Endpoint Privilege Manager

Managing local administrator privileges and mitigating

the risk of malicious software
The Dilemma – Security vs Operational impact

Users have local Local admin rights are

admin rights removed

Increased burden on the

Operations Happy, productive users
support team
Impact
Increased calls and costs

Security Contain attacks on the

Increased security incidents
Impact endpoint
Three Crucial Capabilities - Top Priority

Vulnerable Privileges Lead to Compromised Endpoints

CyberArk Endpoint Privilege Manager

Elevation

LEAST
PRIVILEGE
Whitelisting

Detection
CREDENTIAL
APPLICATION
THEFT
CONTROL
PREVENTION
Prevention
CyberArk Labs Ransomware Research

CyberArk Labs tests ~2000 Ransomware samples daily.

Endpoint Privilege Manager has a success rate of:

100%!
The combined solution of
Least Privilege, Application Control, and Credential Theft
Prevention
in CyberArk EPM is able to protect sensitive data
against >600,000 out of >600,000 strains of
Ransomware
Automated policy creation reduces overhead

Trusted Sources:
policies for over 95% of 82%
Software distribution
applications can be created and systems and trusted
enforced automatically. images

Trusted signatures
(MSFT, IBM,
• Non-disruptive to end users Google)
7%
• Streamlined deployment
Corporate
• Efficient on-going management shares,
• Accurate and reliable MSI
6%

5%
What happens to everything else?

Forensics and Remediation

NSRL & Virustotal ▪ Obtain reputation rating
▪ Block known bad; allow known good
▪ Identify original source and all known
locations of malware

Technology partners
▪ Block malware propagation and cut access
to C&C

Grey-list Restricted Mode

No access to network
Run with standard Limited access to No access to the
shares, servers,
privileges only corporate data internet
removable devices
Flexible Delivery Methods

SERVER-BASED
AD Domain • LDAP-based authentication
Servers, Desktops, Laptops, VMs
option to EPM admin console

Group

Management Engine
Policy
• Simplified SIEM integration
Web Server

Database & Reporting

CyberArk
• FireEye AX integration
EPM
CyberArk EPM
Administrator

• Enhanced integration with

other components of the
Remote Laptop
User CyberArk suite
Flexible Delivery Methods

PUBLIC CLOUD (SaaS)

• Avoid infrastructure costs and
maintenance

• Avoid software costs (SQL, etc.) CyberArk EPM

Remote Laptop Administrator
User

• Includes CyberArk Application Risk

Analysis Service

• SAML-based authentication option to

Management Engine

Web Server

EPM admin console Database & Reporting

• Upgrades are performed automatically CyberArk

EPM
– eliminate conversations about
features that are not available on Corporate Desktop Users

outdated versions