The increasing complexity of cloud-native architectures has created a pressing need for comprehensive protection of machine identities. CyberArk, a leading provider of identity security solutions, has responded to this challenge by unveiling its new Secure Workload Access Solution. This solution is designed to provide universal, layered protection for machine identities in hybrid and multi-cloud environments. CyberArk’s Secure Workload Access Solution is built around a universal, layered model of protection, unlike other solutions that focus on specific identity types. This approach will apply a multi-layered model of protection to deliver comprehensive protection for machine identities, ranging from creation and governance to automated credential rotation and renewal.
The rapid proliferation of machine identities in modern cloud-native architectures has created a significant security risk. Automated processes, applications, and workloads all require secure authentication and access controls, but traditional solutions often fail to scale to meet these needs.
According to Kurt Sand, General Manager of Machine Identity Security at CyberArk, the company’s approach to machine identity security is focused on providing a universal, identity-first model that enforces unique workload identities to help organisations confidently secure workloads across their entire hybrid and multi-cloud estate. Recent high-profile attacks have highlighted the urgent need for a modern, identity-first model that enforces universal and unique workload identities. CyberArk’s Secure Workload Access Solution aims to address this need by providing a comprehensive and universal approach to machine identity security.
- A key component of the Secure Workload Access Solution is the CyberArk Workload Identity Manager, a lightweight and cloud-native issuer of machine identities.
- This tool is designed to go beyond the capabilities of traditional Public Key Infrastructure (PKI) systems, which often fail to scale to the needs of cloud environments where workloads are dynamic and short-lived.
The CyberArk Workload Identity Manager integrates with CyberArk’s Secrets Manager, offering secure access management for all workloads. This integrated solution enables organisations to expand their use of cloud-native and containerised technologies while maintaining strong security controls.
| CyberArk Secure Workload Access Solution | Key Features: | |
| Secure connection of on-premises and cloud workloads using SPIFFE (Secure Production Identity Framework For Everyone) identities. | Support for Kubernetes and service mesh, enabling real-time protection for dynamic cloud-native applications. | Integration with secrets management, enabling authentication via API keys, access tokens and other confidential information. |
In addition to access control, CyberArk’s Secure Workload Access Solution offers expanded discovery and context capabilities. These features enable security teams to begin modernising their approach to workload authentication by identifying and evaluating the risks associated with unprotected machine identities.
- Key Benefits:
While the Secure Workload Access Solution is currently only available to select customers through an early availability program, CyberArk suggests its full release will offer new tools for enterprises aiming to secure an increasingly complex and automated digital landscape. The launch reflects CyberArk’s broader identity security strategy, which focuses on intelligent privilege controls across human and machine users. The company’s approach to machine identity security is focused on providing a universal, identity-first model that enforces unique workload identities to help organisations confidently secure workloads across their entire hybrid and multi-cloud estate.
