Register Now!

Please note we have made some changes to the OTFL webinar schedule.

Due to many requests to offer these sessions to accommodate different time zones, the cadence of the program has been modified. Webinars will be offered the first Tuesday of each month at both 9:00 am EST and 2:00 pm EST.

CyberArk's On The Front Lines series covers hot topics and details related to security exploits involving privileged accounts. The threat will be reviewed and then they'll dig into the CyberArk technology that will help you secure your systems from these risks. Below are the upcoming sessions.

In with the New Year – and a Faster, Simpler Approach

January 16 / 9am EST or 2pm EST

Examining security risks related to privileged credentials : David Adamczyk & Len Noe


Adamczyk - head shot v2.jpg 

We’ll kickoff the 2018 On The Front Lines program examining security risks associated with hot topics related to privileged credentials, and introduce simpler and faster methods for protecting these privileged accounts everywhere they are. During this session, we’ll demonstrate how our latest release simplifies privileged account security and improves the user experience for:

  • Cloud: basic Privileged Account Security hygiene
  • Integrations: vulnerability scanners and two-factor authentication
  • Quick wins: reduce the most risk for the least effort, first

OTFL Machine Learning Prevents Privilege Attacks at the Endpoint

February 6 / 9am EST or 2pm EST

Endpoint Application Risk Analysis Service: Stephen Lowing and Chuck McAllister



To address ongoing privilege account risk posed by evolving threat tactics, attend this session to learn how, through machine learning and cloud-based analytics, to stop attackers from gaining a foothold on endpoints. By detecting potentially malicious applications, timely, well-informed privilege and application control policy decisions can be made.

During this session we’ll demonstrate:

  • New threat detection capabilities that provide a risk framelet via a dashboard to indicate the
  • amount of accounts that are potentially exposed to credential theft. The ability to detect and control unknown applications from installing and running using file-based machine learning algorithms.

Detecting the Risk Obscured in Hidden Parts of Kerberos

March 6 / 9am EST or 2pm EST

A CyberArk Labs team presentation: Ido Hoorvitch & Lavi Lazarovitz


As long as Kerberos communication is not being decrypted, attackers get an opportunity to act freely using Kerberos without being detected because the encryption is being handed to them on a silver platter. Because Microsoft’s native software uses Kerberos, once control over a computer in a network is obtained, attackers can hide their activities and easily blend into a detection-less highway.

Attend this webinar presented by the CyberArk Labs team to learn how decrypting the Kerberos protocol can bridge the gap between attackers and the defensive side by providing the defenders a real view over the network.

Sprawl of Risks - Assess your Current Risk State using CyberArk DNA

April 3 / 9am EST or 2pm EST

Helping organizations broaden their visibility into privileged account risks: Joe Juette



CyberArk offers a FREE and easy-to-use standalone discovery and audit tool that automatically scans your network and assess your current risk state to determine how susceptible your organization is related to privileged account credential attacks. The tool generates a report and visual organizational maps that evaluate the privileged account security status in the organization and assists in helping you to prioritize what you should focus on first in a Privileged Account Security Program.

We’ll demonstrate how to discover the sprawl of the risks and learn how CyberArk DNA can:

  • Potential credential theft risks, including Golden Ticket, Pass-the-Hash, Pass-the-Ticket and Overpass-the-Hash attacks
  • Provide visibility into privileged accounts risks in DevOps tools by uncovering Hard-coded credentials in Ansible playbooks and discovering more using IP Range scan.
  • Scan to discover Mac OS local users.
  • Produce demo maps of Golden Ticket attack risk, SSH Key Trusts and Pass-the-Hash Vulnerabilities 
  • Gather data via an automated excel process for reviewing the DNA scan and prioritizing what to focus on first.

Integrating DevOps Secrets Management with Privileged Account Security

May 1 / 9am EST or 2pm EST

How to seamlessly extend existing privileged credential protection capabilities to dynamic DevOps environments: Joe Garcia


Through a new powerful integration with CyberArk Enterprise Password Vault and CyberArk Conjur Enterprise, organizations can automatically replicate secrets from the CyberArk Enterprise Password Vault to CyberArk Conjur Enterprise. This enables organizations to leverage their existing investments in CyberArk by using the CyberArk Enterprise Password Vault to manage and automatically rotate secrets in DevOps environments, based on policies established for the CyberArk Enterprise Password Vault.

In this webinar, we’ll show how to seamlessly extend existing privileged credential protection capabilities to dynamic DevOps environments. We’ll demonstrate how to:

  • Enable developers to meet security requirements by using APIs and code to easily secure secrets without impacting velocity
  • Automatically replicate secrets from the CyberArk Enterprise Password Vault to CyberArk Conjur Enterprise
  • Manage secrets in CyberArk Conjur Enterprise and securely deliver those secrets to applications and containers

CyberArk and ServiceNow Integration: Privileged Account Security at Lightspeed

November 14 / 2PM EST

Managing Privileged Accounts in ServiceNow Discovery, Geneva, and Helsinki: Pete Danner, CyberArk


Pete Danner.jpg
To maintain and repair IT systems and applications, tech support users need access to all types of privileged accounts. The CyberArk-ServiceNow integration is important as it provides privileged security protection related to tickets that require administrative access to IT infrastructure when backend systems require troubleshooting. This secures the credentials of privileged users who are accessing systems to fix reported issues.

ServiceNow Discovery software integrated with CyberArk Application Identity Manager provides organizations secure discovery and assessment based on privileged credentials that are securely stored and managed by the CyberArk solution. MID Server integration with the CyberArk vault enables Orchestration, Discovery, and Service Mapping to run without storing any credentials on the instance.

Attend this webinar to learn how this partner solution helps secure and manage privileged accounts in ServiceNow.

Rethink the Threat: A Single View into Privileged Account Risks

December 5 / 2PM EST

A purpose-built solution that provides complete proactive controls on privileged account usage: Ben Derr


Chris Anderson.jpg

Learn how you can identify your environment’s privileged account related risks, detect potential abuse and misuse of privileged accounts, and place the essential security controls from your endpoints all the way up to your critical assets.

Learn more about the integrations between Privileged Threat Analytics, Privileged Session Manager, and Endpoint Privilege Manager which will enable your security teams to effectively respond to these risks.

Golden SAML are the new Golden Tickets

December 12 / 2PM EST

Explore a new attack vector that CyberArk Labs has discovered and dubbed “golden SAML” : Vishal Patel



In this webinar, we will explore a new attack vector that CyberArk Labs has discovered and dubbed “golden SAML.” The vector enables an attacker to create a golden SAML, which is basically a forged SAML “authentication object,” and authenticate across every service that uses SAML 2.0 protocol as an SSO mechanism.

Our team from CyberArk Labs will discuss how in a golden SAML attack, attackers can gain access to any application that supports SAML authentication (e.g. Azure, AWS, vSphere, etc.) with any privileges they desire and be any user on the targeted application (even one that is non-existent in the application in some cases).

We’ll then demonstrate our new tool, shimit, that implements a golden SAML in order to compromise an AWS account from within a Microsoft domain.

Strengthening Machine Identity Protection – A Combined Venafi and CyberArk Application Identity Manager Solution

September 12 / 2PM EST

Perform sensitive renewal, replacement and rekey operations without administrator involvement: Brian Durkin (Venafi) Joe Garcia and Kevin Ross (CyberArk)


Kevin Ross.jpg

As part of your SSL/TLS certificate lifecycle management process, Venafi uses privileged credentials stored in the Venafi solution. Based on security and operational needs, CyberArk and Venafi developed a joint integration to automatically protect and manage these credentials in CyberArk, making them available to Venafi, as needed, based on organizations’ security policy. Join us and learn how to:

  • Securely store privileged credentials used by Venafi in the CyberArk solution
  • Automatically rotate credentials used by the Venafi solution
  • Automatically perform credential- protected certificate renewal and replacement operations

Curse of the typo! Automate repeated tasks to improve efficiency and reduce risk around user mistakes

September 19 / 2PM EST

Automate privilege tasks to avoid user error and costly outages: David Higgins


David Higgins.jpg

Daily repetitive tasks can be inadvertently damaging to a business caused by things human error (typos!) and abuse of privileged access (insider threats!). Automated task management, both in the cloud and on-premises, safeguards your remote vendors and internal users alike by automating manual sometimes critically sensitive privileged tasks while simultaneously improving workflow productivity.

Join this session to see how CyberArk can automate an array of regular tasks with a single click to establish user accountability and better protect your environment.

How Attackers are Using Domain Fronting to Abuse Content Delivery Networks (CDNs)

September 28 / 2PM EST

A Special Red Team OTFL Webinar: Shay Nahari


In this OTFL session, Shay Nahari, CyberArk’s Red Team lead, will present a new technique for domain fronting, which enables attackers to abuse Content Delivery Networks (CDNs) to mask malware command and control (C2) traffic. While many CDNs are potentially impacted, Akamai is one of the largest. During our research we identified tens of thousands of high reputation domains served by Akamai’s CDN that can be used for domain fronting.

This research demonstrates a new technique for hiding a C2 channel completely within a CDN. We will show POC tools that utilize this technique.

Security that Moves At DevOps Velocity

October 3 / 2PM EST

Join us for Part 1 of our OTFL DevOps Series: Jody Hunt and Evan Litwak


With the velocity of DevOps, in many cases companies are rolling out applications that fall outside of their normal stringent security policies. Business units are accepting that risk, because in companies where security stop applications rolling out, they lose competitive advantage, despite staying relatively risk free. What is needed is 1) for security, a tool set that allows them to extend our trust networks into a next gen I.T environment without inhibiting the speed/velocity of the cloud and DevOps teams; and 2) for DevOps/cloud teams, you want to be able to move at speed, without being concerned with manual security processes at every turn.

Attend Part 1 of our OTFL DevOps series to learn how CyberArk Conjur helps DevOps teams to secure their secrets, machine identities, and users in highly dynamic DevOps environments at scale

CyberArk Conjur - A library of validated integrations with CI/CD tools

October 17 / 2PM EST

Join us for Part 2 of our OTFL DevOps Series: Jody Hunt and Evan Litwak


In Part 2 of our DevOps series, we’ll demonstrate how developers can integrate Conjur into their projects with minimal effort.  In order to maintain the software delivery pipeline integrity and to help reduce security risks associated with unprotected privileged credentials embedded into applications, CyberArk Conjur immediately incorporates and mirrors privileged account security policies consistently across the DevOps ecosystem. Attend this session to learn how the CyberArk Conjur Solution:

  • Secures Build Products & CI/CD Tools
  • Provides RESTful API support for automated account provisioning of build products with orchestration tools
  • Removes credentials from code/configuration files
  • Reverts credentials back in case of disruption
  • Authenticates CI/CD tools, images and build product to maintain pipeline integrity
  • Enables credential-protected configuration and orchestration process

Building and Securing Cloud Workloads with AWS and CyberArk

October 24 / 2PM EST

Automating in AWS… with AWS: Andy Givens, CyberArk and Scot Ward, Amazon Web Services


Andy Givens.jpg
Amazon has set the stage for an evolution in cloud computing. Not only providing a low cost environment to run infrastructure, but by delivering services consumable directly by your application builders. But security of the cloud is a shared responsibility, and in a developer-centric world, organizations must provide security tools that entice developers to build securely, and make it easy to do so. Join speakers from CyberArk and AWS to learn how we work together to help organizations secure their application delivery and management.

The Personal Privileged Users: How to Manage Named Administrators

November 7 / 2PM EST

Mitigate the high risk that expose these users: David Higgins and Lars Melandar


David Higgins.jpg Lars jpg.jpg

Personal Privileged Users are Strong Named accounts that are owned by individuals in the organization. They could be Domain users that are member of the strongest groups in the ActiveDirectory, such as “Domain Admins”, but they could also be local users with highest permissions on Operating Systems including Unix/Linux and also on Corporate Business Applications.

This session will explore why the Personal Privileged Users are under the highest risk in your organization and how to mitigate those risks.


CyberArk is the only security company laser-focused on striking down targeted cyber threats, those that make their way inside to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk is trusted by the world's leading companies — including 45% of the Fortune 100 — to protect their highest-value information assets, infrastructure and applications.