CyberArk (NASDAQ: CYBR), a global frontrunner in identity security, unveiled significant updates and innovative solutions at its IMPACT 2025 Conference. These enhancements focus on fortifying identity protection across all entities—human, artificial intelligence (AI), and machine identities—by introducing sophisticated privilege control mechanisms within a unified, integrated platform. As organizations grapple with an increasingly complex security landscape driven by growing numbers of human privileges, escalating reliance on machine identities, and the rapid expansion of Agentic AI, identities have become the preferred attack vector for cyber threats, underscoring the critical need for advanced identity management solutions.
Peretz Regev, CyberArk’s Chief Product and Technology Officer, highlighted the imperative of securing every identity comprehensively. He noted that, unlike traditional solutions, CyberArk uniquely delivers a unified suite of identity security features encompassing discovery, privilege control, policy automation, lifecycle management, governance, and compliance. This unified approach allows enterprises to effectively secure identities across their digital ecosystems while optimizing operational efficiency, reducing overhead, and streamlining previously fragmented security processes.
Central to these advancements is CyberArk CORA AI™, the platform’s enhanced artificial intelligence engine. CORA AI now features sophisticated AI-driven session audits to provide deeper security insights, intelligent policy recommendations derived from behavioral patterns and industry best practices, an intuitive natural language interface for streamlined setup and configuration, and rapid AI-enabled diagnostic and troubleshooting capabilities. Complementing CORA AI, the newly introduced Control Center acts as a centralized administrative hub, simplifying complex security workflows, enabling efficient access management across diverse environments, and significantly improving user experiences.
Moreover, the Identity Security Platform has dramatically expanded its discovery and context capabilities, introducing continuous monitoring and automated discovery of privileged accounts, digital secrets, certificates, software agents, workloads, and Active Directory accounts. This enhanced capability utilizes both native scanning agents and integrations with third-party security platforms such as Wiz, offering comprehensive visibility essential for proactive identity risk management.
In recognition of the distinct security risks presented by AI agents, CyberArk has launched Secure AI Agents—a groundbreaking solution specifically designed to address the nuanced security needs of agentic AI systems. These autonomous, interactive entities possess the potential to dramatically alter the enterprise security landscape, necessitating dedicated identity-first security frameworks. The Secure AI Agents solution provides essential features such as comprehensive visibility into both known and shadow AI agents, enforcement of least privilege access, robust credential management, real-time threat detection through behavioral analytics, and automated lifecycle management to continuously reduce the risk of outdated or unnecessary privileges. Furthermore, governance modules ensure these AI agents operate in alignment with stringent organizational policies and regulatory compliance requirements. Supporting this initiative, the CyberArk Labs AI Agent Toolset, available as open-source on GitHub, equips developers with tools to build secure AI agent ecosystems, identify vulnerabilities, and enhance transparency in agent communications.
CyberArk’s enhancements for human identity security are equally transformative. A new offering, Secure Workforce Unmanaged Endpoints, extends enterprise-grade protection to unmanaged and remote devices without necessitating direct IT intervention. Complementing this, Secure Web Sessions provides ongoing, in-depth security for unmanaged device access to SaaS and browser-based services. CyberArk has further strengthened its Just-in-Time (JIT) and Zero Standing Privilege Access controls, delivering highly granular control to protect cloud-based infrastructure and resources. Under Zero Standing Privilege, access entitlements are entirely eliminated, effectively safeguarding identities even if credentials become compromised. Additionally, modernized session management capabilities now offer reduced resource demands and superior usability, streamlining identity management processes.
Further bolstering human identity governance, CyberArk’s modernized Identity Governance and Administration (IGA) solution, powered by Zilla Security, accelerates identity provisioning processes, significantly reduces the time required for access reviews by up to 80%, and promises deployment speeds five times faster than traditional IGA systems.
For machine identity management, CyberArk introduced Secure Workload Access, a solution enabling security teams to maintain comprehensive control over machine identities throughout their entire lifecycle—from initial creation to automated renewal and rotation. In parallel, Secure All Secrets centralizes secrets management within complex hybrid and multi-cloud infrastructures, featuring streamlined authentication processes and enhanced performance at network edges. CyberArk’s Secrets Rotation Service delivers automated credential management via a SaaS-based approach, reinforcing organizational security and regulatory compliance. Furthermore, Secure Certificates and PKI proactively manages digital certificates and helps enterprises prepare for emerging post-quantum cryptographic standards, while Secure Cloud-Native Secrets and Certificates extend effective secret management to major cloud platforms including Google Cloud Platform, AWS, and Azure, offering simple one-click remediation capabilities for previously unmanaged AWS secrets.
Collectively, these groundbreaking capabilities demonstrate CyberArk’s commitment to empowering enterprises with sophisticated identity security solutions capable of effectively mitigating emerging threats, enhancing business resilience, and positioning organizations securely within a rapidly evolving technological landscape.
Leave a Reply