TechValidate Research on CyberArk

These pages present data that TechValidate has sourced via direct research with verified customers and users of CyberArk. TechValidate stands behind the authenticity of all published data. Learn more »



344 Customers Surveyed

2,717 Data Points Collected

70 Published TechFacts

60 Published Case Studies



Selected Research Highlights


CyberArk Case Study

Case Study: Large Enterprise Insurance Company

Introduction

This case study of a large enterprise insurance company is based on an April 2018 survey of CyberArk customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.

“Easy to use, well supported, all around good product/company.”

Challenges

The business challenges that led the profiled company to evaluate and ultimately select CyberArk:

  • Resolved the following challenges after using CyberArk:
    • Balancing security with productivity
    • Rampant password reuse across multiple accounts
    • Securing credentials used by applications
    • IT admins having more privileges than they truly need
    • Unmanaged or unaudited third-party / remote vendor access
  • Adopted CyberArk’s privileged access security because of the following compelling business drivers:
    • Initiated a proactive security project
  • Selected a solution for privileged access security to:
    • Limit the exposure of privileged credentials
    • Enforce strong passwords, store them in an encrypted vault, and rotate them
    • Simplify audit and compliance requirements
    • Secure third-party access

Use Case

The key features and functionalities of CyberArk that the surveyed company uses:

  • Uses CyberArk for the following:
    • Securing privileged credentials in a vault
    • Rotating credentials based on policies
    • Securing and rotating shared service accounts
    • Monitoring and recording privileged sessions
    • Detecting and responding to attempts to circumvent privileged access controls
    • Securing credentials used by applications
    • Securing secrets used by DevOps and Continuous Integration/Continuous Delivery (CI/CD) tools
    • Managing third-party / remote access
    • Securing workstations by removing local privileges
    • Flagging and reviewing high-risk activity
  • Managing the following types of privileged accounts, credentials, and secrets with CyberArk in the next 12 to 18 months:
    • Domain admin accounts
    • Microsoft Windows admin accounts
    • NIX admin accounts (UNIX and Linux)
    • Network device accounts
    • Database or application admin accounts
    • Cloud admin consoles for IaaS or PaaS (Amazon Web Services, Microsoft Azure, Google Cloud, OpenShift, Pivotal Cloud Foundry)
    • SaaS accounts (Microsoft Office 365, Salesforce, Box, Concur)
    • Local admin accounts on workstations
    • Application credentials
    • Secrets used by DevOps tools
    • Service accounts
    • SSH keys
  • Plans to integrate the following tools with CyberArk within the next 18 months:
    • Authentication (DUO or OKTA, RSA)
    • The cloud (Amazon Web Services, Microsoft Azure, Google Cloud Platform)
    • DevOps (Docker, Chef, Puppet)
    • Identity and access (Sailpoint, RSA)
    • Orchestration and threat response (ServiceNow, ProofPoint)
    • SIEM (Splunk, Fortinet, LogRhythm)

Results

The surveyed company achieved the following results with CyberArk:

  • Reports that since adopting CyberArk to manage their privileged accounts and credentials, they are now significantly more secure.
  • Reports that since adopting CyberArk to secure their privileged accounts and credentials, the time and cost of audit reporting has reduced dramatically.
  • Reports that with CyberArk, the time required to manage and maintain privileged account and credential security has reduced dramatically.

CyberArk Customer Fact

Harris Corporation reports that since adopting CyberArk to secure their privileged accounts and credentials, the time and cost of audit reporting has reduced dramatically.

CyberArk Customer Testimonial

Old-school IT security focused almost exclusively on perimeter but the attack vector has shifted in the past decade to focus on internal threats via phishing, social engineering, etc. The combination of securely vaulting privileged credentials, requiring MFA access, session recording and isolation, and SIEM integration best protects our privileged accounts.

IAM/PAM Consultant, SecureITSource

CyberArk Case Study

Case Study: Global 500 E-Commerce Corporation

Introduction

This case study of a Global 500 E-Commerce Corporation is based on an April 2018 survey of CyberArk customers by TechValidate, a 3rd-party research service.

Cyberark is a user-friendly tool, we can easily do integration/implementations to protect our passwords in our environment compared with other tools.

Challenges

The business challenges that led the profiled company to evaluate and ultimately select CyberArk:

  • Resolved the following challenges after using CyberArk:
    • Unmanaged or unaudited third-party / remote vendor access
    • Too many endpoints with local administrator privileges
  • Adopted CyberArk’s privileged access security because of the following compelling business drivers:
    • Initiated a proactive security project
    • Wanted to be better prepared for an audit
  • Selected a solution for privileged access security to:
    • Limit the exposure of privileged credentials
    • Enforce strong passwords, store them in an encrypted vault, and rotate them
    • Simplify audit and compliance requirements
    • Remove hard-coded credentials from applications and scripts, including applications built using DevOps methodologies
    • Secure third-party access
    • Secure privileges on endpoints
    • Secure infrastructure and assets in the cloud
    • Secure privileged accounts and credentials for non-IT users (Finance, HR, Marketing)

Use Case

The key features and functionalities of CyberArk that the surveyed company uses:

  • Uses CyberArk for the following:
    • Securing privileged credentials in a vault
    • Rotating credentials based on policies
    • Securing and rotating shared service accounts
    • Securing credentials used by applications
    • Securing workstations by removing local privileges
  • Managing the following types of privileged accounts, credentials, and secrets with CyberArk in the next 12 to 18 months:
    • Domain admin accounts
    • Microsoft Windows admin accounts
    • NIX admin accounts (UNIX and Linux)
    • Network device accounts
    • Database or application admin accounts
    • Cloud admin consoles for IaaS or PaaS (Amazon Web Services, Microsoft Azure, Google Cloud, OpenShift, Pivotal Cloud Foundry)
    • SaaS accounts (Microsoft Office 365, Salesforce, Box, Concur)
    • Local admin accounts on workstations
    • Application credentials
    • SSH keys
  • Plans to integrate the following tools with CyberArk within the next 18 months:
    • The cloud (Amazon Web Services, Microsoft Azure, Google Cloud Platform)
    • Discovery (ForeScout, BMC)
    • Identity and access (Sailpoint, RSA)
    • SIEM (Splunk, Fortinet, LogRhythm)
    • Vulnerability management (Qualys, Rapid7, Tenable)

Results

The surveyed company achieved the following results with CyberArk:

  • Reports that since adopting CyberArk to manage their privileged accounts and credentials, they are now significantly more secure.
  • Reports that since adopting CyberArk to secure their privileged accounts and credentials, the time and cost of audit reporting has reduced a lot.
  • Reports that with CyberArk, the time required to manage and maintain privileged account and credential security has reduced.


More to Explore



About CyberArk

CyberArk is the only security company laser-focused on striking down targeted cyber threats, those that make their way inside to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk is trusted by the world’s leading companies — including more than 45% of the Fortune 100 companies — to protect their highest-value information assets, infrastructure and applications.

CyberArk Website   CyberArk Website