CyberArk Unveils First-Of-Its-Kind Machine Identity Security Solution To Secure Workloads Across Every Environment
CyberArk (NASDAQ: CYBR) has unveiled its groundbreaking Secure Workload Access Solution, designed to provide comprehensive protection for non-human identities across hybrid and multi-cloud environments. The solution combines Workload Identity Manager with CyberArk Secrets Manager to address the growing challenges of machine identity security in cloud-native architectures.
The new platform offers automated discovery capabilities to help security teams assess and mitigate risks associated with unprotected machine identities. Key features include:
- Unique and universal SPIFFE identities for workload authentication
- Seamless integration with existing identity systems and cloud services
- Automated inventory of secrets and certificates
- Risk assessment and prioritization capabilities
Currently in early availability, the solution aims to reduce machine identity complexity while enforcing least privilege access and preventing credential-based attacks across all environments.
CyberArk (NASDAQ: CYBR) ha presentato la sua innovativa Soluzione per l'Accesso Sicuro ai Carichi di Lavoro, progettata per fornire una protezione completa per le identità non umane in ambienti ibridi e multi-cloud. La soluzione combina Workload Identity Manager con CyberArk Secrets Manager per affrontare le crescenti sfide della sicurezza delle identità delle macchine nelle architetture cloud-native.
La nuova piattaforma offre capacità di scoperta automatizzata per aiutare i team di sicurezza a valutare e mitigare i rischi associati alle identità delle macchine non protette. Le caratteristiche principali includono:
- Identità SPIFFE uniche e universali per l'autenticazione dei carichi di lavoro
- Integrazione fluida con i sistemi di identità esistenti e i servizi cloud
- Inventario automatizzato di segreti e certificati
- Capacità di valutazione e prioritizzazione del rischio
Attualmente in disponibilità anticipata, la soluzione mira a ridurre la complessità delle identità delle macchine garantendo l'accesso con il minimo privilegio e prevenendo attacchi basati su credenziali in tutti gli ambienti.
CyberArk (NASDAQ: CYBR) ha presentado su innovadora Solución de Acceso Seguro a Cargas de Trabajo, diseñada para proporcionar una protección integral para identidades no humanas en entornos híbridos y multi-nube. La solución combina Workload Identity Manager con CyberArk Secrets Manager para abordar los crecientes desafíos de la seguridad de la identidad de las máquinas en arquitecturas nativas de la nube.
La nueva plataforma ofrece capacidades de descubrimiento automatizado para ayudar a los equipos de seguridad a evaluar y mitigar los riesgos asociados con identidades de máquinas no protegidas. Las características clave incluyen:
- Identidades SPIFFE únicas y universales para la autenticación de cargas de trabajo
- Integración fluida con sistemas de identidad existentes y servicios en la nube
- Inventario automatizado de secretos y certificados
- Capacidades de evaluación y priorización de riesgos
Actualmente en disponibilidad temprana, la solución tiene como objetivo reducir la complejidad de la identidad de las máquinas mientras se aplica el acceso con el menor privilegio y se previenen ataques basados en credenciales en todos los entornos.
CyberArk (NASDAQ: CYBR)는 혁신적인 안전한 작업 부하 접근 솔루션을 발표했습니다. 이 솔루션은 하이브리드 및 멀티 클라우드 환경에서 비인간 정체성을 포괄적으로 보호하도록 설계되었습니다. 이 솔루션은 Workload Identity Manager와 CyberArk Secrets Manager를 결합하여 클라우드 네이티브 아키텍처에서 기계 정체성 보안의 증가하는 문제를 해결합니다.
새로운 플랫폼은 보안 팀이 보호되지 않은 기계 정체성과 관련된 위험을 평가하고 완화하는 데 도움을 주기 위해 자동화된 탐지 기능을 제공합니다. 주요 기능은 다음과 같습니다:
- 작업 부하 인증을 위한 고유하고 보편적인 SPIFFE 정체성
- 기존 정체성 시스템 및 클라우드 서비스와의 원활한 통합
- 비밀 및 인증서의 자동화된 인벤토리
- 위험 평가 및 우선 순위 지정 기능
현재 초기 제공 중인 이 솔루션은 기계 정체성의 복잡성을 줄이는 동시에 최소 권한 접근을 시행하고 모든 환경에서 자격 증명 기반 공격을 방지하는 것을 목표로 하고 있습니다.
CyberArk (NASDAQ: CYBR) a dévoilé sa Solution d'Accès Sécurisé aux Charges de Travail révolutionnaire, conçue pour fournir une protection complète des identités non humaines dans des environnements hybrides et multi-cloud. La solution combine Workload Identity Manager avec CyberArk Secrets Manager pour répondre aux défis croissants de la sécurité des identités des machines dans les architectures cloud-native.
La nouvelle plateforme offre des capacités de découverte automatisée pour aider les équipes de sécurité à évaluer et atténuer les risques associés aux identités de machines non protégées. Les principales caractéristiques incluent:
- Identités SPIFFE uniques et universelles pour l'authentification des charges de travail
- Intégration fluide avec les systèmes d'identité existants et les services cloud
- Inventaire automatisé des secrets et certificats
- Capacités d'évaluation et de priorisation des risques
Actuellement en disponibilité précoce, la solution vise à réduire la complexité des identités des machines tout en appliquant un accès avec le moindre privilège et en empêchant les attaques basées sur des identifiants dans tous les environnements.
CyberArk (NASDAQ: CYBR) hat seine bahnbrechende Sichere Arbeitslastzugangslösung vorgestellt, die umfassenden Schutz für nicht-menschliche Identitäten in hybriden und Multi-Cloud-Umgebungen bieten soll. Die Lösung kombiniert Workload Identity Manager mit CyberArk Secrets Manager, um die wachsenden Herausforderungen der Maschinenidentitätssicherheit in cloud-nativen Architekturen anzugehen.
Die neue Plattform bietet automatisierte Entdeckungsfunktionen, um Sicherheitsteams bei der Bewertung und Minderung von Risiken im Zusammenhang mit ungeschützten Maschinenidentitäten zu unterstützen. Zu den wichtigsten Funktionen gehören:
- Einzigartige und universelle SPIFFE-Identitäten zur Authentifizierung von Arbeitslasten
- Nahtlose Integration mit bestehenden Identitätssystemen und Cloud-Diensten
- Automatisiertes Inventar von Geheimnissen und Zertifikaten
- Risikobewertung und Priorisierungsfunktionen
Aktuell in der frühen Verfügbarkeit zielt die Lösung darauf ab, die Komplexität von Maschinenidentitäten zu reduzieren, während der Zugriff mit minimalen Rechten durchgesetzt und anmeldebezogene Angriffe in allen Umgebungen verhindert werden.
- First-to-market comprehensive machine identity security solution
- Addresses growing market need in cloud security
- Automated risk assessment and mitigation capabilities
- Integration with existing security infrastructure
- Product still in early availability phase, not yet generally available
- May face adoption challenges in organizations with legacy systems
Insights
CyberArk's new Secure Workload Access Solution represents a significant advancement in machine identity security, addressing a critical vulnerability in modern cloud architectures. The solution tackles the rapidly growing problem of machine identity proliferation across hybrid and multi-cloud environments - a major attack vector highlighted in recent high-profile breaches.
What makes this solution technically distinctive is its comprehensive approach combining SPIFFE-based universal identities with secrets management. This integration provides continuous protection throughout the entire machine identity lifecycle, from creation through governance to automated rotation. Most competing solutions focus on specific identity types or environments, while CyberArk's approach covers all non-human identities across diverse environments.
The enhanced discovery capabilities with contextual risk assessment represent a substantial improvement over basic scanning tools. By automating inventory generation and risk prioritization, security teams can effectively identify vulnerable machine identities and prioritize remediation efforts.
The strategic timing is noteworthy as organizations increasingly adopt cloud-native architectures with ephemeral workloads, creating authentication challenges that traditional security models struggle to address. CyberArk's solution enables organizations to establish unique workload identities that function across environments, significantly reducing complexity and improving security posture.
While currently in early availability rather than general release, this product positions CyberArk to capture growing market demand for comprehensive machine identity protection.
CyberArk's Secure Workload Access Solution addresses a critical gap in the enterprise security landscape. As organizations accelerate digital transformation initiatives, the explosion of machine identities has created significant blind spots and vulnerabilities that attackers increasingly exploit.
This solution's strategic value lies in its unified approach to machine identity management. By integrating Workload Identity Manager with Secrets Manager, CyberArk eliminates the fragmentation that typically occurs when different tools manage different types of machine identities. This integration reduces operational complexity while enhancing security - a rare combination in enterprise solutions.
The SPIFFE-based architecture represents a forward-thinking approach to machine authentication. By implementing a standardized, platform-agnostic identity framework, CyberArk enables consistent security controls across hybrid infrastructure, eliminating authentication silos that create security gaps between environments.
The discovery capabilities with contextual risk assessment deliver immediate business value by providing visibility into previously undetected vulnerabilities. This allows security teams to focus remediation efforts where they matter most.
For enterprises struggling with multi-cloud complexity, this solution offers a path to streamline secure access management through a consistent identity model across all environments. This addresses a significant pain point for organizations trying to maintain security without impeding cloud-native development.
The early availability program signals market readiness while allowing CyberArk to refine the offering with select customers before wider deployment.
- Platform delivers the industry's most comprehensive protection for all non-human identities that matter
- Combines the application of unique and universal identities to all workloads with secrets management, reducing machine identity complexity and risk
- New discovery capabilities to provide contextual understanding of workload identity risk
Machine identities proliferate in cloud-native architectures, including applications, workloads, and automated processes. Unlike solutions focusing on singular machine identity types, CyberArk's layered approach will enable organizations to enforce least privilege, mitigate risk, and prevent credential-based attacks for all workloads across hybrid and multi-cloud environments.
In addition, CyberArk has extended its discovery and context capabilities, designed to help security teams take the first steps to modernize workload authentication by assessing, understanding and eliminating risks tied to unprotected machine identities. These automated capabilities help teams generate an inventory of secrets, certificates and information about their environment, understand the risk of compromise tied to each machine identity and prioritize mitigation actions.
"Modern, cloud and ephemeral workloads mean authentication can be fragmented, making access control challenging and resulting in a large, unprotected attack surface that dramatically increases the risk of breaches," said Kurt Sand, GM of Machine Identity Security at CyberArk. "Recent high-profile attacks have highlighted the urgent need for a modern, identity-first model that enforces universal and unique workload identities to help organizations confidently secure workloads across their entire hybrid and multi-cloud estate."
The core of the Secure Workload Access Solution is CyberArk Workload Identity Manager. This lightweight, distributed, and cloud-native machine identity issuer goes beyond traditional Public Key Infrastructure (PKI) systems that cannot scale to the needs of ephemeral cloud workloads. The new solution will integrate Workload Identity Manager with CyberArk Secrets Manager, enabling secure access for all workloads as cloud-native and containerized environments grow.
The CyberArk Secure Workload Access Solution will allow workloads running in virtualized environments to be automatically identified for access to cloud services and cloud provider environments, securing dynamic, cloud-native workloads like Kubernetes and service mesh. It will provide the capability to:
- Securely connect on-premises and cloud workloads across environments with unique and universal SPIFFE2 identities that work with existing identities, applications, clouds and SaaS services.
- Integrate seamlessly with secrets management for existing API key and access token authentication, as well as other secrets.
- Discover and assess risk across all workloads, making it easier to detect threats, enforce security policies and prevent unauthorized access.
Further information:
- Learn more about the CyberArk Secure Workload Access Solution
- Join CyberArk's Secure Workload Access Partner Program
- Blog: CyberArk's Vision to Pioneer Secure Access for Workloads
- Blog: Discovery Alone Is Not Enough: You Need Context to Secure Machine Identities
1The CyberArk Secure Workload Access Solution is currently in early availability. An early availability program enables select customers to access technologies before they become generally available.
2Secure Production Identity Framework For Everyone (SPIFFE).
About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in identity security, trusted by organizations around the world to secure human and machine identities in the modern enterprise. CyberArk's AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With CyberArk, organizations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at cyberark.com.
Copyright © 2025 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250410235752/en/
Investor Relations:
Srinivas Anantha, CFA
CyberArk
617-558-2132
ir@cyberark.com
Media:
Rachel
CyberArk
603-531-7229
press@cyberark.com
Source: CyberArk
FAQ
What is CyberArk's new Secure Workload Access Solution and how does it protect machine identities?
How does CYBR's Workload Identity Manager differ from traditional PKI systems?
What are the key features of CYBR's new machine identity security solution?
When will CYBR's Secure Workload Access Solution be generally available?
