Tag: CyberArk

Why SaaS Requires Strong Privileged Access Management

Software-as-a-Service (SaaS) delivers real business benefits, including reduced capital and operational overhead, continuous software updates, and simplified remote access. However, many IT decision-makers are concerned their organizations aren’t doing enough to secure cloud-based solutions. In a recent study conducted by Vanson Bourne, 64 percent of IT decision-makers said their “organization’s SaaS adoption is outpacing their ability to secure it.”...

The Growing Bot Army Creates Identity Management Challenges

If you think about it, humans spend a lot of time each day proving they’re not bots. We have to decipher the letters and numbers in a Captcha, choose the pictures that contain a bicycle, or simply check a box that says, “I am not a robot.” How did we get to this point? According to Oracle Dyn, bot...

Privilege Escalation Vulnerabilities Create Critical Security Threats

Privilege Escalation
A Google search of “privilege escalation” yields numerous articles about software bugs that hackers could exploit to gain elevated access to IT resources. In the past few months, Microsoft alone has released software updates that address two serious privilege escalation threats. In July 2018, security researchers reported a vulnerability in the Microsoft .NET Framework that could allow an attacker...

Kerberoasting: A Real Threat of Mythological Proportions

Kerberoasting
In Greek mythology, Kerberos (also spelled Cerberus) is the three-headed hound who guards the gates of Hades. Kerberos also has a snake for a tail, snakes protruding from his body, and eyes that flash fire. He’s not the sort of creature one would want to encounter. That’s why computer scientists at MIT chose the name Kerberos for a network...

How to Overcome the Challenges of Implementing Multifactor Authentication

MFA
A recent CTE Research survey confirmed what is already widely known: weak passwords continue to be a serious problem that most organizations haven’t done enough to address. The survey found that about four out of five data breaches involve weak or stolen passwords. Nearly half (47 percent) of survey respondents believe their company’s employees use simple or weak passwords,...

PAM in 2019: Organizations Need Greater Visibility and More Granular Control

PAM 2019
Gartner’s Identity and Access Management (IAM) Summit was held Dec. 3-5 in Las Vegas, giving security pros an opportunity to discuss how the IAM landscape is evolving. Not surprisingly, privileged access management (PAM) was a focal point of the event. Organizations are struggling to implement effective PAM processes in light of growing numbers of users and devices, both internal...

How Managed Security Services Overcome the Security Skills Gap

Clango MSP
When considering cybersecurity risks, most people focus on the increasing number of sophisticated threats or the fact that hackers are constantly discovering and exploiting new vulnerabilities. However, the greatest risk could be the lack of available professionals who have the skills to implement and manage a robust cybersecurity strategy. Many IT skills are in short supply, but cybersecurity continues...

Unsecured APIs Create a Back Door into the IT Environment

API Security
The use of application programming interfaces (APIs) has exploded in recent years as organizations seek to interconnect software and share data both internally and externally. APIs define the means of communication among various applications, enabling programmers to take advantage of third-party code and break up large applications into microservices. Unfortunately, APIs can also provide hackers with a back door...

Privileged Access Management and Security Are in Our DNA

CyberArk DNA
CyberArk Discovery & Audit (DNA) is a powerful tool for assessing privileged access risk. This lightweight, agentless software scans systems to locate all privileged credentials, including passwords, hashes, SSH keys, cloud access keys, and many others. By scanning their networks with CyberArk DNA, organizations can gain visibility into all of their privileged accounts across on-premises, cloud, and DevOps environments....

Integration Is Key to Maximizing the Value of Cybersecurity Investments

CIL
According to a recent survey of compliance decision makers conducted by research firm Vanson Bourne, every organization knows it needs to invest in cybersecurity tools. However, most organizations are having trouble determining where to allocate their security budget as the IT environment rapidly evolves. Not only that, but organizations aren’t doing enough to integrate their security solutions into a...