CyberArk – Endpoint Privilege Manager 10.7
Tech update
CyberArk has released Endpoint Privilege Manager 10.7. New is this release: MacOS Agent enhancements; Rest APIs dor data extraction; New beta Threat Detection Policies; New user interface for the privileged managegement, application control and policy audit raw events; Security and performance improvements on the EPM Server, MaxOS Agents and Windows Agents.
What’s New in this Release
- MacOS Agent enhancements
- Application installations can be copied to the shared Applications directory.
- DMG file support:
- Block or Run DMG files based on file location and file name
- Elevate PKG files contained in a DMG file
- Rest APIs for data extraction – More products, services, and platforms are exposing their data and functionality via RESTful APIs. REST has emerged as the de-facto standard for building and exposing web APIs to enable third parties to hook into your data and functionality. Newly available APIs:
- Get aggregated events – This method retrieves the aggregated EPM events according to a predefined filter
- Get raw events – This method retrieves the raw EPM events per unique File ID and a predefined filter
- Get raw event data – This method retrieves full information for a specific event ID
- The following new beta Threat Detection Policies have been added:
- PuTTy Credentials Theft: PuTTy is a popular SSH client for Windows. The application stores private SSH keys and enables you to store passwords for proxy servers locally. Storing the private SSH keys or proxy passwords leaves user credentials exposed to attackers.
- Okta AD Agent Tamper Protection: Okta is an identity management solution that provides a single sign-on experience. OKTA has an AD Agent that manages connection from an Active Directory environment. The agent stores a token to the domain that can be abused by an attacker to steal user credentials from the domain.
- Total Commander Credentials Theft: Total Commander is a popular file manager for Windows that can also manage FTP connections. Users can choose to store their FTP server passwords locally using Total Commander, exposing their credentials to potential attackers running on the machine.
- UI Revamp – new user interface for the privilege management, application control and policy audit raw events (Inbox drill down)
- Security and performance improvements on the EPM Server, MacOS Agents, and Windows Agents.
- Bug fixes.