demonstrate the ROI of PAM efforts back to the business. The bulk upload method and new REST API scripts will be available for CyberArk Privilege Cloud in 2020 Q4.
Together, these new tools improve time to value and reporting capabilities for PAM deployments, allowing businesses to tackle complex PAM projects without sacrificing user experience.
Privileged Threat Analytics Scale Improvements and Deployment via Azure Resource Manager
In v11.6, we’ve also improved the scalability of key threat detection capabilities within the CyberArk Core Privileged Access Security solution. Each server running CyberArk’s threat analytics capabilities now analyzes up to 3,000 syslog events per second to detect risky and malicious privileged behavior —representing a 75% improvement in scalability.
In addition to the increased scalability, v11.6 also includes a Microsoft Azure Resource Manager (ARM) template, enabling customers to automatically deploy CyberArk privileged threat analytics capabilities in their Azure environments. Organizations can now deploy the related threat analytics infrastructure on-premises, in AWS or in Azure.
Learn More About CyberArk Privileged Access Security Solution v11.6
In today’s “new normal,” IT infrastructures are everything but. Organizations everywhere need security solutions that scale and allow them to confidently navigate change during their digital transformation journeys. At CyberArk, we’re committed to providing these solutions.
To learn more about CyberArk v11.6, contact us for a demo.