IoT
9/27/2017
11:35 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ForeScout and CyberArk Partner to Dynamically Secure Devices Across the Enterprise to Reduce the Attack Surface

SAN JOSE, Calif. and NEWTON, Mass., September 27, 2017ForeScout Technologies, Inc., a leading Internet of Things (IoT) security company, and CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced a new partnership and joint solution. The joint solution, available as the ForeScout® Extended Module for CyberArk®, provides deep enterprise security capabilities to improve visibility and insight into privileged accounts on previously unknown devices, enforce greater security controls, and automate threat detection and response.

Privileged accounts continue to proliferate across enterprise networks in multiple repositories and connected devices, exponentially expanding the attack surface. Privileged accounts provide powerful access to an organization’s most sensitive data across business applications and critical IT infrastructure. Since compromised privileged credentials are used in the majority of cybersecurity incidents, organizations need a security solution that can help protect these credentials from being exploited by attackers.  

Joint customers can further reduce the attack surface through the sophisticated integration of ForeScout and CyberArk solutions that increase privileged account security and accountability. ForeScout has pioneered an agentless approach that provides real-time visibility, classification, assessment and monitoring of network-connected devices. More than 28 billion devices will be connected to the internet by 2020[1] and the vast majority won’t be manageable using agent-based security methods. ForeScout scans the network in real time and automates policy-based access control and enforcement of these devices based on their security posture and behavior without using an agent.

CyberArk provides a critical layer of IT security that protects against advanced cyber attacks and insider threats across the enterprise – on-premises, in the cloud and on endpoints. CyberArk’s comprehensive privileged account security solution combines proactive protection and threat detection designed with security first.

“The lack of visibility into unknown privileged accounts across the network, combined with an increasing number of devices connecting to enterprises, creates gaping holes that allow hackers to easily infiltrate unsuspecting organizations,” said Pedro Abreu, senior vice president and chief strategy officer, ForeScout. “ForeScout is teaming up with CyberArk to give our joint customers a distinct advantage that expands their visibility and control across their infrastructure to reduce security risks and help stop attackers before they inflict serious damage.”

The ForeScout Extended Module for CyberArk helps customers:

  • Discover and Secure Unmanaged Privileged Accounts: Enhanced insight and knowledge into unmanaged devices and local privileged accounts across a diverse set of network-connected devices to improve visibility and reduce risk. Additional capabilities include increased coverage of enterprise privileged accounts and the ability to identify orphaned accounts to reduce the attack surface.
  • Detect and Respond to High-Risk Privileged Account Activity: Automated policy-based actions to quarantine and remediate connected devices based on correlated threat intelligence from different network sources, including CyberArk Privileged Threat Analytics, which leverages device security posture, privileged user activity and overall threat exposure to drive rapid threat response.
  • Secure and Manage Privileged Credentials used by CounterACT: Enterprises improve their ability to securely access, monitor and manage endpoints by using secured credentials managed by the CyberArk solution.

“ForeScout and CyberArk are providing industry-leading threat intelligence and insight into organizations’ network security posture and the areas that are most vulnerable to attack,” said Adam Bosnian, executive vice president, global business development, CyberArk. “This is a powerful partnership that will directly benefit our customers by integrating multiple security solutions across critical areas such as discovery, analytics and credential management, enabling customers to gain valuable context to prioritize response.” 

The ForeScout Extended Module for CyberArk is generally available now. For more information, visit ForeScout Technology Partner or CyberArk Technology Partners.

Additional Resources:

 About ForeScout

ForeScout Technologies, Inc. helps make the invisible visible. Our company provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and IoT devices the instant they connect to the network. Our technology integrates with disparate security tools to help organizations accelerate incident response, break down silos, automate workflows and optimize existing investments. Learn more at www.forescout.com.

About CyberArk                                                                                                       

CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including more than 50 percent of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com, read the CyberArk blog, or follow on Twitter via @CyberArk, LinkedIn or Facebook.


© 2017. ForeScout Technologies, Inc. is a privately held Delaware corporation. ForeScout, the ForeScout logo, ActiveResponse, ControlFabric, CounterACT, CounterACT Edge and SecureConnector are trademarks or registered trademarks of ForeScout. Other names mentioned may be trademarks of their respective owners.


[1] ABI Research, Internet of Everything Market Tracker

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: White Privelege Day
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17282
PUBLISHED: 2018-09-20
An issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.
CVE-2018-14592
PUBLISHED: 2018-09-20
The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.
CVE-2018-15832
PUBLISHED: 2018-09-20
upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI ha...
CVE-2018-16282
PUBLISHED: 2018-09-20
A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.
CVE-2018-16752
PUBLISHED: 2018-09-20
LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.