Bridging the Gap to Third Party Devices, Applications and Operating Systems

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

The overall strength of a privileged account security solution can be measured by a typical set of standard benefits including performance, scalability and ease-of-use. One key characteristic that should not be overlooked is the ability to seamlessly integrate with third-party devices, applications and operating systems. When done correctly, this can provide organizations the ability to manage privileged credentials and secrets without significant development cycles, which can consume valuable resources in the process.

The average large enterprise can have hundreds (if not thousands) of different devices, (e.g. workstations, servers, network devices) all of which have privileged accounts that need to be protected and managed. In many cases, there is no centralized approach to managing privileged accounts for these disparate devices. Moreover, these devices are often added or upgraded on a regular cadence, which in turn, creates a never-ending scramble to protect all of the assets users and applications interact with – assets that reside both within and outside the four walls of the organization. The sooner an organization can get a handle on protecting these assets, the sooner they mitigate the risk against today’s advanced threats.

In the past, CyberArk has provided different methods to enable organizations to create their own integrations. The most commonly used format was a development framework that could create third-party plug-ins using scripts such as PowerShell and Python, .NET applications and web browser recording methodologies. The one caveat to be able to utilize this framework was the requirement of basic developer skills and some level of training in order to successfully create custom plug-ins.

In an effort to simplify the way our customers can integrate with other solutions, CyberArk introduced a new tool that delivers a straightforward and intuitive user experience for creating a credential management plug-in. The tool, the Plugin Generator Utility (PGU), streamlines the workflow in a ‘wizard-like’ process.

The first release of the PGU allows for the recording of a plug-in for network devices and appliances (based on Unix/Linux) as well as support for SSH and Telnet protocols – with plans to provide support for cloud and web applications in the not-too-distant future. The tool can also plug into IoT devices to protect and prevent the network it’s connected to from becoming compromised.

Figure 1:  The Plugin Generator Utility recording the process to verify the account password.

We deliberately designed the tool to be used by anyone – the tool does not require a developer’s experience and skillset. Users only need to understand the process and the set of commands required to perform the verification of a password, change a password and reconcile the accounts (e.g., administrative synchronization). Users can generate plugins for accounts that have the ability to log into devices directly, as well as devices that require a traditional logon account. Leveraging the PGU not only saves a significant amount of development time but also reduces operational overhead and eliminates the need for a professional services engagement.

The engine within the PGU detects different prompts for different operating systems (which are SSH related) and once a plugin is recorded, the tool generates a package that can be easily imported into the CyberArk Privileged Account Security Solution. Customers can now create and develop plugins on the fly. Beta testing determined a reduction in development time from ~90 days to 10 minutes! Download this free tool from the CyberArk Support Vault and start creating your own custom plugins today.

 

 

 

The post Bridging the Gap to Third Party Devices, Applications and Operating Systems appeared first on CyberArk.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
979 Followers
About CyberArk
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and do irreparable business damage. CyberArk is trusted by the world’s leading companies – including more than 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications, while ensuring tight regulatory compliance and audit requirements.
Promoted Content
7 COMMON PRACTICES THAT MAKE YOUR ENTERPRISE VULNERABLE TO A CYBER ATTACK
Advanced cyber attacks involve compromised privileged accounts. Cyber attackers target them because they represent the keys to the IT kingdom. Effective enterprise security includes proactively protecting privileged accounts. Industry experts have identified practices that increase an organization’s vulnerability to a cyber attack. How many of these are common at your organization?

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel