CyberArk Becomes the First Vendor to Achieve Certification for
Comprehensive Privileged Account Security Solution; Helps Federal
Agencies Protect the “Keys to the IT Kingdom”
NEWTON, Mass.--(BUSINESS WIRE)--Jul. 14, 2015--
CyberArk (NASDAQ: CYBR),
the company that protects organizations from cyber
attacks that have made their way inside the network perimeter, today
announced that it has achieved Common Criteria Evaluation Assurance
Level EAL 2+ for its comprehensive CyberArk Privileged Account Security
Solution. The certification underscores CyberArk’s commitment to helping federal
organizations and global enterprises secure privileged accounts –
the “keys to the IT kingdom” – before cyber attackers can steal and
exploit them to gain access to sensitive data and systems.
As reported in the cyber attack on the U.S. Office of Personnel
Management (OPM), attackers exploited privileged credentials to move
laterally across networks, conduct reconnaissance without detection, and
exfiltrate critical data. In response, the U.S. CIO Tony Scott called
for a 30-Day Cybersecurity Sprint – which includes a directive for
Federal agencies to focus on tightening policies and practices for
privileged users and credentials across networks.
The CyberArk Privileged
Account Security Solution helps government organizations prevent the
theft, abuse and misuse of privileged credentials in advanced cyber
attacks, while better containing threats, and limiting damage.
“In the face of repeated cyber attacks, the U.S. government is
rightfully scrambling to tighten policies and practices for privileged
accounts to prevent another OPM-style breach,” said Eric Noonan, CEO of
Virginia-based CyberSheath Services. “CyberArk is the first company to
offer a fully certified and comprehensive privileged account security
solution. We look forward to continuing to work with CyberArk, combining
its government industry expertise and ability to quickly address high
demand, as more organizations work to evolve their cyber security
strategies.”
Common Criteria is an internationally approved set of security standards
that provides a clear and reliable evaluation of the security
capabilities of IT products. This framework provides confirmation that
the development, evaluation and validation of an IT product has met
specific security standards in accordance with an independent assessment
accepted by the most security-conscious customers, such as federal
governments. The international scope of Common Criteria, currently
adopted by 25 nations, allows users from other countries to purchase IT
products with the same level of confidence, due to the recognition of
the certification across the complying nations.
“We fully understand and support the urgency in which federal agencies
are seeking to secure and protect their privileged account controls. The
30-Day Cybersecurity Sprint puts a spotlight on this critical
cybersecurity issue,” said Roy Adar, senior vice president, product
management, CyberArk. “The Common Criteria certification further
validates CyberArk’s privileged account security capabilities. We are
committed to helping organizations be more responsive to emerging cyber
threats and launch proactive controls around privileged accounts and
users to protect their most valuable assets.”
This certification was conducted by EWA-Canada, one of the accredited
Common Criteria testing laboratories, which conducted product testing
and evaluated remediation policies, secure delivery process and
configuration management process. Virginia-based Corsec was CyberArk’s
strategic advisor in this certification process. The CyberArk Privileged
Account Security Solution v9.1 is a complete solution to protect,
monitor and alert on privileged accounts across the enterprise, cloud
and SCADA/OT environments.
“The Common Criteria certification of the CyberArk Privileged Account
Security Solution is an important step because CyberArk has now achieved
an internationally recognized standard for protection of privileged
credentials,” stated Erin Connor, director of the EWA-Canada
Common Criteria Test Lab (CCTL). "Achieving this certification
demonstrates CyberArk’s commitment to providing high quality security
solutions to its customers.”
To learn more about securing privileged accounts and credentials in the
public sector, download these resources:
About CyberArk
CyberArk
is the only security company focused on eliminating the most advanced cyber
threats; those that use insider privileges to attack the heart of
the enterprise. Dedicated to stopping attacks before they stop business,
CyberArk proactively secures against cyber threats before attacks can
escalate and do irreparable damage. The company is trusted by the
world’s leading companies – including 40 percent of the Fortune 100 and
17 of the world’s top 20 banks. CyberArk’s dedicated team based in
Washington, D.C. works closely with many U.S. Federal agencies to help
protect their highest value information assets, infrastructure and
applications. CyberArk’s U.S. headquarters are located in Newton, Mass.
To learn more about CyberArk, visit www.cyberark.com,
read the company blog, http://www.cyberark.com/blog/,
follow on Twitter @CyberArk
or Facebook at https://www.facebook.com/CyberArk.
About Corsec Security
Corsec Security is the global leader
in providing access to new markets via IT security validations. With the
largest staff of experts in the industry and a comprehensive solution
that spans consulting, documentation, testing, managed lab services, and
strategic product roadmap planning, Corsec has secured more than 350
FIPS 140-2, Common Criteria and UC APL certifications for hundreds of
organizations on five continents over the last 15 years. For more
information, visit www.corsec.com.
Forward-Looking Statements
This release may contain
forward-looking statements, which express the current beliefs and
expectations of CyberArk’s management. Such statements involve a number
of known and unknown risks and uncertainties that could cause the
Company’s future results, performance or achievements to differ
significantly from the results, performance or achievements expressed or
implied by such forward-looking statements. Important factors that could
cause or contribute to such differences include risks relating to:
changes in the new and rapidly evolving cyber threat landscape; failure
to effectively manage growth; fluctuations in quarterly results of
operations; real or perceived shortcomings, defects or vulnerabilities
in the Company’s solution or the failure of the solution to meet
customers’ needs; the inability to acquire new customers or sell
additional products and services to existing customers; competition from
IT security vendors and other factors discussed under the heading “Risk
Factors” in the Company’s most recent annual report on Form 20-F filed
with the Securities and Exchange Commission. Forward-looking statements
in this release are made pursuant to the safe harbor provisions
contained in the Private Securities Litigation Reform Act of 1995. These
forward-looking statements are made only as of the date hereof, and the
Company undertakes no obligation to update or revise the forward-looking
statements, whether as a result of new information, future events or
otherwise.
Copyright © 2015 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.

View source version on businesswire.com: http://www.businesswire.com/news/home/20150714005438/en/
Source: CyberArk
Media Relations Contacts:
fama PR
Brian Merrill,
+1-617-986-5005
cyberark@famapr.com
or
CyberArk
Christy
Lynch, +1-617-796-3210
press@cyberark.com
or
Investor
Relations Contact:
ICR
Staci Mortenson, +1-617-558-2132
IR@cyberark.com