CyberArk Launches A.I Services to Automatically Restrict Unused Cloud Permissions

Date : 10-Nov-2020
Location: Singapore


CyberArk, the global leader in privileged access management

Key Takeaways:

CyberArk today announced CyberArk Cloud Entitlements Manager, the industry’s first privilege-based, artificial intelligence-powered service designed to strengthen the security of cloud environments.


  • Cloud Entitlements Manager caters continuous monitoring of cloud access, CyberArk enforces least privilege by identifying and removing excessive cloud permissions that can leave organizations vulnerable – significantly reducing risk and improving overall visibility and security.
  • It premises on Zero Trust and uses artificial intelligence to understand context and intent in order to properly assess risk and take appropriate actions.
  • Key features include centralized dashboard provides cloud-agnostic visibility and control across platforms.
  • It is offered as SaaS.

continuously detects hidden, misconfigured and unused cloud permissions
continuously detects hidden, misconfigured and unused cloud permissions


Chen Bitan, chief product officer, CyberArk,said,unregulated identity-based permissions would ultimately compromise an entire cloud environment.


  • According to a recent ESG survey, over-permissioned accounts and roles is the top-cited cloud service misconfiguration detected and overly permissive privileges is the most commonly cited type of cybersecurity attack against cloud applications and services experienced over the last 12 months.
  • For cloud, security and Identity and Access Management teams, the service drives increased productivity with a simple, intuitive user experience that includes a centralized dashboard with a single view of permissions across Amazon Web Services (AWS), including Amazon Elastic Kubernetes Service (Amazon EKS), Google Cloud Platform (GCP) and Microsoft Azure environments.

Best Practices:

  • In under an hour, CyberArk Cloud Entitlements Manager can be configured, provide an assessment of exposure levels and deploy granular remediations – quickly delivering exceptional customer value.
  • The cloud agnostic service continuously detects hidden, misconfigured and unused cloud permissions – improving security by providing a consistent approach to cloud least privilege.