CyberArk Endpoint Privilege Manager 22.4 update is available to a general audience starting April 12 and is bringing new protection capabilities for Linux platforms, enhancements to the management console user interface and improvements for the macOS deployment mechanism.
Endpoint Privilege Manager 22.4 release highlights include:
Protection capabilities for Linux platforms
CyberArk Endpoint Privilege Manager™ for Linux is designed to enforce the principle of least privilege for Linux servers and workstations. The solution eliminates manually intensive, error-prone sudo administrative processes, allowing endpoint security managers to centrally configure sudo and enforce least privilege across Linux systems, at scale, based on policy.
Endpoint Privilege Manager for Linux includes the following capabilities:
Linux sudo command management
Endpoint Privilege Manager for Linux enables an effective, simple and scalable way to manage the least privilege on Linux machines using the standard sudo command syntax. Each command is executed or blocked based on the defined policies.
Centralized and flexible management of elevation policies
Endpoint Privilege Manager can define policies for elevation or denying a sudo command using the same SaaS management console that they use for managing privileges on Windows and macOS. Specific policies for each command or script can be defined by any combination of these parameters: path, arguments, checksum, symlink, interpreter (for scripts) and “run-as user.” Child processes can be controlled by the policy with “Block All,” “Elevate All” and “Elevate if permitted by any policy” options. Additionally, specific computer sets and/or users/groups can be included and excluded from the policy.
Specific policies can be activated and deactivated based on need.
Policy Audit
Endpoint Privilege Manager provides policy audit tools that give the Endpoint Privilege Manager administrator an in-depth, aggregated view of events that are triggered each time Endpoint Privilege Manager applies policies to applications on endpoints. With Policy Audit, the administrator can:
View an aggregated list of the collected policy usage events
Filter the list to narrow down your search/analysis
View event details
Versatile management options
The administrator has several ways to go about managing the Endpoint Privilege Manager for Linux agent. They can use the policy-based management of the least privilege through the centralized management console or REST API that was mentioned above. Users can also use the CLI management options for agent maintenance. Of course, the agent status and command elevation logging options with different verbosity levels are available as well.
Enhancements to the management console user interface
The enhancements to the Endpoint Privilege Manager SaaS management console include:
- A new Application Catalog (beta) section, which adds scanning management and a policy coverage report
- Improved Events management (beta), which features a new family tree tab; more information about deception events, under the Event Info tab; and a new Evidences tab, under Threat protection events
- Additional filters in Events Management and Policy Audit Events pages
Improved Endpoint Privilege Manager for macOS installation and distribution method
Starting from this release, the macOS agent enables you to create a dedicated PKG file and use any software distribution platform for the agent deployment.
There are also several security enhancements and bug fixes to ensure continued secure operation of the solution. For more details on Endpoint Privilege Manager 22.4 release, please see the product documentation.