CyberArk supports Amazon Inspector

CyberArk has introduced expanded privileged account security solutions for Amazon Web Services (AWS) to help customers better protect against, detect and respond to advanced threats.

  • 7 years ago Posted in
Many organisations already run at least part of their operations in the cloud, while others are seeking to accelerate their migration strategies - with industry research predicting that up to 80 percent of workloads will run on a cloud architecture by 2024.1 Migrating from the data centre to the cloud introduces different cyber security considerations, particularly associated with securing privileged user and application credentials used to manage consoles, enable applications to connect with sensitive assets, and dynamically scale elastic production environments.
 
For enterprises migrating to the cloud, CyberArk helps customers seamlessly extend and consistently enforce the security policies they have in place today on their on-premises infrastructure into their emerging cloud and DevOps environments
 
Prioritise Risk Reduction in AWS Environments
Customers and partners can now take advantage of CyberArk’s integrations with multiple AWS services that both reduce and simplify the prioritisation of privilege-related vulnerabilities:
 
  • Simplify the Discovery and Exposure of Privileged Credential Risk – CyberArk Discovery and Audit (DNA) tool v7.1 simplifies the discovery and reporting on privileged users, instances, credentials and keys in the AWS environment. Specifically, CyberArk DNA scans and discovers the AWS environment for Identity and Access Management (IAM) users, AWS access keys and Amazon Elastic Compute Cloud (Amazon EC2) Key pairs to identify potential privilege-related risks, like unmanaged SSH keys. The CyberArk DNA integration with Amazon Inspector pulls data and findings, such as the number of high severity findings on Amazon EC2 instances, into a single CyberArk dashboard to alert and help security teams visualise and prioritise risk mitigation.
  • Secure and Mange AWS Access Keys – Organisations can automatically discover and secure privileged accounts in cloud-based environments by proactively securing AWS Access Keys as well as managing and rotating those keys based on their security and compliance policy. AWS access keys are used by applications and scripts for invoking AWS APIs. It is essential to remove them from code and configuration files, and assure that they are rotated periodically to avoid the potential for uncontrolled administrative access.
 
When a leading provider of value-added services to telecommunication operators and retailers in Latin America chose to move its data centre to AWS, it recognised the importance of ensuring privileged account security was in place to protect its cloud assets from the beginning. It chose to work with CyberArk to improve the process of managing security.
 
“CyberArk delivers flexible and secure protection for cloud-based environments. These new capabilities provide greater confidence to security teams that need to make sure privilege-related policies are applied consistently across the enterprise and extended into their enterprise AWS environment,” said Roy Adar, senior vice president, product management, CyberArk. “CyberArk helps build privileged account security into cloud environments from the beginning with automatic provisioning and continuous visibility during cloud migration and on-going management.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...