CyberArk, best known for it's Privileged Password Vault, and recent IPO success story has just announced a new product set. At the 2014 CyberArk Customer Event held in Boston this week, they announced their new SSH key manager. (October 21st 2014)"The CyberArk SSH Key Manager is designed to securely store, rotate and control access to SSH keys to prevent unauthorized access to privileged accounts."Extending their already successful Enterprise Vault Infrastructure, CyberArk protects SSH keys with the highest level of security and granular control. Keys in the vault are encrypted, and managed in a fashion not unlike their Password Management Infrastructure. Integrating SSH keys into this platform creates a one-stop-shop for Privileged Access Management on both Windows and UNIX/Linux platforms.
In January of 2013, CyberArk added Privileged Session Management for UNIX and Linux systems to their growing arsenal of Privileged Management tools. This led me to blog about the requirement to Treat Your Key Pairs Like Passwords! It looks like they were listening...
Up until this week, there was only SSH.COM, with their Universal SSH Key Manager, and Venafi, with their Trust Authority SSH manager.
With the announcement of CyberArk's new SSH key manager, we now have an Enterprise holistic approach to Privileged User Account Management across the network.
References:
CyberArk: SSH Key Manager
Infosec Musings: Treat Your Key Pairs Like Passwords!
http://security-musings.blogspot.ca/2013/01/privileged-identity-management-make.html
http://www.cyberark.com/resource/isolation-control-monitoring-next-generation-jump-servers/
http://en.wikipedia.org/wiki/Privileged_Identity_Management
http://www.cyberark.com/esg-validating-privileged-account-security-while-validating-cyberark
IDC: A Gaping Hole in Your Identity and Access Management Strategy: Secure Shell Access Controls
Networkworld: SSH key mismanagement and how to solve it
No comments:
Post a Comment