Follow CyberArk on their other social channels!
About Us
Company Size:
501-1000 employees
Company Type:
60 Wells Avenue Newton, MA 02459 United States
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against c ...
Read more
Promoted Content
CyberArk Labs Report: Analyzing Ransomware and Potential Mitigation Strategies
The Case for Comprehensive Access Management
The insider threat does not necessarily cease when an employee leaves the organization. There are plenty of recent articles in the news with cautionary tales of ex-employees compromising company networks. A former employee at a private security patrol company was ordered by court to pay more than $300,000 to fix computer systems he damaged after he was fired. A former employee of an engineering company stole $425,000 worth of proprietary information for a competitor. A high level IT employee of ...
CyberArk Labs: Breaking Down WannaCry Ransomware – What’s Different?
Critical Synopsis: WannaCry malware continues to spread on a global basis and organizations are still at risk of being infected; Patching the Microsoft vulnerability can prevent infection via the SMB worm, but cannot prevent direct infection via phishing; CyberArk Labs tested prevention tactics on WannaCry over the weekend and found that the combination of enforcing least privilege on endpoints and application greylisting control was 100 percent effective in preventing WannaCryptor from encrypt ...
New York State Gets Bullish on Cyber Security Programs
Last year, New York experienced an unprecedented number of data breaches triggered by hacking, malicious insiders and accidental causes according to the attorney general.  Coincidentally, in late September of 2016, the New York State Department of Financial Services (NYDFS) proposed 23 NYCRR 500, a regulation requiring banks, insurers and other financial service providers to improve their organizational cyber-readiness through the establishment of programs and policies that protect sensitiv ...
Cloud Automation Capabilities for Rapidly Securing Cloud Assets
The Urgency of Rapidly Securing Cloud Assets As organizations increasingly work to leverage cloud based infrastructure, we see increased attacks and exploits of the vulnerabilities in cloud-based infrastructure. Vulnerable privileged accounts for cloud- based infrastructure all too often make these attacks particularly damaging. Consider, for example, the recent actions of determined hackers against FlexiSpy. Organizations recognize that protecting their cloud assets is a responsibility they s ...
Insiders and the Privileged Pathway of Attacks
Corroborating the recent surge in headlines, a new industry study reveals that 56 percent of security professionals surveyed say insider threat incidents have become more frequent in the past 12 months. As we’ve covered in previous posts, insiders present a particularly challenging security conundrum. Those who gain access to privileged credentials can initiate seemingly legitimate privileged user sessions. Take, for example, reports of a former IT director at a sportswear company who cre ...
New Wave of Ransomware Could Put Utilities at Risk
The stakes for protecting against ransomware are about to get higher as malicious tools evolve to target Industrial Control Systems (ICS) and threaten critical infrastructure. Researchers have demonstrated proof-of-concept ransomware attacks against programmable logic controllers (PLC) used in many operational environments, including utilities. Unlike attacks against corporate networks, which can result in expenses and revenue loss, ICS attacks could shut down critical operational systems, dama ...
7 Practices that Make Your Organization Vulnerable to Cyber Attacks
Today I read “How you can be the smartest cybersecurity expert in the room” on The author notes, “many CIOs and senior IT leaders are almost clueless about where to focus and how to start building next-gen security functions.” He references 20 CIS Critical Security Controls presented by the SANS Institute that organizations can implement to dramatically reduce risk. He acknowledges that list is too much for most busy IT teams, so he directs readers to focus on th ...
Your Greatest Threat Might Already Be Inside Your Network
Insider activity—both malicious and simple error—accounts for a growing share of data breaches. Statistics are difficult to come by because requirements for reporting security incidents are not consistent across sectors. But some studies show they account for more than half of those breaches analyzed. According to the Protenus Breach Barometer for February, a monthly analysis of reported breaches in the healthcare industry, 58 percent were related to insiders. This was divided about ...
Lateral movement exploits related to gaps in Credential Guard
Important research from CyberArk Labs recently demonstrated that while Credential Guard in Microsoft Windows 10 limits certain types of credential theft, it has gaps that still allow attackers to achieve lateral movement, privilege escalation and – ultimately – full domain compromise. This blog outlines step-by-step how attackers can steal and re-use domain-level service credentials, despite Credential Guard being enabled.  
Securing Assets and Applications in the Cloud
In our recent blog, Cloud Security: Who is Responsible for What?, we focused on the idea of shared responsibility in cloud environments; with IaaS/PaaS, the customer is responsible for everything above the hypervisor, while the cloud vendor takes responsibility for the infrastructure itself. We also addressed how the public cloud vendors’ management consoles are a key weak point and consequently an attractive target for an attacker, often via a phishing attempt. As such, it’s import ...
The Top 5 Reasons to Prioritize Privilege Account Security Explained - Mar 14 2pm ET
Don't miss our webinar tomorrow - Securing Privilege on the Endpoint. Please join us 11am EST, copy this link to your browser:

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar
Cybrary works best if you switch to our Android-friendly app

We recommend always using caution when following any link

Are you sure you want to continue?