Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

9/26/2013
12:45 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

CyberArk Unveils Master Policy; Revolutionary Approach to Privileged Account Security Turns Business Policy Into Global Controls

In addition to Master Policy, CyberArk’s version 8.0 includes the Universal Connector

Newton, Mass. – September 25, 2013 – CyberArk, the company securing the heart of the enterprise, today announced the availability of Master Policy, a bold new 'policy engine' that enables customers to set, manage and monitor privileged account security in a single, simple, native language interface. The once complex process of transforming business policy and procedures into technical settings is now easily manageable and understandable to an organization's stakeholders, including security operations, risk officers and auditors. Master Policy is embedded at the core of all of CyberArk's privileged account security products, providing simplified, unified and unequaled policy management. The release is available in version 8.0 of CyberArk's privileged account security solution released today and will ship with all new installations of CyberArk's Privileged Identity Management (PIM) and Privileged Session Management (PSM) suites.

Privileged accounts have been identified as the primary target in internal and advanced external attacks, and have been implicated in 100% of breaches[1]. As the risk of advanced threats increases, compliance regulations like PCI DSS, Sarbanes Oxley, NIST, NERC-CIP, HIPAA and others have become stricter. Master Policy enables organizations to set policy first to better meet their security and compliance needs.

Key benefits of Master Policy include:

A simplified process for creating and managing privileged account security policy, that can now be set up in minutes rather than days or weeks;

Improved security posture of the organization by approaching privileged account security with policy first;

Meets business demands by quickly and accurately translating written policy into privileged account security controls;

Enables organizations to meet and demonstrate compliance regulations like PCI DSS, Sarbanes Oxley, NIST, NERC-CIP and more;

Allows enterprise global policy to be set while providing controlled, granular level exceptions to meet the unique operational needs of the business;

Decreases resource strain by empowering security risk and audit teams to enforce policy in their native language.

"Policy is the foundation of a sound security infrastructure. It has been difficult to enforce written policy throughout the enterprise, as it is time-consuming and difficult to translate that written policy to technical settings for operational departments," said Sally Hudson, Research Director, IDC. "With today's advanced threat landscape, the enterprise can no longer afford to overlook the importance of accurate policy settings and enforcement. Simplifying this process gives control back to the security, risk and audit teams and allows them to use their expertise to mitigate the risks posed by insider and outsider threats and comply with strict regulations."

In addition to Master Policy, CyberArk's version 8.0 includes the Universal Connector, empowering organizations to extend privileged session monitoring to virtually any component of their IT infrastructure, including networks, servers, hypervisors, databases, applications and more. Using customizable solutions, efficient automation and offering 200+ existing connectors, CyberArk is able to support nearly all current enterprise systems.

"With the introduction of the Master Policy engine, as well as the extended capabilities of the Universal Connector, CyberArk continues its leadership to remain at the forefront of security," said Roy Adar, vice president of product management, CyberArk. "We are proud to be the only solution that ties together uncompromised core security with a deep understanding of policies and regulations. As privileged accounts continue to be exploited by cyber attackers and rogue insiders, it is our goal to put an end to this vulnerability by arming our customers with the strongest possible defense."

Version 8.0 of CyberArk's privileged account security solution, including the Privileged Identity Management and Privileged Session Management suites, is available today.

About CyberArk

CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world's leading companies – including 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. CyberArk is a vital security partner to more than 1,300 global businesses, including 17 of the world's top 20 banks. Headquartered in Newton, MA, CyberArk also has offices throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com, read the company blog, http://www.cyberark.com/blog/, follow on Twitter @CyberArk or Facebook at https://www.facebook.com/CyberArk.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5641
PUBLISHED: 2020-11-24
Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.
CVE-2020-5674
PUBLISHED: 2020-11-24
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-29002
PUBLISHED: 2020-11-24
includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.
CVE-2020-29003
PUBLISHED: 2020-11-24
The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
CVE-2020-26890
PUBLISHED: 2020-11-24
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the r...