Cybersecurity News that Matters

Cybersecurity News that Matters

CyberArk Bolsters Identity Security Platform with New Capabilities for Human, AI and Machine Identities

by Business Wire

Apr. 11, 2025
5:52 AM GMT+9

Unified platform provides the most comprehensive capabilities for securing all identities in an era of escalating threats and rapid change

BOSTON–(BUSINESS WIRE)–CyberArk (NASDAQ: CYBR), the global leader in identity security, today at its IMPACT 2025 Conference, announced new solutions and capabilities across its Identity Security Platform, enabling organizations to secure all identities – human, AI and machine – with the right level of privilege controls. The innovations add expanded, deeper functionality across human and machine identities and will extend identity security capabilities to AI Agents – all from a unified platform.




In today’s exponential era, characterized by an escalating threat landscape, proliferation of human privileges, rise of machine identities and the emergence of Agentic AI, identities continue to be a primary target for attackers. The innovations introduced by CyberArk are in response to these market dynamics, all of which create increased risk for organizations. By securing every identity – human, AI and machine – with best-in-class security controls, enterprises can protect their critical assets, mitigate risk and increase business resiliency.

“Security teams require identity security capabilities that extend to all identities, including human, AI and machine, because any identity can become privileged and all identities carry risk,” said Peretz Regev, Chief Product and Technology Officer, CyberArk. “Only CyberArk provides core capabilities across discovery and context, privilege controls, policy automation, lifecycle management and governance and compliance from a single, unified platform. Our approach enables organizations to consolidate previously siloed capabilities to truly secure all identities, along with optimal efficiency and effectiveness.”

New Platform Capabilities

  • CyberArk CORA AI™, which boosts platform performance, efficiency and security, has been enhanced with the following:

    • AI-based session audits for deeper insights
    • Policy recommendations based on activity patterns and best practices
    • Natural language interface for configuration and setup
    • Troubleshooting and diagnostic support—at the speed of AI
  • Control Center is a new centralized hub that provides guided workflows to streamline administration, manage access across environments, and improve both end-user and admin experiences.
  • Discovery and Context has been enhanced with continuous discovery across privilege accounts, secrets, certificates, agents, workloads and Active Directory accounts, through native scanners and agents, as well as through integration with 3rd parties such as Wiz.

New for Securing AI Agents

  • Secure AI Agents1 is a new solution that will allow organizations to implement identity-first security for agentic AI to address the unique challenges and evolving attack surface posed by millions of autonomous, adaptable and interactive AI agents needing privileged access to dynamic AI-driven ecosystems. The new solution will leverage the breadth of intelligent privilege controls offered by the CyberArk Identity Security Platform to enable:

    • Discovery and context to provide observability into known and shadow agents, and agentic infrastructure
    • Secure access management controls to enforce least privilege and manage credentials for agents with privileged access
    • Threat detection and response privilege controls for real-time behavioral monitoring to detect drift and prevent misuse
    • Automated lifecycle management to help eliminate stale or excessive access for the entire agentic population
    • Governance to ensure AI Agents operate in compliance with organizational and regulatory requirements.
  • CyberArk Labs AI Agent Toolset is a new set of open-source tools designed to assist developers in building AI agent environments by providing a view of how they communicate and highlight potential risks that may require attention. It is available on the CyberArk GitHub account.

New for Securing Human Identities

  • Secure Workforce Unmanaged Endpoints is a new solution that extends enterprise-grade identity security to unmanaged devices without requiring IT to control them through non-intrusive, layered identity security controls. In addition, Secure Web Sessions now delivers deep, continuous protection for unmanaged devices for SaaS and browser-based access.
  • Just-in-Time and Zero Standing Privilege Access are now extended to enable granular control for multiple roles accessing cloud infrastructure, services and workloads. With Zero Standing Privilege, entitlements don’t exist, so there are no permissions or privileges, safeguarding identities even if credentials are compromised.
  • Privilege Controls include new modern session management capabilities that reduce ownership costs and enhance the user experience for managing access to infrastructure and cloud with a lower-footprint connector.
  • Modern Identity Governance & Administration (IGA), powered by Zilla Security:

    • Accelerates provisioning and access reviews.
    • Reduces access review effort by 80%.
    • Delivers five times faster deployment than legacy IGA systems.

New for Securing Machine Identities

  • Secure Workload Access2 is a new solution that will allow security teams to gain visibility and control over the entire machine identity lifecycle, from creation and governance to automated rotation and renewal.
  • Secure All Secrets is a new solution that centralizes secrets management across hybrid and multi-cloud environments, with a new authenticator wizard and improved edge performance.
  • Policy Automation is enhanced with Secrets Rotation Service, a new SaaS-based approach to managing credentials and policies across environments. This service secures privileged credentials stored in CyberArk Privileged Access Manager, improving security, compliance and efficiency by enforcing policies and regulations.
  • Secure Certificates and PKI is a new solution that automates certificate lifecycle management and prepares enterprises for post-quantum cryptography.
  • Secure Cloud-Native Secrets and Certificates now discovers and manages native cloud secrets across GCP, AWS, and Azure—with one-click remediation of unmanaged AWS secrets.

1 Solution capabilities will be available to customers at the end of 2025.

2CyberArk Secure Workload Access Solution is currently in early availability. An early availability program enables select customers to access technologies before they become generally available.

About CyberArk

CyberArk (NASDAQ: CYBR) is the global leader in identity security, trusted by organizations around the world to secure human and machine identities in the modern enterprise. CyberArk’s AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With CyberArk, organizations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at cyberark.com.

Copyright © 2025 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders. This release is for informational purposes only, and represents CyberArk’s current view of its innovation direction. It is not a commitment or an obligation to deliver any product or functionality. The development, release, timing, if any, of any future innovation or product remains at our sole discretion and may be subject to applicable fees.

Cautionary Language Concerning Forward-Looking Statements

This release contains forward-looking statements, which express the current beliefs and expectations of CyberArk’s (the “Company”) management. In some cases, forward-looking statements may be identified by terminology such as “believe,” “may,” “estimate,” “continue,” “anticipate,” “intend,” “should,” “plan,” “expect,” “predict,” “potential” or the negative of these terms or other similar expressions. Such statements involve a number of known and unknown risks and uncertainties that could cause the Company’s future results, levels of activity, performance or achievements to differ materially from the results, levels of activity, performance or achievements expressed or implied by such forward-looking statements. Important factors that could cause or contribute to such differences include, but are not limited to: risks related to the Company’s acquisitions of Venafi Holdings, Inc. (“Venafi”) and Zilla Security Inc. (“Zilla”), including potential impacts on operating results; challenges in retaining and hiring key personnel and maintaining business; risks related to the successful integration of Venafi’s or Zilla’s operations and the ability to realize anticipated benefits of the combined operations; disruption of the current plans and operations of the Company and/or Zilla as a result of the announcement of the transaction, including risks of cyberattacks; changes to the drivers of the Company’s growth and the Company’s ability to adapt its solutions to the information security market changes and demands, including artificial intelligence (“AI”); the Company’s ability to acquire new customers and maintain and expand the Company’s revenues from existing customers; intense competition within the information security market; real or perceived security vulnerabilities, gaps, or cybersecurity breaches of the Company, or the Company’s customers’ or partners’ systems, solutions or services; risks related to the Company’s compliance with privacy, data protection and AI laws and regulations; the Company’s ability to successfully operate its business as a subscription company and fluctuation in its quarterly results of operations; the Company’s reliance on third-party cloud providers for its operations and software-as-a-service (“SaaS”) solutions; the Company’s ability to hire, train, retain and motivate qualified personnel; the Company’s ability to effectively execute its sales and marketing strategies; the Company’s ability to find, complete, fully integrate or achieve the expected benefits of additional strategic acquisitions; the Company’s ability to maintain successful relationships with channel partners, or if the Company’s channel partners fail to perform; risks related to sales made to government entities; prolonged economic uncertainties or downturns; the Company’s history of incurring net losses, the Company’s ability to generate sufficient revenue to achieve and sustain profitability and the Company’s ability to generate cash flow from operating activities; regulatory and geopolitical risks associated with the Company’s global sales and operations; risks related to intellectual property claims; fluctuations in currency exchange rates; the ability of the Company’s products to help customers achieve and maintain compliance with government regulations or industry standards; the Company’s ability to protect its proprietary technology and intellectual property rights; risks related to using third-party software, such as open-source software; risks related to stock price volatility or activist shareholders; any failure to retain the Company’s “foreign private issuer” status or the risk that the Company may be classified, for U.S. federal income tax purposes, as a “passive foreign investment company”; changes in tax laws; the Company’s expectation to not pay dividends on the Company’s ordinary shares for the foreseeable future; risks related to the Company’s incorporation and location in Israel, including wars and other hostilities in the Middle East; and other factors discussed under the heading “Risk Factors” in the Company’s most recent annual report on Form 20-F filed with the Securities and Exchange Commission. Forward-looking statements in this release are made pursuant to the safe harbor provisions contained in the U.S. Private Securities Litigation Reform Act of 1995. These forward-looking statements are made only as of the date hereof, and the Company undertakes no obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise, except as required by applicable law.

Contacts

Investor Relations:
Srinivas Anantha, CFA

CyberArk

617-558-2132

[email protected]

Media:
Rachel Gardner

CyberArk

603-531-7229

[email protected]

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Business Wire
    : Author

    Business Wire, a Berkshire Hathaway company, is the global leader in press release distribution and regulatory disclosure. Public relations, investor relations, public policy and marketing profession...

    View all posts
Author:
Stay Ahead with The Readable's Cybersecurity Insights