AWS Security Hub Extends Privileged Access Threat Analytics Capabilities with CyberArk

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Today’s most disruptive cyber attacks center on controlling an organization’s high-value assets with privileged access. Numerous headlines on cloud-related breaches tied to misconfigured Amazon S3 buckets, stolen access keys and more have made it clear that privileged accounts, credentials and secrets deliver an unobstructed pathway to critical infrastructure and applications in the cloud.

CyberArk, an AWS Partner Network (APN) Advanced Technology Partner, provides industry-leading privileged access security support for the AWS community and ecosystems. With a commitment to innovation and a focus on mitigating the risks of emerging cyber threats, CyberArk empowers cloud-first organizations to fortify their security and gain a competitive edge by putting privilege at the center of their digital transformation initiatives.

Further extending this commitment, CyberArk today introduced integration with the newly unveiled AWS Security Hub and CyberArk Privileged Threat Analytics, part of the CyberArk Core Privileged Access Security Solution. This integration enables organizations to collect, detect, view, alert and respond to high-risk privileged access activity across their entire AWS environment.

Detect and Prevent Privileged Access Attacks

AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status by aggregating, organizing and prioritizing alerts, or findings, from multiple AWS services such as Amazon GuardDuty, Amazon Inspector and Amazon Macie, as well as from APN security solutions. The findings are then visually summarized on integrated dashboards with actionable graphs and tables.

The CyberArk integration brings the benefits of Privileged Threat Analytics to the Security Hub, providing organizations with deeper, data-driven insights and enhanced detection capabilities, enabling them break the attack lifecycle quickly.

With CyberArk, AWS Security Hub customers gain:

  • Unprecedented Privileged Access Analysis. By integrating seamlessly with leading SIEM solutions, CyberArk collects, analyzes and delivers enterprise-wide, real-time insights on privileged access activity to help organizations mitigate security risks linked to unauthorized access, impersonation, fraud and theft.
  • Best-of-Breed Threat Detection. The CyberArk Privileged Threat Analytics engine leverages statistical modeling, machine learning, behavioral analytics and deterministic algorithms to rapidly detect malicious activity. For example, an insider who has gained access to privileged credentials or secrets can initiate seemingly legitimate privileged user sessions. CyberArk’s automated, real-time detection and alerting capabilities can quickly identify these stealthy insider attacks.
  • Critical Context. CyberArk analyzes, classifies and ranks each threat finding, while providing recommended actions for remediation. This allows organizations to zero in on specific findings such as lateral movement activity. CyberArk then feeds this valuable information to the AWS Security Hub, which ingests the data using a standard findings format, then correlates information across AWS services and AWS partner tools to help organizations visualize and prioritize the most important findings (see Figure 1 below).


Figure 1. The AWS Security Hub console displaying alerts and detections forwarded by CyberArk Privileged Threat Analytics

Joint AWS and CyberArk customers can take advantage of this integration now through a subscription model. To learn more, please visit the CyberArk Marketplace.

CyberArk provides broad and deep privileged access security for organizations using AWS. In addition to this new integration with AWS Security Hub, CyberArk’s use of Amazon Machine Images (AMI) and AWS CloudFormation simplify the discovery and prioritization of privileged account risk in the cloud. Additional integrations with AWS, including automating the onboarding of credentials through integrations with Amazon CloudWatch and AWS Lambda, enable security teams to dramatically reduce the risk of unsecured credentials. To learn more about CyberArk support for the AWS community, visit

The post AWS Security Hub Extends Privileged Access Threat Analytics Capabilities with CyberArk appeared first on CyberArk.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About CyberArk
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and do irreparable business damage. CyberArk is trusted by the world’s leading companies – including more than 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications, while ensuring tight regulatory compliance and audit requirements.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?