IoT
9/27/2017
11:35 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ForeScout and CyberArk Partner to Dynamically Secure Devices Across the Enterprise to Reduce the Attack Surface

SAN JOSE, Calif. and NEWTON, Mass., September 27, 2017ForeScout Technologies, Inc., a leading Internet of Things (IoT) security company, and CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced a new partnership and joint solution. The joint solution, available as the ForeScout® Extended Module for CyberArk®, provides deep enterprise security capabilities to improve visibility and insight into privileged accounts on previously unknown devices, enforce greater security controls, and automate threat detection and response.

Privileged accounts continue to proliferate across enterprise networks in multiple repositories and connected devices, exponentially expanding the attack surface. Privileged accounts provide powerful access to an organization’s most sensitive data across business applications and critical IT infrastructure. Since compromised privileged credentials are used in the majority of cybersecurity incidents, organizations need a security solution that can help protect these credentials from being exploited by attackers.  

Joint customers can further reduce the attack surface through the sophisticated integration of ForeScout and CyberArk solutions that increase privileged account security and accountability. ForeScout has pioneered an agentless approach that provides real-time visibility, classification, assessment and monitoring of network-connected devices. More than 28 billion devices will be connected to the internet by 2020[1] and the vast majority won’t be manageable using agent-based security methods. ForeScout scans the network in real time and automates policy-based access control and enforcement of these devices based on their security posture and behavior without using an agent.

CyberArk provides a critical layer of IT security that protects against advanced cyber attacks and insider threats across the enterprise – on-premises, in the cloud and on endpoints. CyberArk’s comprehensive privileged account security solution combines proactive protection and threat detection designed with security first.

“The lack of visibility into unknown privileged accounts across the network, combined with an increasing number of devices connecting to enterprises, creates gaping holes that allow hackers to easily infiltrate unsuspecting organizations,” said Pedro Abreu, senior vice president and chief strategy officer, ForeScout. “ForeScout is teaming up with CyberArk to give our joint customers a distinct advantage that expands their visibility and control across their infrastructure to reduce security risks and help stop attackers before they inflict serious damage.”

The ForeScout Extended Module for CyberArk helps customers:

  • Discover and Secure Unmanaged Privileged Accounts: Enhanced insight and knowledge into unmanaged devices and local privileged accounts across a diverse set of network-connected devices to improve visibility and reduce risk. Additional capabilities include increased coverage of enterprise privileged accounts and the ability to identify orphaned accounts to reduce the attack surface.
  • Detect and Respond to High-Risk Privileged Account Activity: Automated policy-based actions to quarantine and remediate connected devices based on correlated threat intelligence from different network sources, including CyberArk Privileged Threat Analytics, which leverages device security posture, privileged user activity and overall threat exposure to drive rapid threat response.
  • Secure and Manage Privileged Credentials used by CounterACT: Enterprises improve their ability to securely access, monitor and manage endpoints by using secured credentials managed by the CyberArk solution.

“ForeScout and CyberArk are providing industry-leading threat intelligence and insight into organizations’ network security posture and the areas that are most vulnerable to attack,” said Adam Bosnian, executive vice president, global business development, CyberArk. “This is a powerful partnership that will directly benefit our customers by integrating multiple security solutions across critical areas such as discovery, analytics and credential management, enabling customers to gain valuable context to prioritize response.” 

The ForeScout Extended Module for CyberArk is generally available now. For more information, visit ForeScout Technology Partner or CyberArk Technology Partners.

Additional Resources:

 About ForeScout

ForeScout Technologies, Inc. helps make the invisible visible. Our company provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and IoT devices the instant they connect to the network. Our technology integrates with disparate security tools to help organizations accelerate incident response, break down silos, automate workflows and optimize existing investments. Learn more at www.forescout.com.

About CyberArk                                                                                                       

CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including more than 50 percent of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com, read the CyberArk blog, or follow on Twitter via @CyberArk, LinkedIn or Facebook.


© 2017. ForeScout Technologies, Inc. is a privately held Delaware corporation. ForeScout, the ForeScout logo, ActiveResponse, ControlFabric, CounterACT, CounterACT Edge and SecureConnector are trademarks or registered trademarks of ForeScout. Other names mentioned may be trademarks of their respective owners.


[1] ABI Research, Internet of Everything Market Tracker

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
12 Free, Ready-to-Use Security Tools
Steve Zurier, Freelance Writer,  10/12/2018
Most IT Security Pros Want to Change Jobs
Dark Reading Staff 10/12/2018
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.