CyberArk Privileged Access Security
Updated Aug. 2 2021
5 / 5 (1 review)

CyberArk and Venafi have teamed up to offer an integrated solution for enterprise-wide governance and risk reduction by enabling easy and robust management of SSH keys. The integration with Venafi’s SSH Protect solution is designed to provide higher levels of automation for system administrators, better visibility for InfoSec teams to prevent misuse and compromise of keys, and results in fast, successful audits for GRC teams.
Business Outcomes
  • Remediate risks by prioritizing and rotating out-of-compliance SSH keys

  • Notify InfoSec and risk teams of policy violations

Integration Features
  • Automate SSH machine identity lifecycle through self-service on boarding

  • Discover enterprise wide, agent based or agentless SSH keys

  • Create central key inventory, map connectivity and analyze for risks

Solution Overview

Digital transformation results in tremendous growth in the number of machines and pushes IT system administrators to new levels of productivity via automation. Many administrators achieve this productivity by creating and deploying SSH keys, which establish fast, secure, automated connections to critical assets. These SSH keys serve as machine identities, identifying and authenticating administrators and machines for critical business functions. But history shows how easy it is for organizations to lose track of SSH keys, which can lead to the misuse of privileged access on sensitive internal systems. Poor SSH configuration and management practices have left many organizations vulnerable to cybercriminals, insider threats and failed audits as well as leave IT and security teams without a clear understanding as to what went wrong.

In this integrated solution, CyberArk provides Privileged Access Management (PAM) for interactive human-user accounts including key management, session isolation and audit, while Venafi provides Machine Identity Protection for automated machine-to-machine connections. Together, encryption key governance is achieved across the entire enterprise, protecting the full lifecycle of keys from creation to termination, including the storage and auditing of those keys.

The CyberArk Privileged Access Security Solution includes an encrypted Digital Vault, which is designed to secure, rotate and control access to privileged account passwords based on organizational policies for both human and non-human users.

Most recent reviews
Vaulting SSH keys
5 / 5
Makes protecting SSH client keys very functional while very secure.