Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
9/27/2017
11:35 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ForeScout and CyberArk Partner to Dynamically Secure Devices Across the Enterprise to Reduce the Attack Surface

SAN JOSE, Calif. and NEWTON, Mass., September 27, 2017ForeScout Technologies, Inc., a leading Internet of Things (IoT) security company, and CyberArk (NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced a new partnership and joint solution. The joint solution, available as the ForeScout® Extended Module for CyberArk®, provides deep enterprise security capabilities to improve visibility and insight into privileged accounts on previously unknown devices, enforce greater security controls, and automate threat detection and response.

Privileged accounts continue to proliferate across enterprise networks in multiple repositories and connected devices, exponentially expanding the attack surface. Privileged accounts provide powerful access to an organization’s most sensitive data across business applications and critical IT infrastructure. Since compromised privileged credentials are used in the majority of cybersecurity incidents, organizations need a security solution that can help protect these credentials from being exploited by attackers.  

Joint customers can further reduce the attack surface through the sophisticated integration of ForeScout and CyberArk solutions that increase privileged account security and accountability. ForeScout has pioneered an agentless approach that provides real-time visibility, classification, assessment and monitoring of network-connected devices. More than 28 billion devices will be connected to the internet by 2020[1] and the vast majority won’t be manageable using agent-based security methods. ForeScout scans the network in real time and automates policy-based access control and enforcement of these devices based on their security posture and behavior without using an agent.

CyberArk provides a critical layer of IT security that protects against advanced cyber attacks and insider threats across the enterprise – on-premises, in the cloud and on endpoints. CyberArk’s comprehensive privileged account security solution combines proactive protection and threat detection designed with security first.

“The lack of visibility into unknown privileged accounts across the network, combined with an increasing number of devices connecting to enterprises, creates gaping holes that allow hackers to easily infiltrate unsuspecting organizations,” said Pedro Abreu, senior vice president and chief strategy officer, ForeScout. “ForeScout is teaming up with CyberArk to give our joint customers a distinct advantage that expands their visibility and control across their infrastructure to reduce security risks and help stop attackers before they inflict serious damage.”

The ForeScout Extended Module for CyberArk helps customers:

  • Discover and Secure Unmanaged Privileged Accounts: Enhanced insight and knowledge into unmanaged devices and local privileged accounts across a diverse set of network-connected devices to improve visibility and reduce risk. Additional capabilities include increased coverage of enterprise privileged accounts and the ability to identify orphaned accounts to reduce the attack surface.
  • Detect and Respond to High-Risk Privileged Account Activity: Automated policy-based actions to quarantine and remediate connected devices based on correlated threat intelligence from different network sources, including CyberArk Privileged Threat Analytics, which leverages device security posture, privileged user activity and overall threat exposure to drive rapid threat response.
  • Secure and Manage Privileged Credentials used by CounterACT: Enterprises improve their ability to securely access, monitor and manage endpoints by using secured credentials managed by the CyberArk solution.

“ForeScout and CyberArk are providing industry-leading threat intelligence and insight into organizations’ network security posture and the areas that are most vulnerable to attack,” said Adam Bosnian, executive vice president, global business development, CyberArk. “This is a powerful partnership that will directly benefit our customers by integrating multiple security solutions across critical areas such as discovery, analytics and credential management, enabling customers to gain valuable context to prioritize response.” 

The ForeScout Extended Module for CyberArk is generally available now. For more information, visit ForeScout Technology Partner or CyberArk Technology Partners.

Additional Resources:

 About ForeScout

ForeScout Technologies, Inc. helps make the invisible visible. Our company provides Global 2000 enterprises and government agencies with agentless visibility and control of traditional and IoT devices the instant they connect to the network. Our technology integrates with disparate security tools to help organizations accelerate incident response, break down silos, automate workflows and optimize existing investments. Learn more at www.forescout.com.

About CyberArk                                                                                                       

CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world’s leading companies – including more than 50 percent of the Fortune 100 – to protect their highest value information assets, infrastructure and applications. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit www.cyberark.com, read the CyberArk blog, or follow on Twitter via @CyberArk, LinkedIn or Facebook.


© 2017. ForeScout Technologies, Inc. is a privately held Delaware corporation. ForeScout, the ForeScout logo, ActiveResponse, ControlFabric, CounterACT, CounterACT Edge and SecureConnector are trademarks or registered trademarks of ForeScout. Other names mentioned may be trademarks of their respective owners.


[1] ABI Research, Internet of Everything Market Tracker

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
7 Truths About BEC Scams
Ericka Chickowski, Contributing Writer,  6/13/2019
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2019
Can Your Patching Strategy Keep Up with the Demands of Open Source?
Tim Mackey, Principal Security Strategist, CyRC, at Synopsys,  6/18/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12881
PUBLISHED: 2019-06-18
i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via crafted ioctl calls to /dev/dri/card0.
CVE-2019-3953
PUBLISHED: 2019-06-18
Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 10012 RPC call.
CVE-2019-12133
PUBLISHED: 2019-06-18
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon system ...
CVE-2019-12592
PUBLISHED: 2019-06-18
A universal Cross-site scripting (UXSS) vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame.
CVE-2017-8328
PUBLISHED: 2019-06-18
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of changing the administrative password for the web management interface. It seems that the device does not implement any cross site request forgery prot...