Application Credentials: The Hidden Attack Pathway into Your Organization

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Today, it’s well-understood that credentials belonging to IT administrators, business users, partners and others with high levels of network access are critical for gaining unauthorized access to key systems, and ultimately, the heart of the enterprise. As we’ve explored previously, too many organizations continue to equate privileged credentials with IT administrators alone. The reality is that privileged access is not limited to users with a “heart beat.”


Every day, countless applications across the enterprise use privileged credentials to connect to sensitive resources. Sought after and exploited by cyber attackers when left unprotected, these application credentials include SSH keys and hard-coded, embedded passwords. Many privileged credentials accessed by applications are often not well managed, secured or even tracked for a number of reasons. Though IT security teams increasingly realize the importance of shoring up the security of privileged credentials used by applications, the process can understandably seem to be complex, time-consuming and overwhelming.


The key to implementing an effective privileged account security program for applications is to create a comprehensive, long-term plan, but to start small. Tackling the initiative piece-by-piece will help your IT security team to mitigate risk, build repeatable processes and demonstrate “quick wins” that will help garner further support from key stakeholders.

To do this, it’s important to understand that not all applications are made equally and most enterprise applications can be classified into two distinct tiers based on both their availability level and risk level:


Tier 1: Business/mission-critical, high availability applications, such as consumer-facing web applications, are integral to an organization’s operations, and if they fail they can cause significant financial or reputational damage. They often enable access to an organization’s most sensitive resources, and as such, need to be protected and available 24x7x365.Tier 2: These applications are also critical to an organization’s operations, yet do not need to be “always on.” For example, scripts or applications that perform simple, often automated tasks, such as running a scheduled backup script on Windows.


CyberArk Application Identity ManagerTM offers a variety of flexible deployment options to protect privileged credentials linked to each application tier. This gives organizations the ability to approach privileged account security initiatives in manageable pieces—beginning with a specific kind of application, such as Commercial Off the Shelf (COTS) applications or J2EE application servers (such as IBM, WebSphere, Oracle, Weblogic, JBoss and Tomcat), then scaling over time as program milestones are successfully completed.


Our recent eBook, “An Attack Pathway into Your Organization? There’s an App for That,” explores these deployment options in detail, while offering actionable recommendations for improving privileged credential security, management and compliance. We invite you to download the eBook here.


Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About CyberArk
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and do irreparable business damage. CyberArk is trusted by the world’s leading companies – including more than 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications, while ensuring tight regulatory compliance and audit requirements.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?