CyberArk Announces Free Breach Assessment for SolarWinds Customers
December 23 2020 - 3:07PM
Business Wire
CyberArk Helps to Identify and Remediate
Privileged Credential Exposure to Protect Against Current and
Future Cybersecurity Risks
CyberArk (NASDAQ: CYBR), the global leader in privileged access
management, today launched a free assessment offer to help
SolarWinds Orion customers identify privileged access-related risk
and implement steps to mitigate future exposure to a potential
cyberattack.
To date, the supply chain attack involving SolarWinds Orion
business software is believed to have impacted more than 18,000
organizations. The attackers were reportedly successful in
infiltrating many high-profile public and private organizations
using extremely sophisticated attack techniques, including the use
of compromised privileged credentials to move laterally and
vertically across the IT environment. With dramatic cloud
migrations underway, and the adoption of transformative digital
technologies, privileged accounts and credentials represent one of
the largest attack surfaces for organizations today, which makes
identifying and managing privileged access critical to disrupting
the attack chain and maximizing risk mitigation.
A comprehensive Identity Security program that has privileged
access management at its core is critical to helping address the
gaps and vulnerabilities that the attackers in the SolarWinds
breach exploited, including by gaining administrative access
through compromised credentials and the escalation of privileges
that allowed for both lateral and vertical movement.
To help organizations that have been affected by the SolarWinds
Orion attack, CyberArk is offering the following:
- Privileged Access Management (PAM) Rapid Risk
Assessment: A no cost assessment for organizations that were
running the compromised Orion software in their environment. This
assessment includes the CyberArk Discovery and Audit (DNA) tool run
against a representative sample of their Windows IT infrastructure.
Based on the scan, customers will receive curated remediation
recommendations with several ‘sprint’ tactics for short-term
success.
- Privileged Access Management (PAM) Rapid Risk
Remediation: CyberArk and our certified partners can assist
customers to prioritize PAM controls including credential
management, multi-factor authentication, session isolation, and
least privilege on endpoints and servers for rapid risk reduction.
Such measures will be based on findings from the organization’s
incident response team and in alignment with the CyberArk Blueprint
for PAM Success.
Only CyberArk combines deep Identity Security controls,
privileged access remediation services and the expertise of the
CyberArk Labs and CyberArk Red Team, to help organizations gain
invaluable time by enabling them to detect attacks earlier and
prevent attackers from reaching their end goal.
“With adoption of modern infrastructure and digital
transformation, privilege is everywhere – from critical
applications and IoT devices, to robotic process automation and
DevOps tools. Attackers know this, which is why nearly all advanced
attacks today rely on the exploitation of privileged credentials,”
said Udi Mokady, founder and CEO, CyberArk. “The SolarWinds breach
is yet another example of how attacks are becoming hyper-targeted
with widespread impact. It is critical that organizations always
‘assume breach’ and that access to their sensitive data and systems
is secured. These offerings are designed to not only improve their
current security posture, but also help establish a strong
foundation that can prevent against future compromise.”
There are immediate steps organizations can take to help
minimize their exposure to this SolarWinds breach, while laying the
foundation for longer-term, proactive strategies to help prevent
the compromise of privileged credentials that could further disrupt
the business. Those longer-term steps include: Deploying “least
privilege” measures to servers and applications; Securing
application credentials and continuous integration/development
(CI/CD) pipelines; and Configuring Active Directory based on
credential boundaries.
Additional Resources:
- CyberArk Blueprint for Privileged Access Management Success -
The CyberArk Blueprint is a risk-based framework designed to secure
privileged access by preventing credential theft, stopping lateral
and vertical movement, and limiting privilege escalation and
abuse.
- CyberArk Red Team Services - CyberArk Red Team services are
designed to provide a safe way for security operations teams to
simulate adversary operations and test their ability to effectively
defend against cyber-attacks on their environments.
- CyberArk Labs - CyberArk Labs produces innovative research that
examines emerging attack techniques that drives greater awareness
and industry collaboration while helping to improve the overall
security posture of companies everywhere.
About CyberArk CyberArk (NASDAQ: CYBR) is the global
leader in privileged access management, a critical layer of IT
security to protect data, infrastructure and assets across cloud
and hybrid environments and throughout the DevOps pipeline.
CyberArk delivers the industry’s most complete solution to reduce
risk created by privileged credentials and secrets. The company is
trusted by the world’s leading organizations, including more than
50 percent of the Fortune 500, to protect against external
attackers and malicious insiders. A global company, CyberArk is
headquartered in Petach Tikva, Israel, with U.S. headquarters
located in Newton, Mass. The company also has offices throughout
the Americas, EMEA, Asia Pacific and Japan. To learn more about
CyberArk, visit https://www.cyberark.com/, read the CyberArk blogs
or follow on Twitter via @CyberArk, LinkedIn or Facebook.
Copyright © 2020 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20201223005514/en/
Media Relations Contacts: Brian Merrill, fama PR Phone:
+1-617-986-5005 Email: cyberark@famapr.com Alison Parker, CyberArk
Phone: +1-617-663-0162 Email: press@cyberark.com Investor
Relations Contact: Erica Smith, CyberArk Phone: +1 617-630-6426
Email: ir@cyberark.com
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From Mar 2024 to Apr 2024
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From Apr 2023 to Apr 2024