CyberArk introduced CyberArk Secure Browser.
This first-of-its-kind Identity Security web browser enables
organizations to better protect against attacks with a flexible,
identity-based approach to securing employee and third-party access to
enterprise resources.
By
2030, enterprise browsers will be the core platform for delivering
workforce productivity and security software on managed and unmanaged
devices for a seamless hybrid work experience. Browsers
provide a vital connection between identities, applications and data,
making them a prominent attack vector and a target for cybercriminals -
especially in distributed, work-from-anywhere environments.
A rise in post-MFA authentication attacks targeting session cookies reinforces
the need for defense-in-depth strategies. Now, CyberArk is applying its
deep cybersecurity experience, history of Identity Security innovation
and intelligent privilege controls to web browsing. Part of the CyberArk Identity Security Platform,
the Chromium-based CyberArk Secure Browser supports enterprise Zero
Trust initiatives with integrated security, centralized policy
management and productivity tools while delivering a familiar user
experience. The CyberArk Identity Security Platform delivers the most
robust, layered approach to address the number one area of cybersecurity
risk: credential access.
CyberArk
Secure Browser is designed to eliminate existing security gaps between
consumer-focused browsers and SaaS applications, endpoint-based controls
and identity providers. By extending the CyberArk Identity Security
Platform to the browser itself, CyberArk makes it easy for IT teams to
tailor security, privacy and productivity controls on managed and
unmanaged devices. Key features include:
- Cookieless Browsing: Cookieless
browsing is a key differentiating feature that allows users to access
and use web-based resources without exposing cookie files to attackers.
The cookies will be stored remotely on CyberArk servers enabling secure
and seamless web browsing without saving cookie files on the endpoints.
This approach makes it difficult for attackers or third parties to
steal, forge, alter or manipulate cookies to gain unauthorized access to
sensitive resources and helps ensure that users' web sessions, data and
accounts remain confidential and secure.
- Data Exfiltration Protections: Companies
can control the browsing experience with fine-grained policies designed
to prevent data exfiltration attempts that can compromise corporate
data.
- Password Replacement: CyberArk Secure Browser features patent-pending password replacement functionality. Instead
of showing stored credentials for privileged resources or websites, the
browser displays a one-time alphanumeric string. This string works only
once, only in CyberArk Secure Browser and only for intended targets -
eliminating the possibility that end users will see these privileged
credentials in plain text.
- Extensibility: Third-party
identity providers and out-of-the-box integrations are supported with
the CyberArk Identity Security Platform solutions, including CyberArk Workforce Password Management and CyberArk Secure Web Sessions.
This allows companies to customize session protections, access controls
and credential management to each user based on their roles. It also
works in conjunction with CyberArk Endpoint Privilege Manager to mitigate potentially risky web access and vulnerable endpoints.
- Quick Access Bar: The
built-in quick access sidebar helps ensure end users can utilize their
Single Sign-On (SSO) credentials to securely access frequently used
apps, third-party tools and CyberArk privileged access management
resources directly from CyberArk Secure Browser with the click of a
button.
"CyberArk
is constantly innovating - working to protect our customers against
current cybersecurity risk and emerging threats. Based on trends
impacting hybrid work environments and research generated by our
CyberArk Labs and Red Team, developing an enterprise browser - with an
identity-first, security-first approach - was a natural progression for
our business," said Gil Rapaport, general manager, Access at CyberArk.
"CyberArk Secure Browser represents a new era of web browsing, where
security, privacy and productivity are the top priorities."
Dynamically
mirroring controls and access policies existing on Chrome and Edge
browsers that are already deployed on the end user's device, CyberArk
Secure Browser reduces IT overhead and accelerates the deployment
timeline for employees, contractors and vendors.
Planned
availability for CyberArk Secure Browser on Windows endpoints is by the
end of 2023. To learn more about CyberArk Secure Browser, please visit https://lp.cyberark.com/secure-browser-early-access.html.