CyberArk is hosting its Impact 2022 event this week in Boston. Like many conferences now, it is a hybrid event—with more than 1,500 attendees participating in-person or virtually. There were a number of big announcements that showcased CyberArk’s Identity Security vision and how it is delivering innovative solutions for identity protection.
Identity protection plays an essential role in cybersecurity today. To clarify, identity doesn’t just apply to humans. There is an average of 45 machine identities for every one human identity today—and all of those identities need to be authenticated and managed. Over half of an organization’s workforce typically has access to sensitive data, and the exponential volume of identities is driving a significantly expanded attack surface. All of these factors combine to make effective protection more complex, more challenging, and more crucial than ever.
CyberArk Secrets Hub
The event technically kicked off Tuesday with sessions that focused on CyberArk’s partner community, but Wednesday was the official kickoff and started with a keynote from the company’s Founder, Chairman, and CEO Udi Mokady.
Mokady was excited to be back in-person and struggled to not reveal all of the upcoming announcements. But he said the team had debated and discussed the agenda, and he promised not to steal everyone’s thunder. He did, however, announce CyberArk’s Secrets Hub for AWS Secrets Manager. He explained that it allows organizations to centrally manage secrets in the CyberArk vault while developers continue working with cloud-native access. “Can you imagine that—the power of CyberArk now applying natively to the developers so security can have the control without the need to educate or change the way that developers are working?”
The Secrets Hub for AWS Secrets Manager press release explains that the CyberArk Secrets Hub works by automatically replicating CyberArk-managed secrets to AWS Secrets Manager to deliver effective secrets management across hybrid environments. According to CyberArk, this allows users to:
- Centrally manage secrets across multiple AWS accounts and hybrid environments while helping to ensure data segregation
- Configure permissions for Secrets Hub on the relevant AWS account
- Create a synchronization policy by selecting what to sync and what target to sync
- Access the synchronized secrets leveraging AWS
Identity Security Innovation
There were also a number of other announcements related to the CyberArk Identity Security Platform. At the event, CyberArk unveiled advancements across numerous core elements. CyberArk summed up the innovations in a press release:
- CyberArk Identity Flows automates identity management tasks through no-code / low-code app integrations and workflows for identity data, processes and events. With Identity Flows, users can take actions and make decisions from a single location, improving productivity and user experience. Identity Flows is built on technology from the acquisition of Aapi.io. CyberArk acquired Aapi.io in March 2022 to bolster Identity Lifecycle Management capabilities and broaden Identity Automation and Orchestration capabilities across its Identity Security Platform.
- CyberArk Identity Compliance makes it easier for organizations to enforce and demonstrate compliance by automating the access provisioning lifecycle, streamlining access certifications and providing comprehensive identity analytics. Leveraging leading identity lifecycle and privilege entitlements management features, the Identity Compliance solution can help organizations strengthen their security posture, enforce least privilege and comply with a growing number of regulatory requirements.
Cloud Privilege Security
- CyberArk Secure Cloud Access provisions Just-in-Time, least privilege access to cloud consoles, command lines and services, helping implement Zero Trust initiatives by reducing the risk of compromised privileged sessions for DevOps and cloud operations teams. With Secure Cloud Access, privileged sessions are provisioned with only the required permissions for the task at hand, protected from browser hijacking, and recorded to help satisfy audit and compliance. Only CyberArk helps secure both standing and Just-in-Time access across hybrid and multi-cloud environments, enabling secure digital transformation initiatives.
CyberArk is Making an Impact
“Two years ago at our CyberArk Impact event, we put a stake in the ground – detailing our vision and strategy for Identity Security. Since then, we’ve made great progress in realizing this vision. We have firmly established the category and consistently executed on our roadmap – raising the bar for innovation with a comprehensive Identity Security platform,” declared Mokady in a press release. “Identity Security is now the standard for managing growth and reducing risk without compromise, and CyberArk is the leader. Our approach to Identity Security, centered on intelligent privilege controls, means customers can confidently drive greater cyber resilience built on Zero Trust.”
This was just the beginning, though. Tomorrow is another day of CyberArk Impact 2022, and I am sure there will be more news of innovation and announcements.
- Challenges of Securing the Modern Workforce - March 31, 2023
- John Gillis Talks about Automating the SOC with Browser Extensions - March 24, 2023
- Review: Surface Slim Pen 2 - March 20, 2023