CyberArk Privilege Cloud version 14.2 introduces improvement to Discovery and added capabilities to session management with the Dynamic Privileged Access (DPA) component, including access to Windows targets and an additional supported database. This release also introduces a new license consumption page and enhancements to security and user experience.
Improvements include:
- Windows discovery scans.
- Discovery Rules enhancements.
- Support for MongoDB database access.
- Video recording of Windows sessions with the DPA component.
- Windows access with the DPA component via the CyberArk Privilege Cloud portal.
- New license consumption for CyberArk Privilege Cloud.
- New Dubai data center for session management with the DPA component.
- HTTP Basic Authentication for web application support for Central Policy Manager (CPM) plugins.
- SAP NetWeaver Platform improvement.
Release Highlights:
Improvements to Discovery Service
New! Windows discovery
Discovery service keeps developing and just released an enhanced solution for Windows discovery scans. This solution will replace the existing Windows scan capability within a few months. The benefits of the new functionality include per-domain or machine list scan types, use of the scan “rerun” option, new scan APIs and utilization of the recently announced Discovery Rules , which enables a more intelligent, thorough and flexible tool for automating privileged account discovery and onboarding, enhancing security and improving user experience.
Discovery Rules enhancements
Ruleset import and export
By using the new ruleset import and export capabilities, customers can easily start building new credential discovery rulesets or efficiently copy and reuse rules in different environments.
Discovered account activities
Now, customers have more visibility into the activities of discovered privileged accounts. They can follow information or errors related to automatic account onboarding and fix or adjust them accordingly.
Support for MongoDB access
CyberArk Privilege Cloud now supports secure native access to MongoDB database with the DPA component with Zero Standing Privileges (ZSP) and vaulted credentials. This joins the existing support for MySQL, SQL server, MariaDB, PostgreSQL, Oracle, and Db2.
Learn more about managing database access with zero standing privileges and managing database access with vaulted credentials.
Improvements to PAM for Windows
Video recording of Windows sessions with the DPA component
With this release, customers can satisfy audit and compliance requirements by automatically recording Windows sessions brokered through the DPA component with either vaulted credentials or ZSP. The recordings are securely stored in the CyberArk service and are available for download from the Session Monitoring view via the Audit service tile. This joins the audit service’s existing support for SSH command audits for Linux, SQL query audits for databases, and kubectl commands for Kubernetes.
Note: Video recording of Windows sessions remains available for sessions brokered and managed through the Privileged Session Manager (PSM) component. The Dynamic Privileged Access component reduces TCO and PAM admin overhead and offers a less intrusive deployment with a quick installment of a lightweight connector.
Learn more about video recordings of Windows sessions.
Windows access with the DPA component via the CyberArk Privilege Cloud portal
With this release, users can utilize the existing and familiar Accounts page to connect directly to Windows targets with sessions managed by the DPA component. Users can connect to a Windows target with either the PSM or DPA component by using a simple configuration and clicking the 'Connect' button.
The connection is enabled based on a downloaded RDP file and the selected value, PSM or DPA. This ability allows for a lower footprint in connections to Windows targets from the web portal, in addition to the native connection that is already supported.
License Consumption page for CyberArk Privilege Cloud
CyberArk Privilege Cloud version 14.2 introduces a new License Consumption page, designed to provide customers with a comprehensive view of their license usage and management. This will allow customers to track their license consumption in real time, maximizing the value and ensuring the adoption of their CyberArk investment.
The new page covers the license consumption of CyberArk PAM and CyberArk Identity. In addition, we added a new API that exposes the consumption of CyberArk PAM licenses.
Learn more about the License consumption page.
New Dubai data center for session management with the DPA component
We've added a new data center in Dubai (UAE) to meet customer demand in the region. This data center joins our existing data centers for session management with the DPA component in Montreal (Canada), Mumbai (India), Frankfurt (Germany), London (UK), Singapore, Sydney (Australia), Tokyo (Japan), and Virginia (USA).
Learn more about CyberArk’s supported data centers for session management with Dynamic Privileged Access and Privileged Session Manager.
HTTP Basic Authentication for web application support for Central Policy Manager (CPM) plugins
Version 14.2 introduces HTTP Basic Authentication support for creating CPM plugins to manage privileged credentials used to access web applications. This enables secure authentication and management of privileged accounts using HTTP Basic Authentication credentials. This update is available to customers running CPM version 11.5 and above and offers increased flexibility and seamless integration with various authentication mechanisms, enhancing security and usability.
To benefit from this new capability, please download the latest framework from the CyberArk Marketplace.
SAP NetWeaver Platform improvement
Customers managing SAP NetWeaver Platform accounts can now support utilizing additional properties of SAP accounts, including R3NAME and GROUP, enhancing the platform's flexibility and functionality. Users can now leverage these properties to customize and optimize their SAP environments further, enabling improved efficiency, streamlined processes, and enhanced management capabilities. This empowers users to tailor their SAP setups according to specific organizational requirements, ultimately contributing to a more robust and tailored solution.
To benefit from this new capability, download the latest platform from the Marketplace.
To learn more about CyberArk Privilege Cloud’s new features, please visit:
Release notes and documentation.
Upgrade Process for Privilege Cloud Connector.
Additionally, the download of components is available on the CyberArk Marketplace.