Name: How PAM Tackles Accelerated Change in the Threat Landscape
Start: 2023-11-30T19:35:00Z
End: 2023-11-30T19:35:11.000Z
Location: BrightTALK

Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity - seamlessly securing human and machine identities accessing workloads from hybrid to multi-cloud, and flexibly automates the identity lifecycle all with continuous threat detection and prevention – protecting organization’s identities and most critical assets by enabling Zero Trust and enforcing least privilege.  

Your PAM vault secures human identities perfectly, but can it do the same for the machines? What happens when a workload spins up at 3 AM, lives for 7 minutes, and needs access to production databases? Or when your CI/CD pipeline spawns 1,000 ephemeral workloads that all need different permissions? Now machines outnumber humans 82:1 and credentials need to rotate faster than you can type; traditional PAM becomes unmanageable. 

From field experience with enterprise customers, we've identified four critical gaps when organizations try to apply human identity patterns to machines: 

- Static credentials embedded in container images and code 

- Disconnected directories create identity silos – each with its own truth 

- Service accounts with excessive permissions that never expire 

- No visibility into which workload accessed what resource and when 
 
This session introduces workload identity fundamentals through the lens of the emerging SPIFFE standard—the universal identity framework underlying CyberArk's Secure Workload Access. You'll learn how trust domains create security boundaries, how attestation proves identity without passwords, and why workload identity isn't just about secrets—it's about knowing who's asking for them. 

You will learn how to: 

- Reduce the threat of leaked secrets by replacing static credentials with universal and unique identities 

- Secure on-prem to cloud workloads using trust domains and mutual authentication 

- Improve secrets management with short-lived, automatically rotated identities 

- Improve developer experience through automation, standard APIs, and simplified service authentication

Workload Identity 101: What Every Security Team Needs to Know

In today’s hybrid enterprise, identities go far beyond employees. Contractors, apps, and even machines all need privileged access — and traditional governance can’t keep up. The result? Blind spots, complexity, and rising compliance risk. And now, AI is reshaping what counts as an identity and transforming how enterprises must govern identities.  

Join CyberArk experts  Tim Arvanites and Tricia Peck for an exclusive webinar where you’ll discover how a platform approach to identity governance can help you: 
-Gain unified visibility across IGA, PAM, and Access Management  
-Reduce risk through least privilege. Strengthen compliance and control without adding complexity. 
-Scale with confidence. Secure every human and machine identity across cloud, SaaS, and on-prem environments. 
-Modernize governance. Replace manual, legacy processes and tools with automated, AI-powered identity governance. 

Don’t let outdated governance practices put your enterprise at risk.

The Identity Governance Reset: How to govern human, machine, and AI identities from one place

Organizations face growing threats as attackers target identity infrastructure, exploiting compromised credentials and session vulnerabilities often missed by traditional tools. With 78% of organizations suffering cyberattacks due to compromised credentials, the weakest link in your security may not be where you expect.
 
This webinar highlights how unified, platform-based identity security can close critical gaps that leave organizations exposed. Experts discuss the evolving threat landscape, walk through key attack vectors identified in the latest Technical Validation Report, and share the defensive results that show what truly stops modern threats. Key strategies to combat credential theft, session hijacking, and privilege misuse will be covered. Key topics include:
 
· Securing browser sessions to protect today’s primary attack surface
· Implementing phishing-resistant MFA to counter attacks like MFA bombing
· Enforcing least privilege at endpoints to strengthen security
· Integrating identity security with existing tools to reduce complexity
· Reviewing validated attack paths and defensive outcomes from the Technical Validation Report
 
Gain actionable insights from experts to defend against credential-based attacks.

Strengthening Identity Security with Platform-Based Defense Strategies

Traditional identity governance often takes 18-24 months to secure just 10-25 applications, leaving many systems unprotected. As regulations tighten and auditors demand proof of strong access controls, organizations struggle to answer who has access to what across their technology landscape.

This webinar introduces a governance-first approach using AI, machine learning, and robotic process automation to transform identity governance. Instead of months designing role-based models, learn how modern tools provide visibility and governance for 100-150 applications in 4-6 months. Key topics include:

· How AI analyzes data patterns to eliminate role modeling
· Integration using out-of-box connectors, no-code APIs, and web scraping
· Strategies to reduce reviewer burden by focusing on outliers
· Spillover benefits that cut access requests and speed value

Discover how organizations achieve faster, comprehensive governance while reducing design cycles.

Foundations of IGA: Building a Modern Approach to Identity Governance

"Quantum computing is transforming the cybersecurity landscape at a faster pace than many realize. While offering groundbreaking potential for innovation, it also poses significant threats to current cryptographic systems safeguarding critical data and digital identities. ""Future-Proofing IAM: Deloitte & CyberArk on Quantum-Safe Strategies"" brings together industry leaders from Deloitte and CyberArk to tackle this dual-edged revolution head-on, with a focus on identity and access management (IAM).

This webinar dives into the quantum computing timeline and its disruptive effects on existing cryptographic protocols like RSA and ECC. The expert panel will break down why the massive growth in machine identities, now at a staggering 45-to-1 ratio compared to human identities, presents an exponentially larger attack surface for quantum-related vulnerabilities.

Attendees will gain a clear understanding of essential topics such as cryptographic agility and the importance of systems that can seamlessly adapt to evolving threats without disrupting business operations. Other highlights include exploring newly finalized post-quantum cryptographic standards by NIST, integrating zero-trust frameworks with quantum-safe protocols, and leveraging AI-driven solutions to safeguard against identity-related risks.

Designed for both CISOs embarking on their quantum-readiness journeys and those further along the roadmap, this session offers actionable insights to prepare for the era of quantum-powered cyberattacks. Featuring contributions from Deloitte’s cybersecurity experts and CyberArk’s strategic engineers, this conversation ensures you leave with the knowledge, strategies, and confidence needed to secure your IAM systems for the future. Don’t wait for Q-Day to act—your next-level security begins now."

Future-Proofing IAM Deloitte & CyberArk on Quantum-Safe Strategies

Most attacks don’t happen at the login screen—they happen inside your SaaS apps. If you can’t see what users are doing in real time, you’re exposed to risk. Blind spots lead to data leaks, compliance slip-ups, and insider threats.

Join CyberArk’s webinar to learn how Secure Web Sessions (SWS) gives you agentless monitoring and instant protection—no productivity trade-offs.

Closing SaaS Security Gaps: Protect Sessions Beginning to End

Agentic AI is reshaping how businesses operate—bringing major opportunity and new security risks. As autonomous AI agents gain access to sensitive systems, organizations must view them for what they are: privileged machine identities.

In this virtual event, experts from CyberArk, AWS and Accenture will cover:

- New research on the agentic AI threat landscape
- Why AI agents must be treated as privileged machine identities
- Lessons from securing human and machine identities
- A preview of CyberArk’s Secure AI Agents solution

Regardless of where you are in your agentic AI journey, you’ll benefit from the thoughtful exploration on how to approach the security of this new type of identity.

Securing the New Frontier of Agentic AI: The Security Imperative for AI Agents

Identity security teams need to manage identities across an ever-expanding portfolio of SaaS applications, and the identity volume is expected to increase significantly with agentic AI. For midmarket enterprises who have not deployed identity governance and administration (IGA), the existing manual governance approach slows the business and drains resources. Join this webinar to learn how technology innovation delivering a modern approach to IGA allows enterprises to meet compliance requirements and ensure all users have the right app access and entitlements continuously.
Join Todd Thiemann, Principal Analyst at Omdia, and Bruce Spooner from CyberArk to learn about the benefits of modern IGA enabling organizations to quickly and cost-effectively govern your identity and application portfolio.

Accelerating Business with Modern IGA

"Traditional application control was built for a simpler threat landscape—but today’s enterprises face dynamic risks that demand a smarter approach. Join us to explore how organizations are modernizing endpoint protection with least privilege and identity-first security.

In this session, you’ll learn how to:

Strengthen your security posture by removing local admin rights and isolating risky apps
Boost efficiency with automation and self-service workflows
Simplify compliance with built-in privilege controls and audit trails
Unlock cost savings by reducing IT workload and minimizing breach impact
Don’t let legacy endpoint controls hold your organization back. See how least privilege delivers stronger protection, smarter operations, and measurable value."

Modern Application Control with Least Privilege: The Identity Security Solution Your Endpoints Need

The recent  Shai-Hulud npm worm shows how fast an initial compromise can spread when secrets are poorly managed. After gaining access, the malware used tools like TruffleHog to harvest hardcoded tokens and credentials, then escalated laterally through packages, pipelines, and cloud accounts. It’s a vivid reminder that without strong policies, decentralized secrets management fuels the blast radius of attacks. 

From hands-on work with customers, our security services team has identified four practices that put organizations most at risk: 

 -Shared access across teams – one secret or account reused across multiple workloads. 
-Poor Kubernetes namespace definitions – mixing dev, test, and prod without clear boundaries. 
-Pipelines under a single identity – Jenkins or Ansible jobs running with unrestricted privileges. 
-One cloud account or platform for everything – concentrating risk into a single identity plane. 

For each, our security services team will share real-world stories of how attackers exploit these practices, and the  field-tested solutions that leading organizations are adopting to fix them. You’ll learn why the true risk isn’t just the secret, but the identity behind it—and how centralizing secrets management reduces blast radius, improves visibility, and scales securely without disrupting developers. 

You will learn: 
-How poor secrets practices enable lateral movement and breach escalation. 
-Four real-world pitfalls we see in customer environments—and proven ways to fix them. 
-Four real-world pitfalls we see in customer environments—and proven ways to fix them.

Secrets Management Horror Stories from the Field: Four Security Pitfalls to Avoid

Orphaned accounts (inactive or unowned user identities that retain access to critical systems) represent one of the most overlooked security risks in modern enterprises. As organizations expand their digital ecosystems with growing SaaS adoption, these forgotten credentials become backdoors for attackers and compliance nightmares for auditors.

In this webinar, we'll explore how orphaned accounts originate through incomplete offboarding, mergers and acquisitions, contractor access gaps, and application sprawl. You'll learn about the real-world consequences, from security breaches and data exfiltration to compliance violations that can jeopardize SOX, GDPR, and HIPAA adherence.

Discover why manual deprovisioning processes can't keep pace with today's complex identity landscapes, and how modern Identity Governance and Administration (IGA) solutions automate the detection and remediation of orphaned accounts. We'll demonstrate how CyberArk Modern IGA provides unified visibility across your entire identity estate, continuously monitors for risky access, and automates cleanup workflows, transforming identity governance from a manual burden into a proactive security control.

Join us to learn best practices for preventing orphaned accounts, establishing automated joiner-mover-leaver processes, and maintaining continuous compliance without the grind.

Digital Ghosts: How to Find and Fix Orphaned Accounts Before Attackers Do

Traditional Identity Governance and Administration (IGA) has long relied on static roles and labels—“Software Engineer,” “Sales Rep,” “Manager.” But in today’s dynamic business environment, this one-dimensional approach quickly becomes outdated, creating role sprawl, endless approval cycles, and review fatigue. The result? Risk is hidden in the noise, while managers rubber-stamp access requests that don’t reflect real-world needs. 

In this webinar, CyberArk Solution Strategy Architect Brian Smits will explore how AI-powered identity profiles transform IGA from guesswork to precision. By analyzing the layered attributes that make each identity unique—such as department, location, projects, and access behaviors—AI Profiles deliver smarter, context-aware access recommendations. The outcome: 
● Up to 80% reduction in review burden 
● Automated onboarding and lifecycle management that adapts as people change roles 
● Clear, auditable evidence that satisfies compliance while focusing attention on true risks 

Join us to see how layered identity insights can help your organization move beyond role fatigue, streamline governance, and achieve access that truly fits the individual—not just their job title.

AI Profiles: Why your IGA needs to see in layers, not labels

CyberArk is unveiling the next generation of Machine Identity Security. Watch demonstrations of Secrets Hub and Certificate Manager as they tackle challenges like secrets sprawl and evolving TLS certificate requirements. See how new SSH Management and Code Signing capabilities protect privileged access and software integrity, keeping modern enterprise environments secure. Blending actionable insights with breakthrough product innovations, the session reveals practical strategies to uncover hidden machine identities, automate lifecycle management, and secure machine-to-machine communications.

Accelerating Machine Identity Security: Bringing Order to the Chaos of Modern Machines

As workforce users continue to be prime targets for credential theft, organizations can’t afford to treat password management as an isolated solution. Join CyberArk experts to learn how Workforce Password Management integrates across the CyberArk Identity Security Platform to deliver stronger, more seamless protection. See how integrations with third-party IdPs, Identity and Privileged Access Management, Secure Web Sessions, and Enterprise Browser extend defenses beyond login—protecting credentials, sessions, and users throughout their entire journey.

Strengthen Workforce Password Security with Platform-Powered Integrations

Join CyberArk's security researchers as they unveil critical vulnerabilities in the Model Context Protocol (MCP) and demonstrate how organizations can protect themselves in the AI era. This session explores the emerging security challenges as AI applications become increasingly integrated into enterprise environments through standardized protocols like MCP.

Discover how the Model Context Protocol, designed as the "USB Type-C port for AI applications," creates new attack vectors through tool poisoning, command injection, and composability chaining. Learn about real-world attack scenarios where malicious MCP servers can hijack execution flows, steal sensitive data, and compromise endpoint security. Our researchers will demonstrate live examples of these vulnerabilities and show how attackers can exploit the trust relationships between MCP hosts, clients, and servers.

Explore comprehensive mitigation strategies using endpoint privilege management solutions to create security boundaries in the MCP ecosystem. See how application control, least privilege enforcement, and file access restrictions can protect your organization's AI infrastructure. Understand the importance of implementing proper security controls as your teams adopt new AI tools and protocols, ensuring they can innovate safely without exposing your organization to unnecessary risks.

Secure endpoint for the AI-era threats: Overprivileged MCPs are now a new class of vulnerabilities

Proving compliance in today’s hybrid, cloud-first world is harder than ever. Organizations often do not have visibility into what users actually do once inside critical applications — leaving dangerous blind spots when it comes to audits and regulatory reviews. 

In this advanced session, CyberArk will show how Secure Web Sessions (SWS) delivers complete, audit-ready visibility and control across workforce web activity. You’ll see how organizations can strengthen compliance, close audit gaps, and protect sensitive data — all without slowing down developers, IT teams, cloud admins or business users. 

You’ll learn how to: 

• Monitor every action taken in cloud consoles (AWS, Azure, GCP) to meet SOX, ISO, and NIST requirements 
• Record SaaS activity in apps like Salesforce, ServiceNow, and Workday for SOC 2, HIPAA, and GDPR audits 
• Track high-value actions in finance and HR systems to satisfy internal controls 
• Build a centralized, defensible and AI assisted audit trail that simplifies compliance and investigations

From Login to Logout: Making Web Access Audit-Ready

Privileged access management remains vital to enterprise security, but the landscape is evolving. Identity-driven threats are rising, and privilege now extends beyond IT admins to nearly every employee. Organizations face pressure from cyber insurers, tool sprawl across 11+ identity solutions, and a surge in machine identities, which can outnumber humans 80 to 1.
 
Join Todd Thiemann, Principal Analyst at ESG, and Ryne Laster from CyberArk as they explore evolving privilege infrastructure toward zero standing privilege while enhancing PAM capabilities. Gain strategies to tackle today’s challenges and prepare for future threats, including AI complexities.
 
· How just-in-time access and zero standing privilege reduce attack surfaces and credential theft risks
· PAM’s role in cyber insurance underwriting and premiums
· Rationalizing identity tools while maintaining top functionality
 
Watch this webinar to learn how to transition to a zero standing privilege architecture.

The Future of Privileged Access: Solving Today’s and Tomorrow’s Challenges

In a hybrid, cloud-first world, every human identity connected to an endpoint becomes a potential attack vector. And when you're managing thousands of users and devices across a large enterprise, the stakes—and the complexity—skyrocket.  That’s why CyberArk and Computacenter are zeroing in on how large organizations can enforce strong, scalable MFA strategies at the endpoint—without slowing people down.

Secure Every Human Identity at the Endpoint Five MFA Endpoint Use Cases for Large Enterprises

The modern threat environment continues to evolve, with automation, the move to the cloud, software as a service, AI, new user expectations and increasingly sophisticated attacks from threat actors. How do we cope with those changes today - and the certainty that there will be new challenges tomorrow?

We do so by addressing the fundamentals of attack that don't change: Attackers use deception, steal identities and escalate privileges until they reach their target - and we evolve our defenses in line with the changed context.

"We can't secure everything on day one. We need a risk-based access approach. We need to categorize the access use cases and secure the highest-risk access first, said David Higgins, EMEA technical director, CyberArk.

In this interview with Information Security Media Group, Higgins also discusses:

-How to address the main challenges faced by defenders today;
-What our strategy needs to be in order to cope with tomorrow's unknown threats;
-How ID has played a key role in security and will continue to do so.

Since joining CyberArk in 2010, Higgins has worked to help the world's leading - and most complex - organizations to secure and protect their privileged access. Today, he advises clients on threats associated with privileged escalation, lateral movement and credential theft and discusses best practices and driving innovation around privileged management processes.

How PAM Tackles Accelerated Change in the Threat Landscape

Privileged Access Management

Protecting Data

Risk Management

Risk Mitigation

Identity Security

Cyber Threats

Breach Prevention

CISO

Cyber Attacks

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

How PAM Tackles Accelerated Change in the Threat Landscape

Presented by

About this talk

CyberArk