Cyber-Ark is to launch real-time session monitoring capabilities that enable the immediate termination of suspicious activity.
Set to be released next week at the RSA Conference in San Francisco, the company said that its new capabilities will better isolate, control and monitor activity to protect databases, virtual environments, network devices and servers from insider threats and external cyber attacks.
Among the features are web-based application access and monitoring that allow administrators to connect to sensitive web applications using privileged single sign-on capabilities, and root-cause analysis to be quickly assessed through the ability to easily search, locate and alert on sensitive events.
Also, it said that users can record any activity that occurs in a privileged database session, creating a highly compressed and searchable DVR with all recordings stored in the tamper-proof Digital Vault Server and accessible for audits and reporting.
Cyber-Ark also said that the Privileged Session Management Suite can also be integrated with security information and event management (SIEM) tools for real-time alerting, including those from HP ArcSight, LogLogic, McAfee NitroSecurity, Q1Labs (an IBM company) and RSA enVision.
Roy Adar, vice-president of product management at Cyber-Ark Software, said: “When enabling connections to sensitive systems, whether locally or remotely for third parties, it's critical to ensure that the connection is secured and user credentials are never exposed to the end-user or reach the user's workstation.
“With our new real-time and granular command-level monitoring, organisations gain better security protection by being able to identify suspicious sessions in real time or search a recording at the command level and view it from that point in time for quicker and more efficient forensic analysis and compliance support.”