CyberArk Achieves SOC 2 Type 2, SOC 3 Certifications for Its Identity Security Platform

Rhea-AI Summary

CyberArk (NASDAQ: CYBR) has successfully completed its Service Organization Control (SOC) 2 Type 2 and SOC 3 certifications, confirming its high security standards for its Identity Security platform. This includes expanded SOC 2 compliance for CyberArk Secure Web Sessions. The platform provides intelligent controls and continuous threat detection across the identity lifecycle, enabling Zero Trust and least privilege access. The certifications, conducted by A-LIGN Assurance, demonstrate CyberArk's commitment to security and compliance, ensuring the safeguarding of customer data.

Positive

• Achieved SOC 2 Type 2 and SOC 3 certifications, enhancing credibility.
• Expanded SOC 2 compliance to include Secure Web Sessions, improving product offering.
• Confirms CyberArk's commitment to high security standards for its Identity Security platform.

Negative

• None.

NEWTON, Mass. & PETACH TIKVA, Israel--(BUSINESS WIRE)-- CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced the successful completion of its Service Organization Control (SOC) 2 Type 2 and SOC 3 certifications, reinforcing the highest level of security controls for an Identity Security platform. CyberArk successfully achieved SOC 3 compliance while expanding SOC 2 compliance to include CyberArk Secure Web Sessions.

The CyberArk Identity Security Platform applies intelligent privilege controls to all identities – human and machine – with continuous threat detection and prevention across the entire identity lifecycle. With CyberArk, organizations can enable Zero Trust and least privilege with complete visibility, ensuring that every identity can securely access any resource, located anywhere, from everywhere.

With the completed examination, the following CyberArk Identity Security Platform offerings have achieved required compliance certification:

• CyberArk Secure Web Sessions, the newest CyberArk offering to achieve SOC 2 compliance, provides visibility into every action users take within web applications.
• CyberArk Workforce Identity unifies single sign-on, multi-factor authentication, session security and credential management with lifecycle management, identity orchestration and identity governance solutions in a single offering to provide simple and secure access to corporate resources.
• CyberArk Endpoint Privilege Manager removes local admin rights, enforces least privilege and implements foundational endpoint security controls across all operating systems from hybrid to cloud environments.
• CyberArk Privilege Cloud protects privileged access across all identities, infrastructures and apps from endpoint to the cloud.
• CyberArk Remote Access secures third-party access to critical internal resources with full session isolation, monitoring and auditing capabilities without the need for VPNs, passwords or agents.
• CyberArk Cloud Entitlements Manager removes excessive permissions across the cloud footprint.

“At CyberArk, we continually invest in our products to ensure we’re providing customers with the highest levels of security and compliance,” said Peretz Regev, chief product officer, CyberArk. “We believe in the Zero Trust motto ‘never trust, always verify,’ which is why we consistently and carefully evaluate our tools, year after year. Our aim is to verify what our customers already know – that our Identity Security platform delivers the world’s most advanced approach to securing all identities, anywhere.”

SOC Reports are standardized reports based on the Trust Services Principles established by the American Institute of CPAs (AICPA). SOC 2 Type 2 certification demonstrates that an independent auditing firm has reviewed, tested and examined CyberArk production services controls to ensure their operation is aligned with expected security standards. A SOC 3 report is a general use report of the SOC 2 reports that cover how CyberArk safeguards customer data and how well those controls operate.

The SOC 2 and SOC 3 examinations were conducted by A-LIGN ASSURANCE (“A-LIGN”), an independent auditing firm, in accordance with the American Institute of Certified Public Accountants (AICPA).

To learn more about CyberArk’s security, reliability, privacy and compliance policies, please visit the CyberArk Trust Center.

About CyberArk

CyberArk (NASDAQ: CYBR) is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit https://www.cyberark.com, read the CyberArk blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.

Copyright© 2023 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230316005182/en/

Media Contacts:

Carissa Ryan, CyberArk

Email: press@cyberark.com

Highwire PR

Email: cyberark@highwirepr.com

Investor Relations:

Erica Smith, CyberArk

Email: ir@cyberark.com

Source: CyberArk

FAQ

What certifications did CyberArk achieve?

CyberArk achieved SOC 2 Type 2 and SOC 3 certifications.

How does CyberArk enhance security for identities?

CyberArk's Identity Security platform enables Zero Trust and continuous threat detection.

What is the significance of SOC 2 Type 2 for CyberArk?

SOC 2 Type 2 certification demonstrates CyberArk's compliance with security standards.

Who conducted the SOC examinations for CyberArk?

The examinations were conducted by A-LIGN Assurance, an independent auditing firm.

What does the SOC 3 report cover for CyberArk?

The SOC 3 report provides information on how CyberArk safeguards customer data and the effectiveness of those controls.