CyberArk Labs Publishes New Privileged Credential Theft Research

Research Examines Use of Credential Theft Foresight in Detecting and
Preventing Predictable Cyber Security Risk

NEWTON, Mass. & PETACH TIKVA, Israel–(BUSINESS WIRE)–CyberArk (NASDAQ: CYBR),
the global leader in privileged
access security, today released new research from CyberArk Labs
introducing credential theft foresight as an effective approach to
identifying network weak spots likely to expose privileged credentials
to compromise.

The report, “Predicting
Risk: Credential Theft Foresight,” examines how privilege escalation
can be detected and neutralized, and how future risk can be prevented.
This approach enables organizations to minimize the attack surface and
improve their overall security posture.

The research identifies “HotSpots” and “ColdSpots” as indicators of weak
areas on a network that are likely to be attacked. Organizations have an
average 5.5 HotSpots, which are areas predictably vulnerable to attack
that act as bottlenecks for dozens of potential attack vectors, on their
networks at any given time. They also have an average 37 ColdSpots,
which are machines hosting privileged accounts that could be targeted by
attackers in an attempt to escalate privileges.

The research details:

• Credential theft foresight as a significant defensive advantage over
  traditional security tools like vulnerability scanners and intrusion
  detection systems
• The multi-step process for identifying and mitigating HotSpots and
  ColdSpots
• Two use cases in applying credential theft risk mitigation techniques

To easily identify HotSpots in real time as they are created, CyberArk
Labs also released a new tool – PreCog – that’s available now on GitHub: https://github.com/cyberark/PreCog.

CyberArk Labs researchers will be available at RSA
Conference to discuss the research. They’ll also unveil new research
in the RSA Conference session, “Sneak
Your Way to Cloud Persistence – Shadow Admins Are Here to Stay,” on
Thursday, April 19, at 9:15 a.m. PDT. To learn more, members of the
CyberArk Labs team will be available at booth #4201.

Additional Resources

• Blog: Predicting
  Risk: Credential Theft Foresight
• Research paper: Predicting
  Risk: Credential Theft Foresight
• Research paper: CyberArk
  Labs: Kerberos Decryption
• Research paper: CyberArk
  Labs: Pass-the-Hash Detection Using Windows Events

About CyberArk
CyberArk (NASDAQ: CYBR)
is the global leader in privileged access security, a critical layer of
IT security to protect data, infrastructure and assets across the
enterprise, in the cloud and throughout the DevOps pipeline. CyberArk
delivers the industry’s most complete solution to reduce risk created by
privileged credentials and secrets. The company is trusted by the
world’s leading organizations, including more than 50 percent of the
Fortune 100, to protect against external attackers and malicious
insiders. A global company, CyberArk is headquartered in Petach Tikva,
Israel, with U.S. headquarters located in Newton, Mass. The company also
has offices throughout the Americas, EMEA, Asia Pacific and Japan. To
learn more about CyberArk, visit www.cyberark.com,
read the CyberArk
blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.

Copyright © 2018 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.

Contacts

Media Relations Contacts:
fama PR
Brian Merrill,
+1-617-986-5005
[email protected]
or
CyberArk
Liz
Campbell, +1-617-558-2191
[email protected]
or
Investor
Relations Contact:
CyberArk
Erica Smith, +1 617-630-6426
[email protected]