CyberArk Privileged Access Manager Self-Hosted v13.0 Release – FIPS Compliance and Improved Discovery
Version 13.0 of CyberArk Privileged Access Manager Self-Hosted includes significant enhancements to help customers secure their privileged accounts and credentials while satisfying audit and compliance.
The new release includes updated FIPS-validated libraries, improved accounts discovery and expanded privileged access management for AWS Access Keys, Microsoft Azure Passwords and Linux systems. Version 13.0 also improves operational efficiency by increasing concurrent sessions in Privileged Session Manager and enhancing outbound communication to SIEM in Privileged Threat Analytics.
Release highlights include:
IT Security Compliance
In this version, CyberArk has updated our current Object Module library to a validated FIPS certified version (140-2), helping organizations satisfy compliance mandates and adhere to Federal Information Security Modernization Act (FISMA) standards.
Security and Risk Reduction
This release improves access discovery for Windows and Linux systems, improving visibility and enabling secure management of privileged accounts and credentials. The Accounts Feed in the CyberArk Web Portal now allows customers to discover the following types of target accounts:
- Windows Server 2022 accounts and their dependencies
- Red Hat Enterprise Linux (RHEL) 7.9 and 8.2
- CentOs7
- SUSE 11 and 12
- Oracle Linux 6 and 7
Version 13.0 also introduces support to manage credentials for an expanded range of Linux target machines. This helps customers reduce the risk of compromised access to Linux systems. CyberArk plugins to securely manage SSH, Linux and Unix Keys now cover:
- Amazon Linux 2
- IBM AIX 7.3
- RHEL 8.4
Simultaneously, this release helps reduce the risk of compromised credentials in public cloud environments. Updated plugins for securely managing Microsoft Azure Passwords and AWS Access Keys enable more granular control of credentials in AWS and Azure environments.
Customers also benefit from enhanced threat detection capabilities in this release. CyberArk Privileged Threat Analytics (PTA) capabilities now offer enhanced outbound communication to customer Security Information and Event Management (SIEM) systems via new and enhanced syslog communication protocols. This expanded protocol support enables broader integrations with SIEM vendors, improving threat intelligence capabilities for security operations center (SOC) teams.
Administration and deployment of PTA are also easier than ever. This version continues the consolidation of PTA user interfaces and adds new REST APIs to simplify the administration of PTA, which can also now be deployed on RHEL 8.6 (and its binary-compatible forks).
Simplification and Operational Efficiency
Privileged Session Manager now supports a larger number of concurrent sessions per PSM server when using web application connections through Google Chrome. This makes web application connections notably more efficient.
Organizations using Credential Providers also benefit from another great simplification. Their customers now receive security best practices recommendations when configuring applications in the CyberArk Web Portal, which improves usability.
Finally, customers can now define the signing algorithm used for short-lived SSH certificates in Privileged Session Manager for SSH, improving customization of just-in-time access workflows for Linux systems.
Find more on the latest Privileged Access Manager Self-Hosted release at CyberArk Docs.