CyberArk Privilege Cloud version 13.1 introduces new integrations and improved efficiencies for customers, including upgrades to the CyberArk Identity Security Platform Shared Services.
Improvements include:
- Windows 2022 target server support
- BMC Remedy integration
- Enhanced onboarding of personal privileged accounts
Version 13.1 improves the CyberArk Identity Security Platform Shared Services with key additions to the CyberArk Identity Security Intelligence (ISI) service: detection of suspected credential theft and use of unmanaged privileged accounts.
Release highlights include:
- Support for Windows 2022 target servers. CyberArk Privilege Cloud now supports Windows Server 2022 as a managed target system. Customers can manage target and service accounts (i.e., Windows Services) while enabling isolated, native and monitored sessions to these accounts. These capabilities help secure digital transformation efforts by allowing customers to extend existing privileged access management (PAM) processes to modern Windows infrastructure.
- BMC Remedy ITSM integration. Customers using BMC Remedy as their IT service management (ITSM) solution can now use the new integration with CyberArk Privilege Cloud. This integration only allows end users to securely retrieve credentials or connect to target machines if they have a pre-approved ticket for this action, helping reduce risk by adding another layer of control of privileged accounts.
- Personal privileged accounts for improved onboarding. This version introduces a new self-service workflow to simplify the secure management of personal privileged accounts that administrators use for operational access. The new workflow offers delegation of the personal privileged accounts onboarding process to the end user in a controlled manner. This new account creation flow introduces a quick and simple configuration process for IT admins to securely use personal privileged accounts used for operational access, such as _admin accounts. End users now must only enter basic details of the operational accounts they wish to manage – while the other, more advanced settings (i.e., platform and Central Policy Manager details) are preconfigured by the CyberArk Privilege Cloud administrator. Operational accounts are then securely stored in personal safes to maintain least privilege access.
Note: CyberArk recommends that organizations use this feature only for personal administrator accounts granting operational access, not for shared administrative accounts.
Learn more about the BMC Remedy integration.
Learn more about the administration of personal privileged accounts.
Learn more about the new onboarding workflow end-user.
Shared Services enhancements available for CyberArk Privilege Cloud customers using the CyberArk Identity Security Platform:
- CyberArk Identity Security Intelligence – automatic remediation for suspected credential theft (SCT). Customers who have configured detection of SCT can now activate automatic remediation of the bypass of PAM controls. Organizations can opt to configure automatic rotation of credentials of suspected compromised accounts to ensure their security for future connection.
Note: This capability is currently available for Splunk SIEM system users only.
Learn more about detection of suspected credential theft.
- CyberArk Identity Security Intelligence – detect and remediate usage of unmanaged privileged accounts. Customers can now use CyberArk Identity Security Intelligence to detect connections to infrastructure using privileged accounts not secured by PAM controls. CyberArk Identity Security Intelligence automatically adds these accounts to CyberArk Privilege Cloud’s Pending Accounts list, where they await onboarding to the Vault, to guarantee secure management of these accounts for future access. This detection helps organizations reduce the risk of credential theft while better enforcing existing security policies.
Note: This capability is currently available for Splunk SIEM system users only.
Learn more about detecting Unmanaged Privileged Accounts (UPA) in CyberArk ISI.
To learn more about all the new features, please visit:
Release notes and documentation
Upgrade process for CyberArk Privilege Cloud Connector
Component downloads are available in the CyberArk Marketplace