Application Identity Manager

The new approach really improves our ability to manage all access to privileged accounts.

Mike Brannon
Senior Manager of Information Systems
National Gypsum

Eliminate embedded application accounts for better security and compliance

Hard coded, embedded passwords in high risk applications are easily sought after and exploited by cyber attackers when left unprotected. CyberArk Application Identity Manager, part of the CyberArk Privileged Account Security Solution, eliminates embedded application accounts for better security and IT compliance with no impact on application performance or code changes. The product is built on the CyberArk Shared Technology Platform, delivering scalability, high availability and centralized management and reporting.

Across the enterprise numerous scripts, processes and applications need to access multi-platform resources to retrieve, process, transmit and store sensitive data. Such applications are granted use of privileged accounts, usually allowing unlimited access to sensitive business and customer information stored in corporate databases.

Enterprises can no longer only protect porous perimeters. Instead, they must accept that outsiders are already on the inside. Once inside, they immediately seek to hijack privileged accounts which can be found hard coded and in clear text in business critical applications. Not only are these credentials at risk from an outside attacker but even within the enterprise developers, IT personnel, DBAs, operational teams and more can view them to gain access to sensitive business data. As a result, regulatory bodies including PCI-DSS, SOX and Monetary Authority of Singapore are enforcing directives to secure privileged accounts and ensure strong authentication of the systems requesting the password.

Despite the sensitivity of privileged accounts in applications, enterprises fear to manage them due to the operational consequences such as recompiling, testing and redeploying business applications. Others don’t manage them due to lack of knowledge on the possible consequences and the potential downtime to systems. Without eliminating hard-coded and clear text passwords, changing factory default settings and frequently replacing privileged accounts embedded in application software, enterprises are putting themselves at a high risk of attack.

CyberArk Application Identity Manager enables organizations to protect the data residing in business systems by eliminating hard coded and visible credentials from application scripts, configuration files and software code with the most secure, flexible and robust authentication methods on the market while simplifying large scale projects. Enterprises can address the common challenges resulting from manually managing application-to-application identities including failed audits, elevated security risks and a general lack of accountability with a solution that guarantees service continuity across the enterprise application infrastructure.

Key Benefits

  • Minimize financial losses and reputational damage by eliminating hard coded and visible credentials from applications and scripts.
  • Enhance application security over multiple platforms and sites as your business grows in size and complexity.
  • Increase business continuity across your data center during application credentials management.

Application Identity Manager™ Features & Benefits