CyberArk Expands Just-in-Time Capabilities
January 27, 2020

CyberArk unveiled new just-in-time access capabilities that help reduce risk and improve operational efficiency as organizations implement broader least privilege strategies.

By extending just-in-time support with the ability to remove unnecessary standing access to Linux systems, CyberArk remains the only privileged access management vendor to provide comprehensive just-in-time offerings across cloud and hybrid environments and on the endpoint.

Some privileged accounts are granted standing, “always on” access despite only requiring access for brief periods of time – increasing the attack surface. This is particularly true in the case of SSH keys, which are often mismanaged and easily compromised. New CyberArk capabilities feature short-lived SSH certificate authentication to secure access to existing or newly created instances in Linux systems without the need to manually manage accounts and credentials.

CyberArk continues to deliver the broadest set of just-in-time use cases to enable least privilege including:

- Temporary Elevation: With recent just-in-time elevation and access features in CyberArk Endpoint Privilege Manager, organizations can grant temporary local admin access to Windows and Macs workstations as well as Unix and Linux servers on a per-request basis for a fixed length of time.

- Ephemeral Accounts: Provide temporary access to Unix and Linux systems based on Microsoft Active Directory Permissions and create a short-lived ephemeral account to establish a one-time session for authorized users. CyberArk also integrates with AWS Security Token Service to request temporary, limited-privileged credentials for AWS Identity and Access Management (IAM) users.

- Broker and Remove Access – In addition to the new CyberArk Just-in-Time Access with SSH Certificate Authentication delivered via CyberArk Core Privileged Access Security or CyberArk Privilege Cloud, the company’s privileged access management as a service offering, CyberArk Alero also provides just-in-time access to third party remote users. Through integrations with popular IT Service Management solutions, CyberArk can grant temporary elevated access after ensuring the user has a valid open ticket or has received manual confirmation from authorized managers.

“Just-in-time is a function of an overall privileged access management program that reinforces least privilege principles. When coupled with other foundational elements, it becomes a key part of an evolving strategy for protecting privileged access,” said Nir Gertner, Chief Security Strategist, CyberArk. “By delivering the industry’s most comprehensive portfolio of just-in-time capabilities, CyberArk helps organizations reduce standing privileged access risk, simplify operations and strengthen their overall security posture across hybrid IT environments.”

CyberArk allows organizations to grant access only when needed and for no longer than required – regardless of user type, target system or environment. In addition, sessions are automatically isolated, recorded and monitored in real time in order to help prevent misuse or lateral movement – whether that access is provided via just-in-time or not.

Share this

Industry News

February 27, 2020

Datadog announced an integration with Nessus from Tenable.

February 27, 2020

Talend announced the Winter ‘20 release of Talend Data Fabric.

February 27, 2020

Alcide announced that the Alcide Kubernetes Security Platform now supports compliance scans for PCI and GDPR, enabling DevOps to deliver regulatory compliance checks rapidly and seamlessly alongside Alcide’s leading Kubernetes security capabilities.

February 26, 2020

Perforce Software released a free tool for organizations considering open source software - OpenLogic Stack Builder.

February 26, 2020

Applause announced a new partnership with Infosys to provide broader end-to-end digital experience testing services to clients.

February 26, 2020

RapidMiner announced the release of its platform enhancement, RapidMiner 9.6. This update prioritizes people – not technology – at the center of the enterprise AI journey, providing new, unique experiences to empower users of varying backgrounds and abilities.

February 25, 2020

JFrog announced the availability of the "JFrog Platform," a hybrid, multi-cloud, universal DevOps platform.

February 25, 2020

Nureva added new agile canvas templates to Span Workspace, including a heat map developed by Jeff Sutherland, the co-creator of Scrum and founder of Scrum Inc. and Scrum@Scale.

February 25, 2020

Agiloft announced the addition of its new Agiloft AI Engine, complete with prebuilt AI Capabilities for contract management and an open AI integration that allows customers to incorporate custom-built AI tools into the no-code platform.

February 24, 2020

Cloudify announced that its latest product update - Cloudify version 5 - features an Environment as a Service component, designed to achieve consistent delivery and management of hybrid-cloud services and network infrastructures across CI/CD pipelines - at scale.

February 24, 2020

Checkmarx announced new enhancements to its Software Security Platform to empower more seamless implementation and automation of application security testing (AST) in modern development and DevOps environments.

February 24, 2020

Rapid7 and Snyk announced a strategic partnership to deliver end-to-end application security to organizations developing cloud native applications.

February 20, 2020

The American Council for Technology and Industry Advisory Council (ACT-IAC), the premier public-private partnership dedicated to advancing government through the application of information technology, officially announced the release of the DevOps Primer.

It was produced through a collaborative, volunteer effort by a working group from government and industry, hosted by the ACT-IAC Emerging Technology Community of Interest (COI).

February 20, 2020

DLT Solutions, a subsidiary of Tech Data, launched the Secure Software Factory (SSF), a framework that provides the U.S. public sector with consistent development and deployment of high-quality, scalable, resilient and secure software throughout an application’s lifecycle.

February 20, 2020

Netography announced the general availability of the company’s Security Operations Platform.