The solution combines the application of unique and universal identities to all workloads with secrets management, reducing the complexity and risks associated with machine identity.
CyberArk (NASDAQ: CYBR), a global leader in identity security, has announced the launch of its Secure Workload Access Solution. This innovative platform offers the industry’s most comprehensive protection for all major non-human identities, providing security teams with enhanced visibility and control over the entire machine identity lifecycle—from creation and governance to automated rotation and renewal.
In cloud-native architectures, machine identities are proliferating across applications, workloads, and automated processes. Unlike solutions that focus on specific types of machine identities, CyberArk’s layered approach enables organizations to enforce the principle of least privilege, mitigate risks, and prevent credential-based attacks across all workloads in hybrid and multicloud environments.
Additionally, CyberArk has expanded its discovery and context capabilities, designed to assist security teams in taking initial steps to modernize workload authentication by assessing, understanding, and eliminating risks associated with unprotected machine identities. These automated features help teams generate an inventory of secrets, certificates, and environmental information, understand the vulnerability risk associated with each machine identity, and prioritize mitigation actions.
Also Read: C3 AI & Arcfield Partner to Boost AI for U.S. Defense
“Modern, cloud, and ephemeral workloads mean that authentication can be fragmented, making access control difficult and resulting in a large, unprotected attack surface that significantly increases the risk of breaches,” said Kurt Sand, General Manager, Machine Identity Security, CyberArk. “Recent high-profile attacks have highlighted the urgent need for a modern, identity-focused model that applies universal, unique workload identities to help organizations confidently secure workloads across their hybrid and multicloud estates.”
At the core of the Secure Workload Access Solution is the CyberArk Workload Identity Manager. This lightweight, distributed, cloud-native machine identity issuer goes beyond traditional public key infrastructure (PKI) systems, which cannot scale to meet the needs of ephemeral cloud workloads. The new solution will integrate Workload Identity Manager with CyberArk Secrets Manager to ensure secure access to all workloads as cloud-native and containerized environments expand.
CyberArk’s Secure Workload Access Solution will automatically identify workloads running in virtualized environments to access cloud services and cloud provider environments, securing dynamic, cloud-native workloads such as Kubernetes and service mesh.
The solution will enable:
-
Securing the connection of on-premises and cloud workloads, regardless of environment, with unique and universal SPIFFE identities that work with identities, applications, and workloads.
-
Automating the discovery and risk assessment of machine identities, including secrets and certificates, to prioritize mitigation actions.
-
Integrating with CyberArk Secrets Manager to manage and secure secrets across all workloads.
With this release, CyberArk continues to lead in providing robust identity security solutions that address the evolving challenges of securing machine identities in complex, hybrid, and multicloud environments.
