Best Practices for Privileged Access & Secrets Management in the Cloud
Chris Cochrane, Director, Solutions Engineering, CyberArk
In this session, you will have the unique opportunity to learn from real-world scenarios related to privileged access security in cloud environments. Our CyberArk expert will provide insights from lessons learned securing commercial SaaS applications, cloud infrastructure, and internal apps deployed in the cloud including:
Understanding the power of privilege in cloud and why it is so critical to have a dual-accountability security approach
3 real world scenarios: human access models, support for automation, proactive controls and programmatic deployment
Best practices for privilege and secret management in AWS Cloud
Why you should limit use of root accounts
Don’t forget all the cloudy places with human admin access
Succeeding with hybrid cloud environments
Remote Vendor Access
Keep an audit trail of activities
Enforce a Zero Trust Environment vaulting Privileged Cloud Credentials
Пікірлер: 3
Are shared accounts only limited to system/built-in accounts ? Eg don't you also have organization-defined shared accounts ? Eg a shared teamrole account, for each relevant team (eg. helpdesk, appmgr, ...) ?
But if the application password is rotated on the application and on the vault, how would the developers know especially as there is no comment about events being sent to the application to talk to cyberArk to update its in-memory password!
@AlexanderTing
3 жыл бұрын
I guess depending on the application, instead of keeping the password in memory, it could be queried via cyberark whenever the password is needed.