CyberArk Privilege Cloud 14.0 Release

November 30, 2023 Lilach Faerman Koren

CyberArk Privilege Cloud 14 Release

CyberArk Privilege Cloud v14.0 introduces improved operational efficiency and security with enhancements to the solution, which is part of the CyberArk Identity Security Platform

Improvements include:

  • Privileged Session Manager (PSM) enhancements
  • Updated third-party DLLs in the CyberArk Marketplace
  • Accessibility improvements 

Customers using CyberArk Privilege Cloud v14.0 on the CyberArk Identity Security Platform also receive conditional access to establish connections from specified IP addresses. In addition, customers using CyberArk Endpoint Privilege Manager (EPM) benefit from the automatic discovery of Linux accounts on endpoints.

Release highlights include:

Conditional Access – Improved security with connections from authorized IP addresses

Customers can now configure conditional access for users, whereby only machines from authorized IP addresses can establish connections to target resources. This improves security by preventing access from malicious sources. Secure zones can be configured in the Identity Administration portal. 

Learn more about secure zones.

Automatic discovery and secrets rotation for local Linux accounts on endpoints

CyberArk Privilege Cloud customers on the CyberArk Identity Security Platform who use CyberArk Endpoint Privilege Manager (EPM) SaaS can now automatically discover local admin accounts on Linux machines, onboard them to CyberArk Privilege Cloud and apply automatic secrets rotation. This adds to the existing coverage of Windows and macOS accounts. After discovery, review and onboarding, the discovered accounts are managed together with all the other system accounts.

Automatic discovery is available through both the RESTful API and the CyberArk Privilege Cloud Web Portal under Accounts > Accounts Feed > Discovered Accounts.

Learn more about managing loosely connected devices.

Learn more about account discovery service.

The new Linux loosely connected device platform is available in the CyberArk Marketplace.

Improvements to CyberArk Privileged Session Manager (PSM)

  •  Improved efficiency for upgrading CyberArk PSM with new automated processes:
    • CyberArk PSM logs are now automatically zipped and placed in a dedicated archive folder. 
    • Automatic name change:
      • Default or domain PSMConnect or PSMAdminConnect. 
      • Automatically replace the username in the PSMConfigureAppLocker.ps1 and PSMHardning.ps1 scripts. 
  • Support for time-based one-time password (TOTP) in CyberArk PSM sessions with custom connection components. The Secure Web Application Connectors Framework now supports automatic connection to web applications enforced by MFA, with TOTP.
     
  • Customization of recordings safes retention extension permissions. PAM admins can now change the recording retention period on the PSM recordings safes through the CyberArk Privilege Cloud Web Portal (PVWA). 

Enhanced security and technical improvements with updated third-party DLLs, now in the CyberArk Marketplace:

Accessibility Improvements

CyberArk Privilege Cloud Web Portal (Modern UI) Accessibility Improvements:

Accounts and requests screens are now compatible with WCAG 2.1 (AA) for item 1.4.10 (AA) – Zoom and Reflow.

Voluntary Product Accessibility Template (VPAT®) Report:

The VPAT report for compliance evaluation with WCAG is now available for CyberArk Privilege Cloud (PVWA).

To learn more about CyberArk Privilege Cloud’s new features, please visit:

Additionally, component downloads are available in the CyberArk Marketplace.
 

Previous Article
Dynamic Privileged Access – Sydney Data Center, Improved RDP and SSH Connections
Dynamic Privileged Access – Sydney Data Center, Improved RDP and SSH Connections

CyberArk DPA adds Sydney data center, offering improved RDP connections with robust account policies, simpl...

Next Article
CyberArk Identity 23.11 Release
CyberArk Identity 23.11 Release

The CyberArk Identity 23.11 release includes extended passwordless authentication capabilities with passkey...