CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to protect against cyber threats before attacks can escalate and do irreparable business damage.
The use of third-party commercial off-the-shelf (COTS) applications in the management of networks has led many customers to ask CyberArk to help secure the privileged credentials used by these applications. These applications have access to virtually every asset in their IT environment, so managing and securing these credentials are part of enterprise-wide security programs.
COTS applications accessing privileged accounts require the same level of access permissions as human administrators to perform their functions. Manually managing these credentials without a privileged account security solution can be a labor-intensive effort. For example, passwords used for multiple application instances must all be rotated at the same time or else the applications will not be able to perform their tasks, resulting in lost time.
Through C3 Alliance, CyberArk’s Global Technology Partner Program, the CyberArk Application Identity Manager is now integrated with BMC Discovery to leverage centralized credential management for protected asset discovery. This is the result of customers asking for the ability to leverage CyberArk capabilities to secure and automatically manage privileged credentials used by the BMC solution.
The collaboration between CyberArk and BMC showcases how the C3 Alliance program gives customers the advantage of combined domain expertise which is used to determine the best options for providing effective discovery along with effective security.
Challenges of privileged credential management
Security mandates require that these credentials be securely stored and rotated. COTS applications use privileged credentials to perform daily activities such as resetting services, conducting scans, initiating backup and doing asset discovery.
Manually managing privileged credentials used by numerous applications is cumbersome. This can create problems including:
- Security risks of unsecured credentials and inadequate monitoring of privileged account activity
- Failed discovery scans because of improper credentials
- Lack of compliance with government and industry regulations and internal policy
Integrating for greater value and security
BMC Discovery offers organizations a holistic view of assets. Knowing the interrelations of assets provides the context to support decisions on data center consolidation, software licensing, support and decommissioning of assets, audit results and security assessments.
This virtual appliance must be configured with credentials to access systems. Through its integration with CyberArk Application Identity Manager, credentials are secured and customers eliminate the task of manually rotating credentials, getting the full value of automated secured discovery.
CyberArk Application Identity Manager eliminates hard-coded credentials (passwords and SSH keys) from application codes and configuration files. Credentials are secured in the CyberArk Secure Digital Vault and can be automatically rotated and managed according to an organization’s security policy, providing not only convenience and security but also ensuring compliance in audits.
Customers can take advantage of the integrated solutions in just a few steps:
Step 1: Install and configure BMC Discovery scanning appliances and CyberArk Application Identity Manager according to their installation guides.
Step 2: Configure CyberArk Application Identity Manager – Credential Provider in the Discovery scanning appliance for authenticated scans.
Step 3: Configure and schedule credential-protected discovery runs.
When Discovery is configured as a trusted application within the CyberArk Application Identity Manager, it safely retrieves credentials needed to perform in-depth discovery scans.
The integration of BMC Discovery and CyberArk Application Identity Manager offers several benefits including:
- Reduced risks and increased security through centrally managed and secured credentials,
- Accelerated deployment and return on investment of Discovery, and
- Regulatory and policy compliance.
Leveraging the CyberArk Application Identity Manager solution gives customers the full value of the BMC Discovery secured discovery solution.
These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.
See an error or have a suggestion? Please let us know by emailing email@example.com.