CyberArk (NASDAQ: CYBR), the global leader in privileged access management, today launched a free assessment offer to help SolarWinds Orion customers identify privileged access-related risk and implement steps to mitigate future exposure to a potential cyber attack.
To date, the supply chain attack involving SolarWinds Orion business software is believed to have impacted more than 18,000 organizations. The attackers were reportedly successful in infiltrating many high-profile public and private organizations using extremely sophisticated attack techniques, including the use of compromised privileged credentials to move laterally and vertically across the IT environment. With dramatic cloud migrations underway, and the adoption of transformative digital technologies, privileged accounts and credentials represent one of the largest attack surfaces for organizations today, which makes identifying and managing privileged access critical to disrupting the attack chain and maximizing risk mitigation.
A comprehensive Identity Security program that has privileged access management at its core is critical to helping address the gaps and vulnerabilities that the attackers in the SolarWinds breach exploited, including by gaining administrative access through compromised credentials and the escalation of privileges that allowed for both lateral and vertical movement.
To help organizations that have been affected by the SolarWinds Orion attack, CyberArk is offering the following:
- Privileged Access Management (PAM) Rapid Risk Assessment: A no cost assessment for organizations that were running the compromised Orion software in their environment. This assessment includes the CyberArk Discovery and Audit (DNA) tool run against a representative sample of their Windows IT infrastructure. Based on the scan, customers will receive curated remediation recommendations with several ‘sprint’ tactics for short-term success.
- Privileged Access Management (PAM) Rapid Risk Remediation: CyberArk and our certified partners can assist customers to prioritize PAM controls including credential management, multi-factor authentication, session isolation and least privilege on endpoints and servers for rapid risk reduction. Such measures will be based on findings from the organization’s incident response team and in alignment with the CyberArk Blueprint for PAM Success.
Only CyberArk combines deep Identity Security controls, privileged access remediation services and the expertise of the CyberArk Labs and CyberArk Red Team, to help organizations gain invaluable time by enabling them to detect attacks earlier and prevent attackers from reaching their end goal.
“With adoption of modern infrastructure and digital transformation, privilege is everywhere – from critical applications and IoT devices, to robotic process automation and DevOps tools. Attackers know this, which is why nearly all advanced attacks today rely on the exploitation of privileged credentials,” said Udi Mokady, founder and CEO, CyberArk. “The SolarWinds breach is yet another example of how attacks are becoming hyper-targeted with widespread impact. It is critical that organizations always ‘assume breach’ and that access to their sensitive data and systems is secured. These offerings are designed to not only improve their current security posture, but also help establish a strong foundation that can prevent against future compromise.”
There are immediate steps organizations can take to help minimize their exposure to this SolarWinds breach, while laying the foundation for longer-term, proactive strategies to help prevent the compromise of privileged credentials that could further disrupt the business. Those longer-term steps include: Deploying “least privilege” measures to servers and applications; Securing application credentials and continuous integration/development (CI/CD) pipelines; and Configuring Active Directory based on credential boundaries.
- CyberArk Blueprint for Privileged Access Management Success -The CyberArk Blueprint is a risk-based framework designed to secure privileged access by preventing credential theft, stopping lateral and vertical movement, and limiting privilege escalation and abuse.
- CyberArk Red Team Services – CyberArk Red Team services are designed to provide a safe way for security operations teams to simulate adversary operations and test their ability to effectively defend against cyber-attacks on their environments.
- CyberArk Labs – CyberArk Labs produces innovative research that examines emerging attack techniques that drives greater awareness and industry collaboration while helping to improve the overall security posture of companies everywhere.
CyberArk (NASDAQ: CYBR) is the global leader in privileged access management, a critical layer of IT security to protect data, infrastructure and assets across cloud and hybrid environments and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including more than 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan. To learn more about CyberArk, visit https://www.cyberark.com/, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.