CyberArk Introduces New Solution for Machine Identity Security

CyberArk, a leading cybersecurity company, has announced the release of its new machine identity security solution - the Secure Workload Access Solution. This innovative solution is designed to tackle the challenges posed by modern, cloud, and ephemeral workloads, which can fragment authentication and make access control complex, leading to a large, unprotected attack surface.

The Secure Workload Access Solution employs a layered approach to enforce least privilege, mitigate risk, and prevent credential-based attacks for all workloads across hybrid and multi-cloud environments. Unlike other solutions, it integrates Workload Identity Manager with CyberArk Secrets Manager, securing access for all workloads in cloud-native and containerised environments.

The solution enables security teams to gain visibility and control over the entire machine identity lifecycle. It automatically identifies workloads running in virtualised environments for access to cloud services and cloud provider environments. This includes dynamic, cloud-native workloads like Kubernetes and service mesh.

One of the key features of the Secure Workload Access Solution is CyberArk Workload Identity Manager, a lightweight, distributed, and cloud-native machine identity issuer. Designed to address the scaling needs of ephemeral cloud workloads, it surpasses traditional public key infrastructure systems.

The automated capabilities help teams generate an inventory of secrets, certificates, and information about their environment. These extended capabilities also help teams assess, understand, and eliminate risks tied to unprotected machine identities. The solution integrates with secrets management for existing API key and access token authentication, as well as other secrets.

According to Kurt Sand, the Machine Identity Security GM at CyberArk, the Secure Workload Access Solution allows SPIFFE2 identities to work with existing identities, applications, clouds, and SaaS services. This ensures a secure connection for on-premises and cloud workloads across environments using unique and universal SPIFFE2 identities.

Matt Barker, the General Manager of CyberArk Machine Identity Security and Vice President and Global Head of Workload Identity Architecture at CyberArk, emphasised the importance of the new solution. "Modern, cloud, and ephemeral workloads can fragment authentication, making access control challenging and resulting in a large, unprotected attack surface that increases the risk of breaches," he said.

The Secure Workload Access Solution is part of CyberArk's comprehensive machine identity security solution. It discovers and assesses risk across all workloads, making it easier to detect threats, enforce security policies, and prevent unauthorized access. This comprehensive protection extends to all non-human identities, providing a robust defence against cyber threats in today's complex digital landscape.