CyberArk On The Front Lines Webcast Series

Privileged Account Security Best Practices for Robotic Process Automation: CyberArk Integration with UiPath

Tuesday, August 7th / 9am ET or 2pm ET

Examining security risks related to privileged credentials: Learn how to proactively secure, protect and monitor privileged credentials in RPA

RPA software interacts directly with business applications using credentials and entitlements, so this can introduce risks when the robots automate and perform routine business processes across multiple systems.

Learn about the vulnerabilities attackers seek out in RPA, and the methods you can employ to proactively secure, protect and monitor privileged credentials in RPA non-human user entities that mirror human entitlements. We’ll provide an overview and demo of the UiPath platform, show how the integration with CyberArk works and talk about how companies are using it.

During this session, you’ll learn:

How to secure RPA credentials using CyberArk and how to integrate with existing procedures and management policies
How to implement a seamless, out of box integration with UiPath (Demo)

OTFL Machine Learning Prevents Privilege Attacks at the Endpoint

February 6 / 9am ET or 2pm ET

Endpoint Application Risk Analysis Service: Stephen Lowing and Chuck McAllister

To address ongoing privilege account risk posed by evolving threat tactics, attend this session to learn how, through machine learning and cloud-based analytics, to stop attackers from gaining a foothold on endpoints. By detecting potentially malicious applications, timely, well-informed privilege and application control policy decisions can be made.

During this session we’ll demonstrate:

New threat detection capabilities that provide a risk framelet via a dashboard to indicate the
amount of accounts that are potentially exposed to credential theft. The ability to detect and control unknown applications from installing and running using file-based machine learning algorithms.

Detecting the Risk Obscured in Hidden Parts of Kerberos

March 6 / 9am EST or 2pm EST

A CyberArk Labs team presentation: Ido Hoorvitch & Lavi Lazarovitz

As long as Kerberos communication is not being decrypted, attackers get an opportunity to act freely using Kerberos without being detected because the encryption is being handed to them on a silver platter. Because Microsoft’s native software uses Kerberos, once control over a computer in a network is obtained, attackers can hide their activities and easily blend into a detection-less highway.

Attend this webinar presented by the CyberArk Labs team to learn how decrypting the Kerberos protocol can bridge the gap between attackers and the defensive side by providing the defenders a real view over the network.

CyberArk & SAP Certified Integration: Secure Critical Business Systems throughout the Enterprise

October 2 / 9am EST or 2pm EST

Presenter: Christian Goetz, CyberArk’s Director of Presales, DACH

Earlier this year, US-CERT and others warned organizations worldwide about ongoing and eminent cyber attacks targeting ERP applications. A critical part of running a business effectively, securing these high value applications and the related sensitive data they house is a major initiative for virtually every organization.

In this webinar, we’ll explain how organizations can effectively manage, secure and control the use of privileged accounts used by SAP applications and admin. CyberArk augments native SAP security features and best practices, enabling a holistic approach to enterprise security while addressing the elevated risks in an SAP environment.

We’ll discuss and demonstrate how to:

Integrate CyberArk & SAP
Discover and onboard SAP privileged accounts via native CyberArk REST API
Secure HANA and other SAP systems on the cloud
Control SAP applications’ and systems’ access throughout the infrastructure, operating system, and data center

Start-to-Finish Demo: Building Scripts with REST API – Session 2

November 6 / 9am EST or 2pm EST

Presenter: Joe Garcia, Strategic Accounts Solutions Engineer, DevOps Security, CyberArk

Would you like to learn how to build scripts that use the Enterprise Password Vault (EPV) REST API for automating account creation, user management and more? Back by popular demand, CyberArk’s Joe Garcia will lead an interactive session and demonstrate how to build an example project. In this session, Joe will demonstrate how to provision a local user on target machine and onboard that target user to the vault. He’ll explain how to identify repeatable tasks that are ripe for automation and then review the decomposition tasks/sub tasks.

Mind your Ps and Qs: Secrets Management for Applications, Tools, Containers and DevOps

April 9th / 9am ET or 2pm ET

Presenters: Joe Garcia, Strategic Solutions Engineer & James Creamer, Strategic Solutions Engineer

Be on your best behavior, the saying goes. In this session, we’ll highlight use cases and best practices for comprehensive privileged access as well as credential and secrets management for widely used applications, third party tools, containers and DevOps environments.

The CyberArk Application Access Manager, which combines CyberArk Application Identity Manager and Conjur Enterprise helps organizations to control, manage and audit non-human privileged access for a wide range of applications including in-house developed, COTS and dynamic containerized applications.

Fortunately, the security principles that protect human credentials can also apply to non-human credentials. However – due to higher performance and scale requirements and the special technologies required to strongly authenticate applications or code and other factors – protecting non-human credentials requires its own solution. Least privilege, role-based access controls, credential rotation, management and audit can all be applied to non-human credentials.

Key take-away points include:

Clear understanding of machine vs application identity
Benefits of agentless and agent-based solutions
When to use which credential and access provider
Next steps to take to secure your applications

Rethink the Threat: A Single View into Privileged Account Risks

February 5th / 9am EST or 2pm EST

A purpose-built solution that provides complete proactive controls on privileged account usage: Asaf Hecht, cyber researcher

The CyberArk Labs team recently released zBang – an open source tool designed to help security teams discover critical risks associated with privileged accounts. Organizations and red teamers can utilize zBang to identify potential attack vectors and improve the security posture of the network. The results can be analyzed with the graphic interface or by reviewing the raw output files.

In this session, our cybersecurity researcher will introduce the tool and demonstrate how it can be used to discover critical findings including:

The most privileged accounts that must be protected, including suspicious Shadow Admins.
Possible infected DCs with Skeleton Key malware.
Suspicious SID history with hidden privileges.
Risky configurations of SPNs that might lead to credential theft of domain admins.
Risky Kerberos delegation configurations in the network.

During the webinar, we will explain these threats and how to eliminate them with the help of the zBang tool.The tool is freely available on GitHub.

Spotlight on Administrator Rights and Credential Theft

May 7th / 2PM EST

Presenter: Chuck McAllister, National Strategic Advisor

With defense in depth as a mantra in security, organizations have a natural tendency to deploy a variety of solutions in their security portfolio. There is a fundamental layer of protection that many organizations miss - the removal of local administrative rights. In this presentation, we'll talk about why the removal the local admin rights is the foundation of endpoint security and highlight some of the threats that remain on the endpoint including credential theft.

While the removal of local admin rights greatly reduces the threats landscape, end users can still store a variety of passwords on their laptops. This might be corporate social media accounts, such as Twitter and Facebook, or administrative credentials stored in IT applications and remote access tools.

In this session, we’ll review:

How credentials are stored
How attackers can easily access credentials
How to prevent and audit this malicious behavior

For Cyber Attackers, Privilege Escalation is the Cherry on Top of the Cake.

June 4th / 9am ET or 2pm ET

Presenter: Eran Shimony, cyber researcher for CyberArk

Often, attackers need to achieve admin privilege in order to steal credentials, perform lateral movement and inflict maximum damage. There has been a significant rise in the awareness of the advantages of following the principle of least privilege – this awareness coupled with the improvements made to operating systems makes escalation attempts more challenging than ever before. Nonetheless, attackers are persistent and continue to discover new privilege escalation vulnerabilities on almost a weekly basis. Attend this webinar to better understand privilege escalation vulnerabilities. We will showcase real privilege escalation attacks, and we will give a technical demonstration of how an attacker might escalate privilege on a fully patched system:

Obtaining domain admin privileges by having local administrative rights.
Misconfiguration of SUID allows an attacker to gain Root privileges

Curse of the typo! Automate repeated tasks to improve efficiency and reduce risk around user mistakes

September 19 / 2PM EST

Automate privilege tasks to avoid user error and costly outages: David Higgins

Daily repetitive tasks can be inadvertently damaging to a business caused by things human error (typos!) and abuse of privileged access (insider threats!). Automated task management, both in the cloud and on-premises, safeguards your remote vendors and internal users alike by automating manual sometimes critically sensitive privileged tasks while simultaneously improving workflow productivity.

Join this session to see how CyberArk can automate an array of regular tasks with a single click to establish user accountability and better protect your environment.

How Attackers are Using Domain Fronting to Abuse Content Delivery Networks (CDNs)

September 28 / 2PM EST

A Special Red Team OTFL Webinar: Shay Nahari

In this OTFL session, Shay Nahari, CyberArk’s Red Team lead, will present a new technique for domain fronting, which enables attackers to abuse Content Delivery Networks (CDNs) to mask malware command and control (C2) traffic. While many CDNs are potentially impacted, Akamai is one of the largest. During our research we identified tens of thousands of high reputation domains served by Akamai’s CDN that can be used for domain fronting.

This research demonstrates a new technique for hiding a C2 channel completely within a CDN. We will show POC tools that utilize this technique.

Security that Moves At DevOps Velocity

October 3 / 2PM EST

Join us for Part 1 of our OTFL DevOps Series: Jody Hunt and Evan Litwak

With the velocity of DevOps, in many cases companies are rolling out applications that fall outside of their normal stringent security policies. Business units are accepting that risk, because in companies where security stop applications rolling out, they lose competitive advantage, despite staying relatively risk free. What is needed is 1) for security, a tool set that allows them to extend our trust networks into a next gen I.T environment without inhibiting the speed/velocity of the cloud and DevOps teams; and 2) for DevOps/cloud teams, you want to be able to move at speed, without being concerned with manual security processes at every turn.

Attend Part 1 of our OTFL DevOps series to learn how CyberArk Conjur helps DevOps teams to secure their secrets, machine identities, and users in highly dynamic DevOps environments at scale

CyberArk Conjur - A library of validated integrations with CI/CD tools

October 17 / 2PM EST

Join us for Part 2 of our OTFL DevOps Series: Jody Hunt and Evan Litwak

In Part 2 of our DevOps series, we’ll demonstrate how developers can integrate Conjur into their projects with minimal effort. In order to maintain the software delivery pipeline integrity and to help reduce security risks associated with unprotected privileged credentials embedded into applications, CyberArk Conjur immediately incorporates and mirrors privileged account security policies consistently across the DevOps ecosystem. Attend this session to learn how the CyberArk Conjur Solution:

Secures Build Products & CI/CD Tools
Provides RESTful API support for automated account provisioning of build products with orchestration tools
Removes credentials from code/configuration files
Reverts credentials back in case of disruption
Authenticates CI/CD tools, images and build product to maintain pipeline integrity
Enables credential-protected configuration and orchestration process

Building and Securing Cloud Workloads with AWS and CyberArk

October 24 / 2PM EST

Automating in AWS… with AWS: Andy Givens, CyberArk and Scot Ward, Amazon Web Services

Amazon has set the stage for an evolution in cloud computing. Not only providing a low cost environment to run infrastructure, but by delivering services consumable directly by your application builders. But security of the cloud is a shared responsibility, and in a developer-centric world, organizations must provide security tools that entice developers to build securely, and make it easy to do so. Join speakers from CyberArk and AWS to learn how we work together to help organizations secure their application delivery and management.

The Personal Privileged Users: How to Manage Named Administrators

November 7 / 2PM EST

Mitigate the high risk that expose these users: David Higgins and Lars Melandar

David Higgins.jpg Lars jpg.jpg

Personal Privileged Users are Strong Named accounts that are owned by individuals in the organization. They could be Domain users that are member of the strongest groups in the ActiveDirectory, such as “Domain Admins”, but they could also be local users with highest permissions on Operating Systems including Unix/Linux and also on Corporate Business Applications.

This session will explore why the Personal Privileged Users are under the highest risk in your organization and how to mitigate those risks.