CyberArk Alero combines Zero Trust access, biometric multi-factor authentication and just-in-time provisioning into one SaaS-based solution that integrates directly with CyberArk Core PAS. Alero does not require VPNs, agents or passwords freeing up administrator bandwidth and increasing security for external access to critical internal resources.
RecordedApr 21 20203 mins
Your place is confirmed, we'll send you email reminders
Asaf Hecht, Security Research Team Leader, CyberArk
Cloud environments exist everywhere. This in turn means that attackers are super motivated in finding ways to penetrate organizations’ cloud infrastructure. In this session, we will present findings from the CyberArk Labs team, demonstrate five attack techniques, and highlight fundamental considerations such as:
1. How attackers can steal cloud credentials from endpoints, code and cloud VMs
2. How intruders can compromise cloud users with only a few permissions, but still succeed to escalate their permissions and become full admins
3. How to target SSO and IAM solutions that many organizations use for integrating their on-prem network to the cloud
PwC: Planning for Privileged Access Risk in the "New Norm"
The global response to covid-19 resulted in a number of dramatic and swift changes, including millions of workers shifting from on premise locations to untested remote work environments. Rushing to virtually connect remote workers, third party contractors, and other entities raised unprecedented cybersecurity risk and challenged organizations as never before. As security practitioners around the world cope with the challenges brought on by COVID-19, Digital Transformation is becoming a key factor to embracing the new norm. We’re seeing organizations migrate to cloud platforms while extending their on-prem infrastructure and applications to allow for rapid scaling to support remote access.
PwC, through our partnership with CyberArk, is helping organizations follow a secure digital transformation strategy, including defining mechanisms to catalog the risk associated with privileged access, while they work to rapidly upscale their infrastructure and migrate to the cloud. Combining our strategic methodology with state-of-the-art toolsets leveraging artificial intelligence and machine learning, enables organizations to better identify and forecast privileged access risk, leading to a holistic and proactive approach for their PAM Program.
Join us to understand the fast-changing landscape of privileged access during these transformative times and how to strategically tackle the challenges associated with it!
Secure Access for Remote Users and Protect Critical Systems
Remote access has been on the rise – consider all of the recent events and trends that have led to a rise in the remote workforce. In addition to the proliferation of remote vendors, remote employees may require access to corporate servers, customer data, email, databases and other cloud-based applications from their laptops or mobile devices without directly connecting to the internal company network.
Business continuity must also account for situations that may require organizations to provide remote workers with controlled access to critical systems. Having manual and/or patchwork processes in place can dramatically increase risk as well as cause operational headaches for end-users and security practitioners alike. With a Privileged Access Management (PAM) program in place, organizations can properly mitigate risks.
Aaron Pritz, CEO and Co-Founder of Reveal Risk and David Higgins, EMEA Technical Director CyberArk
New to Privileged Access Management (PAM)? If so, you may want to hit the “skip” button on all the catchphrases, lingo, acronyms, and buzzwords that can make learning cyber security (and specifically PAM) more complicated than it needs to be. Sometimes concepts are best learned in simple terms and basic language.
Attend this webinar to jumpstart your understanding of privileged access management, how to run it “as a service”, and many other concepts to help you accelerate your cyber security efforts for your company:
Defining “Privilege Access Management (PAM)” and “PAM as a Service”
Understanding the risks of privileged access
How privileged access can be secured via people, process, and technology
How to secure privileged access for:
Cloud and dynamic applications
How to get started with PAM as a Service
Six action items you should investigate right now (things you can immediately take away from the webinar)
Enabling Your Business: A Customer’s Journey Through Privileged Access Management
Customer Case Study
Experience the journey through a Privileged Access Management (PAM) program, as it enables business capabilities, drives efficiencies and reduces risk. Attend this session if you are an IAM leader or an executive interested in understanding how PAM can positively impact your organization, complement your enterprise risk framework, and align to your overall cybersecurity strategy. Gain insights into PAM experiences through the eyes of a consumer.
Brandon S. Dunlap; Jeremy Snyder, Rapid 7; Morten Boel Sigurdsson, Omada; Corey Williams, CyberArk
Securing the access to cloud data assets has never been more important. According to the latest Verizon DBIR, 73% of cloud breaches involved an email or web application server, while 77% of these cloud breaches also involved breached credentials. What does this mean for enterprise cloud security, especially in the time of COVID19 and remote working?
Join this keynote panel to learn more about:
- How the landscape has changed in 2020
- Why attackers are focused on identities
- Understanding privileged user behavior and securing identities
- Discover how organizations are doing IAM, and what's needed for a more secure enterprise
- Best practices and recommendations by the experts
Corey Williams, Head of Identity Security Marketing, CyberArk
The cloud ushers in a lot of change. Gone are the days of traditional network security boundaries. Identity is the new perimeter in the cloud, but how do we secure it?
Like peanut butter & jelly, tomato & basil, and salt & pepper, PAM and IDaaS are two great solutions that work great together to secure cloud infrastructure. Join us as we discuss:
o New dynamics of cloud environments and what this means for security
o Key stakeholders needed in cloud security to ensure a collaborative cross functional approach
o Securing the entire cloud with consistent controls for:
o Cloud Management Consoles and CLIs
o Cloud IaaS
o Cloud Native Apps (PaaS and FaaS)
o SaaS Apps
Adam Bosnian, EVP Global Business Development, CyberArk
Skyrocketing cloud adoption, fast-tracked digital transformation initiatives, geographically dispersed and mobile workforces have created a perfect storm for cyberattacks.
Their target has remained the same, privileged credentials with access and permissions to an organization’s most critical systems and data. In this new reality, traditional network security boundaries have all but disappeared and digital defenses have shifted from network security to identity security. Now, any identity can become privileged under certain conditions, underscoring the need to secure privileged access everywhere it exists.
Join us as we discuss:
o The impact of 68% of CIOs doubling down on cloud services in COVID-19’s wake
o Growth of cloud user, application and machine identities that require powerful privileges
o Challenges your organization faces in managing cloud access and identities
o Let’s talk access, privileges and permissions: what you can do versus how it is enforced
o Five critical questions to ask yourself today to help meet cloud identity challenges tomorrow
Threat detection and response capabilities regularly used for on-premises environments via the CyberArk Core Privileged Access Security Solution are now also available for use in cloud and hybrid architectures to identify high-risk, privileged access related activities and to mitigate risks associated with advanced attacks.
In this webinar we’ll provide a demo and focus on:
- The importance of incorporating privileged threat analytics, detection and response into both hybrid and cloud environments
- New cloud-specific privileged threat analytic capabilities
- CyberArk’s integration with Amazon Web Services new Security Hub solution
Corey O’Connor, senior product marketing manager for CyberArk
Scott Ward, principal solutions architect for Amazon Web Services
Hila Oved, product manager for CyberArk
Matt Tarr, principle solutions engineer for CyberArk
Same old story. Motivated to cause disruption or by a potential financial gain, attackers follow a tried and true attack path typically starting at the endpoint with phishing. Industry research shows 80% of successful security attacks involve compromised privileged access. In the case of Twitter’s high-profile breach, an insider threat adds another familiar element to the story.
With a dramatic increase of remote workers comes an expanded attack surface. Worker today are distracted while juggling work and family responsibilities, and there is increased stress related to a global pandemic and an uncertain economic future. There is not a better time to review the priorities of your security program to ensure policies and practices reflect new realities.
Questions every security leader asking right now: how are we identifying what our most critical systems, tools, data and infrastructure are and who has access? Who is considered a privileged user (this includes business users) and what steps are we taking to manage, monitor and protect that access?
Join us to learn about security trends and best practices including:
• Reasons identity is the new perimeter
• Isolating access to the administrative system and requiring dual control for highly sensitive operations
• Continuous monitoring and user behavior analysis on applications through a monitored proxy
• Implementing least privilege controls to minimize access to sensitive functionality
The twitter attack highlights the dangers of unsecured privileged access to critical resources and how quickly any credential or identity can become privileged under certain conditions.
Aaron Fletcher, Senior Security Consultant for CyberArk
Incidents put stress and pressure on the organisation to rapidly respond, reactively and tactically. So the question is, what do you do when this happens? And what could you do to help mitigate the frequency of incidents?
In this Webinar we will look at a scenario where an organisation comes under attack from a malicious external actor, we will analyse the vector of the attack and we will identify where mitigations can be put in place to reactively respond and where you could proactively defend the organisation.
- Identifying the type of attack and what did it do?
- What is the recovery mechanism in place?
- Measuring the decisions to return to Business as Usual operations
- Threat Analytics and Discovery for known attacks and Vulnerabilities
Rachel Veal, Ad Hoc | Ido Safruti, PerimeterX | Josh Kirkwood, CyberArk | Max Heinemeyer, Darktrace
Sacrificing data security for faster innovation is one of the main causes of tension between cybersecurity and IT professionals on the one side and DevOps teams on the other. So, how should organizations bridge this divide and what do they need to implement?
Join this exclusive keynote panel to learn more about:
- Why securing DevOps pays off in the long run
- Shifting left: What is it, how it works and why your organization needs it
- How to make security an integral part of the DevOps process
- DevOps security checklist
- Recommendations for tools and workflows that enable better security
Rachel Veal, IT & Security Program Manager, Ad Hoc (moderator)
Ido Safruti, Chief Technology Officer, PerimeterX
Josh Kirkwood, Solution Engineering Manager, CyberArk
Max Heinemeyer, Director of Threat Hunting, Darktrace
Andres Guisado, Principal Solutions Engineer, CyberArk
Security has recently become indispensable in DevOps world and continues the road to maturity. Cloud, containers, agile, pipelines, you name it. DevSecOps is not a hype anymore and it is becoming an increasingly important priority for everyone. Where to start? What are the best practices?
In this session, you will learn:
- Where is DevSecOps coming from?
- Why, What and How DevSecOps?
- Baselines and best practices for a DevSecOps approach
- Why it's important to make sure to protect the last line of defense of your organisation
Protecting the heart of an organization starts exactly there - locking down the systems that are most critical. However, the endpoint remains the initial point of intrusion whereby attackers can compromise devices and establish a beachhead with relative ease.
In this session, we detail how to remove local admin rights and prevent credential theft from developer and IT admin workstations, which are a common target for attackers.
David Higgins, EMEA Technical Director at CyberArk
The Endpoint is more exposed than it ever has been before. As remote working becomes the norm, these devices are now very much outside the perimeter of the office defences. Unfortunately, exploiting the current global crisis, we have seen an increased and focused effort in Ransomware attacks.
In this session, we review some past approaches to stopping ransomware and the challenges associated with them. Then look at a more holistic approach to securing the endpoint; enforcing security best practices such as Least Privilege and Application Control, and how this can actually protect against the fundamental nature of Ransomware
Pasquale Angiuli, Sales Engineer e Jonathan Lo Piparo, Commercial Account Executive
Questa innovativa offerta “PAM as a Service” si basa su oltre 15 anni di leadership di CyberArk nel mercato delle soluzioni PAM, mediante la quale vengono protetti alcuni degli ambienti IT più grandi e critici al mondo. Nel corso di questo webinar, presenteremo il nostro punto di vista ed approccio su come mitigare quello che viene considerato uno dei rischi IT più importanti e condivideremo come Cyberark propone di guidare i clienti al successo del progetto in tempi brevi.
Niels van Bennekom, Sales Engineer and Marcel Bosgra, Senior Sales Engineer at CyberArk
Privileged Access is everywhere. Privileged accounts can be found in every networked device, database, application, and server on-premises and in the cloud. Privileged users have the “keys to the kingdom” and, in the case of a cyberattack or data breach, privileged credentials can be used to cause catastrophic damage to a business.During this session we will demonstrate based on 5 use cases how CyberArk can help you to secure your privileged accounts.The 5 Uses Cases we cover:
How a PAM solution can help you manage all the privileged account within your environment?
How to use unique identifiable accounts without creating personal accounts for all administrators.
How a secure proxy helps you to mitigate a pass-the-hash attack.
How a PAM solution can provide audit logs and session recordings (without the need to install an agent)
How to analyze high-risk Privileged activities in your network
CyberArk channel offers you regular insights and latest news on Privilege Access Management from the global undisputed leader in privileged access management.
You'll find here live webinars, on demand webinars and videos!