Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

CYBERARK ADDS CREDENTIAL THEFT BLOCKING TO EXPAND PRIVILEGE PROTECTION AT THE ENDPOINT

CYBERARK ADDS CREDENTIAL THEFT BLOCKING TO EXPAND PRIVILEGE PROTECTION AT THE ENDPOINT

Combination of New Targeted Behavioral Analytics with Proven Privilege Management and Application Control Capabilities Enables Organizations to Better Detect and Contain Cyber Attacks                                                                                                                                          

CyberArk(NASDAQ: CYBR), the company that protects organizations from cyber attacks that have made their way inside the network perimeter, today announced new behavioral analytics to block and contain advanced threats targeting credential theft at the endpoint. CyberArkViewfinity, with enhanced threat protection features, is now available as CyberArk Endpoint Privilege Manager.

CyberArk also released new research from CyberArk Labs today demonstrating security weaknesses in Windows operating systems that allow attackers with local administrator rights to steal and use encrypted service credentials to achieve lateral movement and full domain compromise. This research supports a recent FBI flash alert that recommends prioritizing credential protection, including implementing least privilege and restricting local accounts, to limit a threat actor’s ability to gain highly privileged account access and move throughout a network.

CyberArk Endpoint Privilege Manager protects against advanced threats that exploit privileged credentials by interlocking three core capabilities: privilege management, application control and new targeted credential theft detection and blocking to stop and contain damaging attacks at the endpoint.

According to testing done by CyberArk Labs on more than 150,000 ransomware samples, the removal of local administrator rights, combined with application control and greylisting, was 100 percent effective in preventing this ransomware from encrypting files. Despite recognition that the removal of local administrator rights on the endpoint is an established best practice, a recent survey highlighted that an alarming 62 percent of organizations have not taken steps to remove them.

“Even if malware disappeared tomorrow, attacks and breaches would still occur. Organizations need to be thinking about long term solutions, not just addressing the latest threat in the headlines,” said Adrian Sanabria, senior security analyst, 451 Research. “With attackers getting better and better at evading short-term prevention methods, organizations must also focus efforts on reducing endpoint attack surface and hardening, including defending admin privileges against malicious abuse.”

Reducing the Attack Surface with Privilege Security on the Endpoint

CyberArk Endpoint Privilege Manager now helps organizations detect and block credential theft attempts by malicious users and applications including Windows credentials, remote access application credentials and those credentials stored by popular web browsers such as corporate network and cloud applications. CyberArk is also able to block hash harvesting at the endpoint to prevent Pass-the-Hash, an attack leveraging stolen credentials.

New targeted behavioral analytics are based on cyber threat detection technology acquired from Cybertinel last year, combined with continuous research from CyberArk Labs focused on identifying common privileged account-based attack patterns and malware behavior to further reduce the risk of emerging threats. These new capabilities complement enterprise security best practices for hardening the endpoint, including:

  • Removing local administrator credentials:CyberArk automates the removal of local administrator rights to reduce risk while alleviating pressure on help desk support, and minimizing impact on user activity by seamlessly elevating privileges for authorized applications or tasks.
  • Enabling flexible application control: CyberArk application control capabilities, featuring automatic policy creation, allows organizations to prevent malicious applications from executing and utilizes greylisting to run unknown applications in a restricted mode.

Additionally, by focusing specifically on detecting and containing credential theft at the endpoint, security teams are alerted on the specific threats that can pose the most danger to an organization, allowing them to reduce “noise” and prioritize remediation efforts accordingly.

“Instead of adding layer after layer of preventative endpoint security controls on a weak foundation, CyberArk offers customers a different, proactive approach – one that prioritizes securing privilege across the organization and extends it to the endpoint,” said Roy Adar, senior vice president, product management, CyberArk. “We know advanced attacks start at the endpoint with attackers going after credentials, so we combined powerful technology, deep research and known best practices to stop them from advancing and doing damage.”

With CyberArk Endpoint Privilege Manager as part of the CyberArk Privileged Account Security Solution, customers gain a complete, centralized solution to protect, monitor, detect, alert and respond to privileged account activity. Additionally, the CyberArk Discovery and Audit (DNA) tool v7.0 helps organizations broaden their visibility into privileged accounts and privileged account risks by extending discovery capabilities into public cloud environments and uncovering credential-harvesting risks at the endpoint.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post