CyberArk Viewfinity Integrates Privilege Management with Application
Control to Help Protect Against Malware-Based Attacks Without
Compromising the Business User Experience
NEWTON, Mass. & PETACH-TIKVA, Israel--(BUSINESS WIRE)--Feb. 2, 2016--
CyberArk
(NASDAQ: CYBR),
the company that protects organizations from cyber
attacks that have made their way inside the network perimeter, today
announced new capabilities for CyberArk Viewfinity that deliver privileged
account security to the endpoint. With CyberArk Viewfinity v5.5,
customers can benefit from an enhanced, single privilege management and
application control solution to reduce the attack surface while being
able to block the progression of malware-based attacks, and balance
business user productivity and enterprise security.
Following the acquisition of Viewfinity in Q4 2015, CyberArk
Viewfinity is now available as part of the CyberArk
Privileged Account Security Solution. With this release, customers
can gain greater privilege management and application control features
in an on-premises or software-as-a-service (SaaS)-based offering. New
integration with the CyberArk Shared Technology Platform enables all
privileged audit logs to be stored and reviewed centrally, as well as
new flexible, customizable reporting capabilities.
Evidence shows that advanced attacks often start with phishing emails
sent to non-privileged business users, and a campaign of just 10 emails
will typically yield a greater than 90 percent chance that at least one
person will become the criminal’s prey.1 If an organization
has removed users’ administrative rights on endpoints and servers, but
is not monitoring and controlling which applications are allowed to run
on these machines, a rogue application containing malware that does not
require administrative privileges to run can enter the infrastructure
and execute in the environment, giving attackers a foothold into the
organization.
Our study of employee endpoints reveals that it is not uncommon to find
more than 20,000 different applications across an enterprise2,
meaning malicious applications can easily hide in plain sight because IT
teams simply don’t have the time to manually analyze everything.
“As malware continues to be a frequently-used and successful means for
hijacking credentials, organizations must realize that the endpoint
problem is a privilege problem,” said Roy Adar, senior vice president,
product management, CyberArk. “The fact is, motivated attackers will
eventually get inside your network – it’s what happens next that
matters. Establishing a foothold on endpoints and escalating privileges
enables attackers to jump from endpoints, to servers, to domain
controllers until they own the network. CyberArk Viewfinity extends
privilege security to the endpoint to mitigate these risks without
excessively restrictive controls on users.”
To effectively reduce the attack surface and support mitigating the risk
of a serious data breach without impacting productivity, organizations
require solutions that enforce flexible least
privilege policies for business and administrative users, and
control what applications are allowed to run. Enhanced CyberArk
Viewfinity features include:
-
Grey Listing: Monitor “grey” applications – those that are not
specifically trusted (white listed) or blocked (black listed) – and
apply policies such as restrictive access mode until the application
can be further researched.
-
Application Catalog: The Application Catalog displays
information on applications installed on end-user computers managed by
CyberArk Viewfinity and allows quick discovery of new applications in
the system.
-
Application Intelligence: Provides support for application
forensic and investigation processes; an aggregated historical
timeline is compiled for each application with details such as first
seen in the organization, where installed, original source and full
family tree.
-
Trusted Sources: This privilege management capability allows
System Administrators to automatically create application control and
privilege elevation policies based on Trusted Sources such as System
Center Configuration Manager (SCCM), software distributors, updaters
and more. Trusted Sources can be used to automate the creation of
privilege policies for more than 90 percent of applications within the
organization.
CyberArk Viewfinity provides CyberArk’s global channel partners with
opportunities to reach new enterprise customers with capabilities that
target risk management, compliance as well as business and IT operations
teams. CyberArk Viewfinity benefits include the ability to automatically
create policies based on business requirements, seamlessly elevate
application privileges as needed, reduce security risks related to
‘privilege creep,’ reduce help desk costs, leverage integrations with
threat detection tools to analyze unknown applications, and accelerate
the remediation of threats.
“We expect the endpoint security market to continue to grow, driven in
part by increasing enterprise mobile and cloud adoption. To meet new
demand efficiently and cost-effectively, organizations are realizing
that endpoint security can no longer be a siloed compliance or audit
initiative, it must be part of a comprehensive cyber security strategy,”
said Robert Westervelt, research manager, security products, IDC. “We
believe innovation at the endpoint focused on flexible deployment
options, improving the user experience and streamlining management will
be important factors that will resonate across risk, compliance and
operations stakeholders.”
CyberArk Viewfinity v5.5 is available now in a SaaS, on-premises or
Microsoft Group Policy (GPO) deployment model. This offering complements
the CyberArk
On-Demand Privileges Manager for Unix. For more information, visit http://www.cyberark.com/products/privileged-account-security-solution/viewfinity/.
Sources:
1 - Verizon, “2015 Data Breach Investigations Report”
2
- Viewfinity, “IT Security’s 50 Shades of Grey” whitepaper
About CyberArk
CyberArk is
the only security company focused on eliminating the most advanced cyber
threats; those that use insider privileges to attack the heart of the
enterprise. Dedicated to stopping attacks before they stop business,
CyberArk proactively secures against cyber threats before attacks can
escalate and do irreparable damage. The company is trusted by the
world’s leading companies – including 40 percent of the Fortune 100 and
17 of the world’s top 20 banks – to protect their highest value
information assets, infrastructure and applications. A global company,
CyberArk is headquartered in Petach Tikvah, Israel, with U.S.
headquarters located in Newton, Mass. The company also has offices
throughout EMEA and Asia-Pacific. To learn more about CyberArk, visit www.cyberark.com,
read the company blog, http://www.cyberark.com/blog/,
follow on Twitter @CyberArk or
Facebook at https://www.facebook.com/CyberArk.
Forward-Looking Statements
This release may contain
forward-looking statements, which express the current beliefs and
expectations of CyberArk’s management. Such statements involve a number
of known and unknown risks and uncertainties that could cause the
Company’s future results, performance or achievements to differ
significantly from the results, performance or achievements expressed or
implied by such forward-looking statements. Important factors that could
cause or contribute to such differences include risks relating to:
changes in the new and rapidly evolving cyber threat landscape; failure
to effectively manage growth; fluctuations in quarterly results of
operations; real or perceived shortcomings, defects or vulnerabilities
in the Company’s solution or the failure of the solution to meet
customers’ needs; the inability to acquire new customers or sell
additional products and services to existing customers; competition from
IT security vendors and other factors discussed under the heading “Risk
Factors” in the Company’s most recent annual report on Form 20-F filed
with the Securities and Exchange Commission. Forward-looking statements
in this release are made pursuant to the safe harbor provisions
contained in the Private Securities Litigation Reform Act of 1995. These
forward-looking statements are made only as of the date hereof, and the
Company undertakes no obligation to update or revise the forward-looking
statements, whether as a result of new information, future events or
otherwise.
Copyright © 2016 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.
View source version on businesswire.com: http://www.businesswire.com/news/home/20160202005519/en/
Source: CyberArk
Media Relations Contacts:
fama PR
Brian Merrill,
+1-617-986-5005
cyberark@famapr.com
or
CyberArk
Liz
Campbell, +1-617-558-2191
press@cyberark.com
or
Investor
Relations Contact:
CyberArk
Erica Smith, +1 617-630-6426
ir@cyberark.com