SlideShare a Scribd company logo

Secure Your Environment with UiPath and CyberArk Technologies

D
D

The UiPath Wisconsin Chapter looks forward to meeting you in-person and welcoming CyberArk on October 25, 2023. Join us to discuss topics that include securing your environment and other security related topics. Please bring yourself and share your use cases as well on what your security concerns are, as we discuss UiPath and CyberArk technologies during this event. There'll be plenty of time to socialize as well. The agenda includes: Introductions Updates from UiPath Securing your UiPath environment CyberArk and Security Lunch Break Security Discussion Customer Use Cases Speakers: Stuart McEntee - Sales Specialist Manager @CyberArk Griffin Thompson - Account Executive @CyberArk Jeremy Patton - Solutions Engineer @CyberArk Jim Torney - Emerging Enterprise Executive @UiPath Joshua Gregory - Senior Presales Technical Consultant @UiPath

Secure Your Environment with UiPath and CyberArk Technologies

1 of 69
Download to read offline
Secure Your Environment with UiPath and CyberArk
Technologies - Live Event
October 2023
UiPath Wisconsin Chapter Meeting
Diana Gray
Community Marketing
Manager @UiPath
Meet today’s chapter team:
Sign up for more Wisconsin Chapter
Meetings here:
https://community.uipath.com/wisconsin/
Angie Dahl
Senior Business Analyst
@Plexus
LuAnn Hopkins
Automation Supervisor
@Generac Power Systems
Sheryl Martinez
Sr. AI/RPA Developer/Dr. X
Developer
@U.S. Venture Inc.
Steve Seroogy
Senior Director, IT
@Generac Power Systems
Meet today’s speakers:
Griffin Thompson
Account Executive CyberArk
Stuart McEntee
Sales - Secrets Manager
Sales Specialist CyberArk
Jeremy Patton
Solutions Engineer – DevOps
CyberArk
Joshua Gregory
Senior Presales Technical
Consultant UiPath, Inc
Jim Torney
Emerging Enterprise Executive
UiPath, Inc.
4
Agenda
01 Introductions
02 Updates from UiPath
03 Securing your UiPath environment
04 CyberArk and security
05 Security discussion
06 Lunch break
07 Customer use cases
5
Safe Harbor​
This presentation may include forward-looking statements. Forward looking statements include all statements that are not historical facts, and in
some cases, can be identified by terms such as “anticipate,” “believe,” “estimate,” “expect,” “intend,” “may,” “might,” “plan,” “project,” “will,” “would,”
“should,” “could,” “can,” “predict,” “potential,” “continue,” or the negative of these terms, and similar expressions that concern our expectations,
strategy, plans or intentions. By their nature, these statements are subject to numerous risks and uncertainties, including factors beyond our
control, that could cause actual results, performance or achievement to differ materially and adversely from those anticipated or implied in the
statements. Although our management believes that the expectations reflected in our statements are reasonable, we cannot guarantee that the
future results, levels of activity, performance or events and circumstances described in the forward-looking statements will be achieved or occur.
Recipients are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date such statements are
made and should not be construed as statements of fact. ​
This meeting is strictly confidential. By participating in this meeting, you agree to keep any information we provide confidential and not to disclose
any of the information to any other parties without our prior express written permission. Neither the information contained in this presentation, nor
any further information made available by us or any of our affiliates or employees, directors, representatives, officers, agents or advisers in
connection with this presentation will form the basis of or be construed as a contract or any other legal obligation. ​
10/25/2023
Securing UiPath deployments
The UiPath ™ word mark, logos, and robots are registered trademarks owned by UiPath, Inc. and its affiliates. ©2023 UiPath. All rights reserved.
Ad

Recommended

Technology Series: Intelligently automate core business apps with UiPath and ...
Technology Series: Intelligently automate core business apps with UiPath and ...Technology Series: Intelligently automate core business apps with UiPath and ...
Technology Series: Intelligently automate core business apps with UiPath and ...Diana Gray, MBA
 
AI and ML Series - Generative Extraction and Classification of Documents in S...
AI and ML Series - Generative Extraction and Classification of Documents in S...AI and ML Series - Generative Extraction and Classification of Documents in S...
AI and ML Series - Generative Extraction and Classification of Documents in S...DianaGray10
 
Session 2023-11.pptx
Session 2023-11.pptxSession 2023-11.pptx
Session 2023-11.pptxAndreeaTom
 
UiPath - IT Automation.pdf
UiPath - IT Automation.pdfUiPath - IT Automation.pdf
UiPath - IT Automation.pdfCristina Vidu
 
UiPath - IT Automation (1).pdf
UiPath - IT Automation (1).pdfUiPath - IT Automation (1).pdf
UiPath - IT Automation (1).pdfCristina Vidu
 
UiPath Platform - Automation Software
UiPath Platform - Automation SoftwareUiPath Platform - Automation Software
UiPath Platform - Automation SoftwareAndrei Oros
 
Achieving Business Transformation with UiPath RPA
Achieving Business Transformation with UiPath RPAAchieving Business Transformation with UiPath RPA
Achieving Business Transformation with UiPath RPACelonis
 

More Related Content

Similar to Secure Your Environment with UiPath and CyberArk Technologies

2018-10-25 Group RPA - AA Deck.pptx
2018-10-25 Group RPA - AA Deck.pptx2018-10-25 Group RPA - AA Deck.pptx
2018-10-25 Group RPA - AA Deck.pptxsaubhagya ranjan
 
UiPath + Alteryx CE Final_042822.pdf
UiPath + Alteryx CE Final_042822.pdfUiPath + Alteryx CE Final_042822.pdf
UiPath + Alteryx CE Final_042822.pdfDiana Gray, MBA
 
Perth Meetup May 2022
Perth Meetup May 2022Perth Meetup May 2022
Perth Meetup May 2022Michael Price
 
Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...
Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...
Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...DianaGray10
 
TDNF Seminar
TDNF SeminarTDNF Seminar
TDNF SeminarEmpowerID
 
Dev Dives: Unlock AI-driven automation with semantic automation & communicati...
Dev Dives: Unlock AI-driven automation with semantic automation & communicati...Dev Dives: Unlock AI-driven automation with semantic automation & communicati...
Dev Dives: Unlock AI-driven automation with semantic automation & communicati...Cristina Vidu
 
Unleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processingUnleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processingUiPathCommunity
 
Hr structural auths
Hr   structural authsHr   structural auths
Hr structural authshkodali
 
Automation through APIs with the new UiPath Integration Service
 Automation through APIs with the new UiPath Integration Service Automation through APIs with the new UiPath Integration Service
Automation through APIs with the new UiPath Integration ServiceCristina Vidu
 
Robotic Process Automation with UiPath Studio
Robotic Process Automation with UiPath StudioRobotic Process Automation with UiPath Studio
Robotic Process Automation with UiPath StudioLalit Birla
 
Power Platform (Power Automate)
Power Platform (Power Automate)Power Platform (Power Automate)
Power Platform (Power Automate)OluwatobiYusuf2
 
Short Sales Overview of EmpowerID
Short Sales Overview of EmpowerIDShort Sales Overview of EmpowerID
Short Sales Overview of EmpowerIDEmpowerID
 
Developing business applications via power platform build2019
Developing business applications via power platform build2019Developing business applications via power platform build2019
Developing business applications via power platform build2019Dipti Chhatrapati
 
01_Team_03_CS_591_Project
01_Team_03_CS_591_Project01_Team_03_CS_591_Project
01_Team_03_CS_591_Projectharsh mehta
 
Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...
Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...
Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...DianaGray10
 
DevDive_UnleashthFullPotentialofAutomationwithGenAI.pptx
DevDive_UnleashthFullPotentialofAutomationwithGenAI.pptxDevDive_UnleashthFullPotentialofAutomationwithGenAI.pptx
DevDive_UnleashthFullPotentialofAutomationwithGenAI.pptxRohit Radhakrishnan
 
How to integrate UiPath into your Microsoft environment
How to integrate UiPath into your Microsoft environmentHow to integrate UiPath into your Microsoft environment
How to integrate UiPath into your Microsoft environmentCristina Vidu
 
IIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the Key
IIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the KeyIIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the Key
IIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the KeyAustraliaChapterIIBA
 

Similar to Secure Your Environment with UiPath and CyberArk Technologies (20)

2018-10-25 Group RPA - AA Deck.pptx
2018-10-25 Group RPA - AA Deck.pptx2018-10-25 Group RPA - AA Deck.pptx
2018-10-25 Group RPA - AA Deck.pptx
 
UiPath + Alteryx CE Final_042822.pdf
UiPath + Alteryx CE Final_042822.pdfUiPath + Alteryx CE Final_042822.pdf
UiPath + Alteryx CE Final_042822.pdf
 
Perth Meetup May 2022
Perth Meetup May 2022Perth Meetup May 2022
Perth Meetup May 2022
 
Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...
Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...
Integrate-to-Automate: Creating Connectors, Connections and AI infused automa...
 
TDNF Seminar
TDNF SeminarTDNF Seminar
TDNF Seminar
 
Inna pidicho.pdf
Inna pidicho.pdfInna pidicho.pdf
Inna pidicho.pdf
 
Dev Dives: Unlock AI-driven automation with semantic automation & communicati...
Dev Dives: Unlock AI-driven automation with semantic automation & communicati...Dev Dives: Unlock AI-driven automation with semantic automation & communicati...
Dev Dives: Unlock AI-driven automation with semantic automation & communicati...
 
RPA in a Day
RPA in a Day RPA in a Day
RPA in a Day
 
Unleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processingUnleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processing
 
Hr structural auths
Hr   structural authsHr   structural auths
Hr structural auths
 
Automation through APIs with the new UiPath Integration Service
 Automation through APIs with the new UiPath Integration Service Automation through APIs with the new UiPath Integration Service
Automation through APIs with the new UiPath Integration Service
 
Robotic Process Automation with UiPath Studio
Robotic Process Automation with UiPath StudioRobotic Process Automation with UiPath Studio
Robotic Process Automation with UiPath Studio
 
Power Platform (Power Automate)
Power Platform (Power Automate)Power Platform (Power Automate)
Power Platform (Power Automate)
 
Short Sales Overview of EmpowerID
Short Sales Overview of EmpowerIDShort Sales Overview of EmpowerID
Short Sales Overview of EmpowerID
 
Developing business applications via power platform build2019
Developing business applications via power platform build2019Developing business applications via power platform build2019
Developing business applications via power platform build2019
 
01_Team_03_CS_591_Project
01_Team_03_CS_591_Project01_Team_03_CS_591_Project
01_Team_03_CS_591_Project
 
Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...
Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...
Document Understanding as Cloud APIs and Generative AI Pre-labeling Extractio...
 
DevDive_UnleashthFullPotentialofAutomationwithGenAI.pptx
DevDive_UnleashthFullPotentialofAutomationwithGenAI.pptxDevDive_UnleashthFullPotentialofAutomationwithGenAI.pptx
DevDive_UnleashthFullPotentialofAutomationwithGenAI.pptx
 
How to integrate UiPath into your Microsoft environment
How to integrate UiPath into your Microsoft environmentHow to integrate UiPath into your Microsoft environment
How to integrate UiPath into your Microsoft environment
 
IIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the Key
IIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the KeyIIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the Key
IIBA® Sydney Unlocking the Power of Low Code No Code: Why BAs Hold the Key
 

More from DianaGray10

Connector Corner: Connect to your processes with UiPath Integration Service...
Connector Corner: Connect  to your processes  with UiPath Integration Service...Connector Corner: Connect  to your processes  with UiPath Integration Service...
Connector Corner: Connect to your processes with UiPath Integration Service...DianaGray10
 
Career Talk Series: Session 3- Skill Development and Continuous learning in t...
Career Talk Series: Session 3- Skill Development and Continuous learning in t...Career Talk Series: Session 3- Skill Development and Continuous learning in t...
Career Talk Series: Session 3- Skill Development and Continuous learning in t...DianaGray10
 
Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...
Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...
Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...DianaGray10
 
Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...
Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...
Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...DianaGray10
 
Forms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App DesignForms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App DesignDianaGray10
 
Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...
Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...
Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...DianaGray10
 
Houston UiPath Community - Document Understanding Solution Accelerators
Houston UiPath Community - Document Understanding Solution AcceleratorsHouston UiPath Community - Document Understanding Solution Accelerators
Houston UiPath Community - Document Understanding Solution AcceleratorsDianaGray10
 
Design Dynamics: Elevating UiPath Apps with UX Wireframes
Design Dynamics: Elevating UiPath Apps with UX WireframesDesign Dynamics: Elevating UiPath Apps with UX Wireframes
Design Dynamics: Elevating UiPath Apps with UX WireframesDianaGray10
 
Business Analyst Series 2023 - Week 5 Session 10
Business Analyst Series 2023 -  Week 5 Session 10Business Analyst Series 2023 -  Week 5 Session 10
Business Analyst Series 2023 - Week 5 Session 10DianaGray10
 
Introduction to UiPath Testing and learning how to build Test Cases
Introduction to UiPath Testing and learning how to build Test CasesIntroduction to UiPath Testing and learning how to build Test Cases
Introduction to UiPath Testing and learning how to build Test CasesDianaGray10
 
Business Analyst Series 2023 - Week 5 Session 9
Business Analyst Series 2023 -  Week 5 Session 9Business Analyst Series 2023 -  Week 5 Session 9
Business Analyst Series 2023 - Week 5 Session 9DianaGray10
 
Business Analyst Series 2023 - Week 4 Session 8
Business Analyst Series 2023 -  Week 4 Session 8Business Analyst Series 2023 -  Week 4 Session 8
Business Analyst Series 2023 - Week 4 Session 8DianaGray10
 
Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 -  Week 4 Session 7Business Analyst Series 2023 -  Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7DianaGray10
 
Business Analyst Series 2023 - Week 3 Session 5
Business Analyst Series 2023 -  Week 3 Session 5Business Analyst Series 2023 -  Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5DianaGray10
 
Business Analyst Series 2023 - Week 2 Session 3
Business Analyst Series 2023 -  Week 2 Session 3Business Analyst Series 2023 -  Week 2 Session 3
Business Analyst Series 2023 - Week 2 Session 3DianaGray10
 
Business Analyst Series 2023 - Week 1 Session 1
Business Analyst Series 2023 -  Week 1 Session 1Business Analyst Series 2023 -  Week 1 Session 1
Business Analyst Series 2023 - Week 1 Session 1DianaGray10
 
Business Analyst Series 2023 - Week 1 Session 2
Business Analyst Series 2023 -  Week 1 Session 2Business Analyst Series 2023 -  Week 1 Session 2
Business Analyst Series 2023 - Week 1 Session 2DianaGray10
 
UiPath Certified Professional Certification for Specialized AI.pptx
UiPath Certified Professional Certification for Specialized AI.pptxUiPath Certified Professional Certification for Specialized AI.pptx
UiPath Certified Professional Certification for Specialized AI.pptxDianaGray10
 
Business Analyst Series 2023 - Week 1 Session 1
Business Analyst Series 2023 -  Week 1 Session 1Business Analyst Series 2023 -  Week 1 Session 1
Business Analyst Series 2023 - Week 1 Session 1DianaGray10
 
Introduction to RPA and Document Understanding
Introduction to RPA and Document UnderstandingIntroduction to RPA and Document Understanding
Introduction to RPA and Document UnderstandingDianaGray10
 

More from DianaGray10 (20)

Connector Corner: Connect to your processes with UiPath Integration Service...
Connector Corner: Connect  to your processes  with UiPath Integration Service...Connector Corner: Connect  to your processes  with UiPath Integration Service...
Connector Corner: Connect to your processes with UiPath Integration Service...
 
Career Talk Series: Session 3- Skill Development and Continuous learning in t...
Career Talk Series: Session 3- Skill Development and Continuous learning in t...Career Talk Series: Session 3- Skill Development and Continuous learning in t...
Career Talk Series: Session 3- Skill Development and Continuous learning in t...
 
Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...
Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...
Career Talk Series: Session 2- Unlock career opportunities in intelligent aut...
 
Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...
Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...
Career Talk Series: Session 1 - Transitioning from RPA to AI automation profe...
 
Forms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App DesignForms for All: Building Accessibility into UiPath App Design
Forms for All: Building Accessibility into UiPath App Design
 
Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...
Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...
Connector Corner: Power your campaign with Mailchimp, Microsoft Teams, CRM an...
 
Houston UiPath Community - Document Understanding Solution Accelerators
Houston UiPath Community - Document Understanding Solution AcceleratorsHouston UiPath Community - Document Understanding Solution Accelerators
Houston UiPath Community - Document Understanding Solution Accelerators
 
Design Dynamics: Elevating UiPath Apps with UX Wireframes
Design Dynamics: Elevating UiPath Apps with UX WireframesDesign Dynamics: Elevating UiPath Apps with UX Wireframes
Design Dynamics: Elevating UiPath Apps with UX Wireframes
 
Business Analyst Series 2023 - Week 5 Session 10
Business Analyst Series 2023 -  Week 5 Session 10Business Analyst Series 2023 -  Week 5 Session 10
Business Analyst Series 2023 - Week 5 Session 10
 
Introduction to UiPath Testing and learning how to build Test Cases
Introduction to UiPath Testing and learning how to build Test CasesIntroduction to UiPath Testing and learning how to build Test Cases
Introduction to UiPath Testing and learning how to build Test Cases
 
Business Analyst Series 2023 - Week 5 Session 9
Business Analyst Series 2023 -  Week 5 Session 9Business Analyst Series 2023 -  Week 5 Session 9
Business Analyst Series 2023 - Week 5 Session 9
 
Business Analyst Series 2023 - Week 4 Session 8
Business Analyst Series 2023 -  Week 4 Session 8Business Analyst Series 2023 -  Week 4 Session 8
Business Analyst Series 2023 - Week 4 Session 8
 
Business Analyst Series 2023 - Week 4 Session 7
Business Analyst Series 2023 -  Week 4 Session 7Business Analyst Series 2023 -  Week 4 Session 7
Business Analyst Series 2023 - Week 4 Session 7
 
Business Analyst Series 2023 - Week 3 Session 5
Business Analyst Series 2023 -  Week 3 Session 5Business Analyst Series 2023 -  Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5
 
Business Analyst Series 2023 - Week 2 Session 3
Business Analyst Series 2023 -  Week 2 Session 3Business Analyst Series 2023 -  Week 2 Session 3
Business Analyst Series 2023 - Week 2 Session 3
 
Business Analyst Series 2023 - Week 1 Session 1
Business Analyst Series 2023 -  Week 1 Session 1Business Analyst Series 2023 -  Week 1 Session 1
Business Analyst Series 2023 - Week 1 Session 1
 
Business Analyst Series 2023 - Week 1 Session 2
Business Analyst Series 2023 -  Week 1 Session 2Business Analyst Series 2023 -  Week 1 Session 2
Business Analyst Series 2023 - Week 1 Session 2
 
UiPath Certified Professional Certification for Specialized AI.pptx
UiPath Certified Professional Certification for Specialized AI.pptxUiPath Certified Professional Certification for Specialized AI.pptx
UiPath Certified Professional Certification for Specialized AI.pptx
 
Business Analyst Series 2023 - Week 1 Session 1
Business Analyst Series 2023 -  Week 1 Session 1Business Analyst Series 2023 -  Week 1 Session 1
Business Analyst Series 2023 - Week 1 Session 1
 
Introduction to RPA and Document Understanding
Introduction to RPA and Document UnderstandingIntroduction to RPA and Document Understanding
Introduction to RPA and Document Understanding
 

Recently uploaded

5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!XfilesPro
 
Quinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdf
Quinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdfQuinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdf
Quinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdfDomotica daVinci
 
zigbee motion sensor user manual NAS-PD07B2.pdf
zigbee motion sensor user manual NAS-PD07B2.pdfzigbee motion sensor user manual NAS-PD07B2.pdf
zigbee motion sensor user manual NAS-PD07B2.pdfDomotica daVinci
 
Microsoft Azure - GAA and Irish Tech Society Hackathon
Microsoft Azure - GAA and Irish Tech Society HackathonMicrosoft Azure - GAA and Irish Tech Society Hackathon
Microsoft Azure - GAA and Irish Tech Society HackathonJuarez Junior
 
Enhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for PartnersEnhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for PartnersThousandEyes
 
M.Aathiraju Self Intro.docx-AD21001_____
M.Aathiraju Self Intro.docx-AD21001_____M.Aathiraju Self Intro.docx-AD21001_____
M.Aathiraju Self Intro.docx-AD21001_____Aathiraju
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch TuesdayIvanti
 
OTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdfOTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdfPaige Cruz
 
Introduction to Serverless with AWS Lambda in C#.pptx
Introduction to Serverless with AWS Lambda in C#.pptxIntroduction to Serverless with AWS Lambda in C#.pptx
Introduction to Serverless with AWS Lambda in C#.pptxBrandon Minnick, MBA
 
Navigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio LeadersNavigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio LeadersOnePlan Solutions
 
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...Raphaël PINSON
 
Z-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdf
Z-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdfZ-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdf
Z-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdfDomotica daVinci
 
AWS for the beginning is cloud computing
AWS for the beginning  is  cloud computingAWS for the beginning  is  cloud computing
AWS for the beginning is cloud computingkajalghule1
 
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre..."Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...shaiyuvasv
 
Manual sensor Zigbee 3.0 MOES ZSS-X-PIRL-C
Manual  sensor Zigbee 3.0 MOES ZSS-X-PIRL-CManual  sensor Zigbee 3.0 MOES ZSS-X-PIRL-C
Manual sensor Zigbee 3.0 MOES ZSS-X-PIRL-CDomotica daVinci
 
Zi-Stick UBS Dongle ZIgbee from Aeotec manual
Zi-Stick UBS Dongle ZIgbee from  Aeotec manualZi-Stick UBS Dongle ZIgbee from  Aeotec manual
Zi-Stick UBS Dongle ZIgbee from Aeotec manualDomotica daVinci
 
Tete thermostatique Zigbee MOES BRT-100 V2.pdf
Tete thermostatique Zigbee MOES BRT-100 V2.pdfTete thermostatique Zigbee MOES BRT-100 V2.pdf
Tete thermostatique Zigbee MOES BRT-100 V2.pdfDomotica daVinci
 

Recently uploaded (20)

5 Tech Trend to Notice in ESG Landscape- 47Billion
5 Tech Trend to Notice in ESG Landscape- 47Billion5 Tech Trend to Notice in ESG Landscape- 47Billion
5 Tech Trend to Notice in ESG Landscape- 47Billion
 
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
5 Things You Shouldn’t Do at Salesforce World Tour Sydney 2024!
 
Quinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdf
Quinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdfQuinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdf
Quinto Z-Wave Heltun_HE-RS01_User_Manual_B9AH.pdf
 
zigbee motion sensor user manual NAS-PD07B2.pdf
zigbee motion sensor user manual NAS-PD07B2.pdfzigbee motion sensor user manual NAS-PD07B2.pdf
zigbee motion sensor user manual NAS-PD07B2.pdf
 
Microsoft Azure - GAA and Irish Tech Society Hackathon
Microsoft Azure - GAA and Irish Tech Society HackathonMicrosoft Azure - GAA and Irish Tech Society Hackathon
Microsoft Azure - GAA and Irish Tech Society Hackathon
 
Enhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for PartnersEnhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for Partners
 
M.Aathiraju Self Intro.docx-AD21001_____
M.Aathiraju Self Intro.docx-AD21001_____M.Aathiraju Self Intro.docx-AD21001_____
M.Aathiraju Self Intro.docx-AD21001_____
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
 
GTA 6.pdf
GTA 6.pdfGTA 6.pdf
GTA 6.pdf
 
OTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdfOTel Orientation_ How to Train Teams (OTel in Practice).pdf
OTel Orientation_ How to Train Teams (OTel in Practice).pdf
 
Introduction to Serverless with AWS Lambda in C#.pptx
Introduction to Serverless with AWS Lambda in C#.pptxIntroduction to Serverless with AWS Lambda in C#.pptx
Introduction to Serverless with AWS Lambda in C#.pptx
 
Navigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio LeadersNavigating the Never Normal Strategies for Portfolio Leaders
Navigating the Never Normal Strategies for Portfolio Leaders
 
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
Cfgmgmtcamp 2024 — eBPF-based Security Observability & Runtime Enforcement wi...
 
Z-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdf
Z-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdfZ-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdf
Z-Wave Fan coil Thermostat Heltun_HE-HT01_User_Manual.pdf
 
AWS for the beginning is cloud computing
AWS for the beginning  is  cloud computingAWS for the beginning  is  cloud computing
AWS for the beginning is cloud computing
 
Russia Ukraine war Cyberspace operations (2022-2024)
Russia Ukraine war Cyberspace operations (2022-2024)Russia Ukraine war Cyberspace operations (2022-2024)
Russia Ukraine war Cyberspace operations (2022-2024)
 
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre..."Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
"Journey of Aspiration: Unveiling the Path to Becoming a Technocrat and Entre...
 
Manual sensor Zigbee 3.0 MOES ZSS-X-PIRL-C
Manual  sensor Zigbee 3.0 MOES ZSS-X-PIRL-CManual  sensor Zigbee 3.0 MOES ZSS-X-PIRL-C
Manual sensor Zigbee 3.0 MOES ZSS-X-PIRL-C
 
Zi-Stick UBS Dongle ZIgbee from Aeotec manual
Zi-Stick UBS Dongle ZIgbee from  Aeotec manualZi-Stick UBS Dongle ZIgbee from  Aeotec manual
Zi-Stick UBS Dongle ZIgbee from Aeotec manual
 
Tete thermostatique Zigbee MOES BRT-100 V2.pdf
Tete thermostatique Zigbee MOES BRT-100 V2.pdfTete thermostatique Zigbee MOES BRT-100 V2.pdf
Tete thermostatique Zigbee MOES BRT-100 V2.pdf
 

Secure Your Environment with UiPath and CyberArk Technologies

  • 1. Secure Your Environment with UiPath and CyberArk Technologies - Live Event October 2023 UiPath Wisconsin Chapter Meeting
  • 2. Diana Gray Community Marketing Manager @UiPath Meet today’s chapter team: Sign up for more Wisconsin Chapter Meetings here: https://community.uipath.com/wisconsin/ Angie Dahl Senior Business Analyst @Plexus LuAnn Hopkins Automation Supervisor @Generac Power Systems Sheryl Martinez Sr. AI/RPA Developer/Dr. X Developer @U.S. Venture Inc. Steve Seroogy Senior Director, IT @Generac Power Systems
  • 3. Meet today’s speakers: Griffin Thompson Account Executive CyberArk Stuart McEntee Sales - Secrets Manager Sales Specialist CyberArk Jeremy Patton Solutions Engineer – DevOps CyberArk Joshua Gregory Senior Presales Technical Consultant UiPath, Inc Jim Torney Emerging Enterprise Executive UiPath, Inc.
  • 4. 4 Agenda 01 Introductions 02 Updates from UiPath 03 Securing your UiPath environment 04 CyberArk and security 05 Security discussion 06 Lunch break 07 Customer use cases
  • 5. 5 Safe Harbor​ This presentation may include forward-looking statements. Forward looking statements include all statements that are not historical facts, and in some cases, can be identified by terms such as “anticipate,” “believe,” “estimate,” “expect,” “intend,” “may,” “might,” “plan,” “project,” “will,” “would,” “should,” “could,” “can,” “predict,” “potential,” “continue,” or the negative of these terms, and similar expressions that concern our expectations, strategy, plans or intentions. By their nature, these statements are subject to numerous risks and uncertainties, including factors beyond our control, that could cause actual results, performance or achievement to differ materially and adversely from those anticipated or implied in the statements. Although our management believes that the expectations reflected in our statements are reasonable, we cannot guarantee that the future results, levels of activity, performance or events and circumstances described in the forward-looking statements will be achieved or occur. Recipients are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date such statements are made and should not be construed as statements of fact. ​ This meeting is strictly confidential. By participating in this meeting, you agree to keep any information we provide confidential and not to disclose any of the information to any other parties without our prior express written permission. Neither the information contained in this presentation, nor any further information made available by us or any of our affiliates or employees, directors, representatives, officers, agents or advisers in connection with this presentation will form the basis of or be construed as a contract or any other legal obligation. ​
  • 6. 10/25/2023 Securing UiPath deployments The UiPath ™ word mark, logos, and robots are registered trademarks owned by UiPath, Inc. and its affiliates. ©2023 UiPath. All rights reserved.
  • 7. 7 The UiPath Business Automation Platform PROCESS MINING TASK MINING COMMUNICATIONS MINING IDEA CAPTURE & MANAGEMENT LOW-CODE DEVELOPMENT​ UI & API AUTOMATION​ PROCESS ORCHESTRATION​ INTELLIGENT DOCUMENT PROCESSING​ INTEGRATED NLP & AI/ML Discover Continuously uncover opportunities for process and task improvements ​helping you identify the highest ROI areas Automate Get more done with a digital workforce that seamlessly collaborates with your people ​and automates work via UI and API, powered with native integrated AI​ Your Applications Your People Your Processes Systems of record – ERP, CRM, HCM | Communications and Collaboration | Personal Productivity​ ANALYTICS CONTINUOUS TESTING UNIFIED MANAGEMENT & GOVERNANCE​ FLEXIBLE DEPLOYMENT Operate An enterprise-grade foundation to run and optimize a ​mission critical automation program at high scale
  • 10. 10 AI powered automation Context Action Docs Comms Data People Processes UI API HITL
  • 11. 11 Context Action Docs Comms Data People Processes UI API HITL Generative AI Specialized AI Solutions Infrastructure AI powered automation
  • 12. 12 Context Action Docs Comms Data People Processes UI API HITL Generative AI Specialized AI Solutions Infrastructure Supported by UiPath AI powered automation
  • 13. 13 Context Action Docs Comms Data People Processes UI API HITL Generative AI Specialized AI Solutions Infrastructure Supported by UiPath Built by UiPath or BYO Docs Screens Tasks Processes AI powered automation
  • 14. 14 Context Action Docs Comms Data People Processes UI API HITL Generative AI Specialized AI Solutions Infrastructure Docs Screens Tasks Processes Built by UiPath or BYO Supported by UiPath AI powered automation
  • 15. 15 Context Action Docs Comms Data People Processes UI API HITL Generative AI Specialized AI Solutions Infrastructure Docs Screens Tasks Processes Built by UiPath or BYO Supported by UiPath Validation station Active learning Fine tuning Guardrails Auditing AI powered automation
  • 16. 16 Quick Overview In the next slides, you’ll find the most important topics that needs to be covered in order to reach out total RPA potential: Bot Identity Credential management Delegated permissions/ segregation of duties User Access Review (UAR) Governance SOX/Business Critical automations 01 02 03 04 05 06 While RPA (Robotic Process Automation) is becoming more and more part of our lives, it’s mandatory to define appropriate security guidelines to ensure a maximized benefit of this technology meant to makes our work more enjoyable.
  • 17. 17 Bot identity Traceability Role Management Authentication Audit Process Inventory Easily identifying robot vs human work in system/ application logs and differentiating the work done by bots Each robot account should have the minimum required permissions/roles in order to perform their tasks Since Two Factor Authentication requires human identification, robots’ accounts must be created as Service Accounts that can bypass additional login steps. Also, when possible, API authentication is recommended Since change management is paramount during audits, bot identities allows system admins to easily identify and get the evidence required for all changes performed by the robots Easily document which automation uses which account with which permissions While software robots are here to take over our repetitive and inefficient work, they require their own identity in the systems/platforms they are operating. Here is why:
  • 18. 18 Bot identity (cont.) As previously mentioned, each process should have its own associated account, but robots also require a place to "stay and play“, in a Virtual Environment A Virtual Environment will also require an identity, that will be mapped with the automation. Enforce naming conventions for each type of accounts used(bots: svc-***@***.com, VM names: vm-***, VM users: vm-***@***.com). This way, it will be easier to access relevant process information from your Process Inventory mappings Bots' accounts will have by default minimum permissions allocate: ActiveDirectory Identity (email address) and a Mailbox attached (O365, Google, etc.) From licensing optimization point of view, you can setup shared accounts between your automations (e.g.: one shared account per department for Salesforce) All other platforms accesses will be provided on demand (e.g.: Sharepoint, GoogleDrive, etc.) based on automations requirements, roles and permissions etc. (Virtual Machines grouped in Environments at orchestrator level) Here are some recommendations on how to manage all of this:
  • 19. 19 Credential Management Now we highlighted the importance of bot identities, it’s mandatory to periodically check and maintain all accounts’ permissions and configurations Credential manager All accounts should be stored in a common credential manager that allows each team member to access required dev/prod accounts based on their team role (dev, support, business analysts) Periodically change account passwords to enhance security and compliance guidelines Regularly rotating account passwords limits risks of sharing or leaking Some processes might have been decommissioned and the associated account is no longer required This can be easily tracked with an Internal Process Inventory that contains real-time production processes information like name, deployment location, accounts used etc.
  • 20. 20 Add a credential store Natively link your CyberArk store with UiPath
  • 21. 21 Delegated permissions/segregation of duties Working with robots requires human responsibility – for that, each employee should have the appropriate roles and permissions in the RPA environment. Production environment must be separated from development/ testing ones For production, the access must be restricted to appropriate employees based on their roles Developers and business users should access only the development/testing environments
  • 22. 22 User Access Review (UAR) UAR is an audit control that requires to periodically check user’s access and permissions on platforms/systems. In RPA, the checklist for user access review must contain: Properly define which platforms are the subject of audit inside the RPA team (e.g.: Orchestrator, GitHub etc.) Periodically check if the defined roles/permissions are aligned with the company structure All access request must be properly documented (requests with manager’s approval)
  • 23. 23 Accurate automation logging When it comes to audit, another mandatory task is to have a clear view of what the bot is actually doing and in case of an incident, This can be achieved by enforcing logging guidelines that must include: Proper logging level (trace, info, warning, error) Logs for workflow’s start/end Information about each processed transaction (id, name) Information about the actions performed on the processed transaction (update, inserted values) As a best practice, it’s recommended to log anonymized sensitive information when applicable (partial id’s, names, addresses) to easily identify the root cause
  • 24. 24 Governance The main governance key points are the following: 01 Defining and using a standard development framework template that suits the company’s RPA area 02 Using a project management platform in order to track, trace and report effectively projects' statuses 03 Enforcing documented Sign-Offs for major project steps from the appropriate stakeholders (Business, Infrastructure, etc) to have a clear view on collaboration/decision making (PDD, UAT, Deployment, Change Requests etc) UiPath provides a powerful governance framework that makes RPA more secure. Using AutomationOps in your company, you can easily: Enforce your organization's rules and configurations for UiPath products using governance policies Manage content feeds by defining which sites and packages are trusted and can be safely used
  • 25. 25 SOX/Business Critical automations An automation is labeled as SOX Compliance/Business Critical if: NOTE: currently this checklist only applies to Unattended process, and by default Attended processes can be considered as “Non-business critical”. Performs changes (edit/modify/insert/ update) in sensitive production data (e.g., financial, sales reports) Collects PII data (Personal Identifiable Information) Requires elevated permissions than normal user (edit, admin roles) Business decides the automation is in scope for SOX (relevant stakeholder confirms it is related to SOX Controls, e.g. Finance processes) From an audit perspective, SOX automations must be documented and implemented in a more effective way: It’s recommended to use a dedicated tenant and robots (VMs) Infrastructure Based on the level of data sensitivity, all bot’s related documents should be accessed only by privileged users Documentation Bots should save the reports with the data before and after the automatic processing is finished; screenshots/evidence of the input information: date/filters used for the reports, queries etc; proper logging Development
  • 26. 26 Allow security and development teams to dynamically manage the applications’ secrets required to access resources and services across hybrid and multi-cloud environments without impacting agility. Privileged credentials are often called “SECRETS” and refer to a private piece of information that acts as a key to unlock protected resources or sensitive information in tools, databases, applications, containers, DevOps and cloud-native environments. Secrets manager goal 26 Human Access Non-Human Access 1 person 45 apps/tools workloads service accounts Cloud- Hybrid Cloud Data Center Kubernetes RPA CI/CD Scripts Containers Vulnerability Scanner Home grown apps SolarWinds Octopus Codecov Uber Stuart McEntee, CISSP CyberArk Secrets Manager Specialist stuart.mcentee@cyberark.com www.cyberark.com SEC Ruling: https://www.sec.gov/news/press-release/2023-139
  • 27. 27 Policy Enforcement Point Policy Administrator Policy Engine Policy Decision Point Access Request Access Enabled Identity Security Identity - Zero Trust Based On NIST SP 800-207: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf Protect Subject Identities and Devices Protect Identities within Resources Protect Identities within the Zero Trust Network SUBJECT People Users Devices Applications Systems RESOURCES Data Applications Computer services APIs Secrets Management Privilege Access Management (PAM) for Non-Human
  • 28. 28 Islands Of Security Create Challenges at Scale Puppet Hiera Chef Databags Ansible Vault Islands of Security AWS IAM /KMS Microsoft Azure IAM / KMS / KMS Google Cloud IAM / KMS Docker Secrets Kubernetes Secrets OpenShift Secrets Native tool solutions for secrets: Create “Security Islands” • Are you using open source or enterprise? • How do you perform the following : • Password rotation? • Separation of Duties? • High Availability? • Database Configuration? • Change Management? • Scalability – Containers? • How many Vaults across your enterprise? • Audits? UI Path Credential Store .NET Config Files J2EE Credential Store
  • 29. 29 29 Key Benefits Developers Simplicity: Native integrations simplify securing DevOps tools, CI/CD, ISV to zOS and everything in between. Security Robust Security: Centralized management, rotation, audit and strong authentication ensures workloads securely access to secrets. Operations Efficiency & Availability: Architected to ensure secrets are always available when and where they are needed. Secrets Hub …Not a single product or one-time event
  • 30. 30 J2EE App Server DS CP 30 CP Application Script SDK CLI Credential Provider(s) Varonis, Venafi, ForeScout,, Broadcom, HPE, Ping Identity, Rapid7, SailPoint, ServiceNow, Splunk, Symantec, Varonis Application Server , Provider(s) Apache Tomcat, IBM WebSphere, Oracle WebLogic, Red Hat JBoss Conjur Enterprise Ansible*, AWS, Azure, CloudBees, Docker, Entrust HSM, GitLab, Kubernetes, OpenShift, Puppet, Terraform, VMWare Tanzu AWS Secrets Manager Azure Key Vault (Google future) Secrets Hub Application Script Rest Rest Central Credential Provider(s) Automation Anywhere , Blue Prism, Chef, Datamatics, IBM Urbancode, Jenkins, LogicMonitor, Palo Alto Networks, Qualys, PKWare, SmartRPA, Tenable, UiPath* 443 CP Agent-Based Agentless SaaS Priv Cloud Conjur Cloud 1858 Secrets Management is a Cross-Domain, Hybrid Strategy & Program
  • 31. 31 Secrets Hub - AWS & Azure Native Secrets Stores (Google Future) • Centralized management of secrets/visibility across organization • Enforce consistent polices across the organization to meet compliance and security standards • Can enforce ad-hoc rotation in case of security event • Unified audit using SIEM • Native cloud experience • Enables the same cloud-native tools and workflows as before. • Secures the application without any impact on workflows Security Developer/DevOps CyberArk PAM (self-hosted or Privilege Cloud) Secrets Hub
  • 32. 32 MOST COMPLETE & EXTENSIBLE IDENTITY SECURITY PLATFORM BROADEST INTEGRATION SUPPORT IDENTITY SECURITY INNOVATOR PROVEN EXPERTISE IN SECURING IDENTITY • Manages secrets for apps, automation scripts, non-human identities AND human users • Centralized secrets management • 200+ integrations with top DevOps tools, platforms and COTS apps • Work with partners and open-source communities to certify and expand • Secrets rotation with zero downtime • Zero /minimal code changes for devs, e.g., ASCP, Secretless • Data segregation with centralized management • Entire company focused on security • Expert in partnering with security teams • Trusted by over half Fortune 500 ARCHITECTED FOR THE MODERN ENTERPRISE • High availability architecture • High performance & scale - unique read-only follower architecture • Innovative solutions for securing mission critical legacy apps SECRETS MANAGER ALIGNMENT TO CYBERARK DIFFERENTIATORS
  • 33. 33 92% Banking 72% Pharma Industry Leaders Choose CyberArk 84% 80% 80% 84% OF THE TOP 25 Manufacturing Telecom Insurance Energy
  • 34. 34 34 Chart Your Course with the CyberArk Blueprint https://www.cyberark.com/try-buy/blueprint-toolkit/ 34
  • 36. Copyright © 2023 CyberArk Software Ltd. All rights reserved Accelerate your Success with the CyberArk Blueprint • Proven Identity Security Program Framework for Success • Prescriptive Guidance Designed to Measurably Reduce Risk • Built on Lessons Learned in Battle Over Two Decades • Covers the Full Scope of Identities Understand the Attack Chain Assess Your Security Posture Learn Best Practice Education Build Your Identity Security Plan
  • 37. 37 37 IDENTITY SECURITY CONTROL FAMILIES & TECHNOLOGIES Access Least Privilege Privileged Access Secrets Management Secure highest privilege identities that have the potential to control an entire environment Identity Security Platform, Cloud Admins & Security Tools Cloud Admins, Shadow Admins & Domain Admin Services Cloud Admins, Domain Admins, Hypervisor Admin & Windows Server Admins (Local) Identity Security Platform Automation, Security & Automation Tools Focus on locking down the most universal technology platforms PaaS Admins, Cloud Privileged Entities & CI/CD Console Admins Cloud Privileged Entities Windows Server Admins (Domain), Workstation Admins (Local & Domain) & *NIX Root + SSH Keys Cloud Native Workloads Build identity security into the fabric of enterprise strategy and application pipelines Web Applications (Mission Critical) & Corporate Social Media IT Admin Workstations *NIX Server Admins, Out of Band Access & Database Built-In Admins CI/CD Toolchain Pipeline & Dynamic Applications (Containerized Environments) Mature existing controls and expand into advanced identity security controls Web Applications (Core) Workforce Workstations & Windows Servers Network & Infra. Admins, Database Named Admins, Client-Based Apps (Mission Critical) On-Prem, Lift & Shift & COTS Applications Look for new opportunities to shore up identity security across the enterprise Web Applications (All) *NIX Servers Mainframe Administrators & Client-Based Apps (All) IoT/OT & Windows Services (Embedded Usages) STAGE 1 STAGE 2 STAGE 3 STAGE 4 STAGE 5 GOAL CyberArk Blueprint Stages Overview
  • 38. 38 CyberArk Blueprint Stages Overview Grow Your Program from within the SecOrg Secure highest privilege identities that have the potential to control an entire environment Focus on locking down the most universal technology platforms Build identity security into the fabric of enterprise strategy and application pipelines Mature existing controls and expand into advanced identity security controls Look for new opportunities to shore up identity security across the enterprise USE CASES Secrets Management Identity Security Platform Automation, Security & Automation Tools Cloud Native Workloads CI/CD Toolchain Pipeline & Dynamic Applications (Containerized Environments) On-Prem, Lift & Shift & COTS Applications IoT/OT & Windows Services (Embedded Usages) STAGE 1 STAGE 2 STAGE 3 STAGE 4 STAGE 5 GOAL Sorted by Risk Impact and Level of Effort Progressively Mature to Advanced Use Cases Groups Use Cases by Similarity for Efficiency
  • 39. 39 Where Do I Start? Secure highest privilege identities that have the potential to control an entire environment Focus on locking down the most universal technology platforms Build identity security into the fabric of enterprise strategy and application pipelines Mature existing controls and expand into advanced identity security controls Look for new opportunities to shore up identity security across the enterprise USE CASES Secrets Management Identity Security Platform Automation, Security & Automation Tools Cloud Native Workloads CI/CD Toolchain Pipeline & Dynamic Applications (Containerized Environments) On-Prem, Lift & Shift & COTS Applications IoT/OT & Windows Services (Embedded Usages) STAGE 1 STAGE 2 STAGE 3 STAGE 4 STAGE 5 GOAL A Blueprint for Securing All Application Secrets Everywhere CyberArk Blueprint
  • 41. 41 Quick Wins with Secrets Management Identity Security Platform Automation Identity Security services scripts, like an admin’s onboarding script for PAM or Secrets Manager, are high-risk, low volume and effort scenarios. Breach of these scripts can result in an entire Identity control plane takeover (re. Uber breach). Security Tools Security tools such as vulnerability scanners and discovery engines are low- effort, high-reward opportunities. These non-human identities have privileges to control your entire environment. Easy, OOTB integrations to mitigate risk. Automation Tools Automation tools such as Ansible and Terraform are often used to provision IT infrastructure and other privileged access-related tasks. The secrets used in these tools are highly privileged and have large scopes of influence. Generally low volume of accounts to secure.
  • 42. Accelerate and Secure RPA Deployments with CyberArk and UiPath
  • 43. 43 43 Copyright © 2021 CyberArk Software Ltd. All rights reserved.
  • 44. 44 Traditional IT Secrets Management - Solutions 44 • DevOps • Cloud Native Vaults
  • 45. 45 Other Secrets Use cases Enterprise-Spanning Service delivered by IT Security IaaS On-Prem Infrastructure and Apps (*NIX, Windows, zOS) DevOps Tools PaaS Security Solutions IT Mgt Software App Servers and Custom Apps RPA CyberArk
  • 46. 46 Why? UiPath has an internal secrets store already • So does every other application • “Islands of Security” Centralized Secrets Management • Single source of truth for both Apps and Humans • Single audit trail • Centralized Access Control by Security Team Automatic Credential Rotation 46 APPS CI/CD CLOUD HUMANS RPA Copyright © 2021 CyberArk Software Ltd. All rights reserved.
  • 47. 47 What? Windows Domain Windows Local *nix Passwords *nix SSH Keys AWS IAM Passwords AWS IAM Access Keys Azure Access Keys 47 • MS SQL • PostgreSQL • MySQL • Oracle DB • VMWare • SAP • And hundreds more… https://marketplace.cyberark.com
  • 49. 49 49 UiPath CyberArk Integration (on-prem) Robot 1 Robot 2 Robot 3 Robot 4 Central Cred Provider 1858 Copyright © 2021 CyberArk Software Ltd. All rights reserved. Customer Environment Orchestrator 443/HTTPS Vault Secret Need Secret!
  • 50. 50 Privilege d Cloud CyberArk SaaS UiPath SaaS Orchestrato r 50 UiPath CyberArk Integration (SaaS) Robot 1 Robot 2 Robot 3 Robot 4 Central Cred Provider Copyright © 2021 CyberArk Software Ltd. All rights reserved. 443/HTTPS Customer Environment UiPath Cred Proxy 443/HTTPS 1858 Secret Need Secret!
  • 51. 51 But wait, there’s more! 51 https://marketplace.cyberark.com/ • Secure UiPath Admin Creds • Rotate UiPath Admin Creds • Record Usage of UiPath Admin Creds Copyright © 2021 CyberArk Software Ltd. All rights reserved.
  • 52. 52 Dual Accounts 52 - Green-Blue Password Rotation Password B Vault Conjur Agent Central Password A is being served via API Password B is being rotated All applications receive Password A Application Application Application Password B finishes rotation Password A is no longer being served Password B is now served via API Password A is not rotated for X time Password B continues to be served Password B is being served via API Password A is rotated after grace period All applications receive Password B Password A Password A Password A Password A Password A Password A Password A Password A Password B Password B Password B Password B Password A
  • 56. 56 Technology Has Changed. Attack Paths Have Not. Hybrid Cloud Internal threats External threats Move laterally. Perform Reconnaissance. Exfiltrate data. Disrupt business. Escalate Privileges Escalate privileges
  • 57. 57 Unpacking the Uber Breach https://www.cyberark.com/resources/blog/unpacking-the-uber-breach Intranet scanned PowerShell scripts on Network Drive
  • 58. 58 © 2023 CyberArk Software Ltd. All rights reserved Principles of Identity Security Powerful Access Does not begin or end with a traditionally privileged user Intelligent Privilege Controls Must be applied to all identities, infrastructure and applications Identity Security Begins The moment a human or workload begins interacting with your network/resources. Automation and Adaptive Capabilities Are required to support the scale and transformation of environments as well as to protect against evolving threats. These Controls Must be empathetic to the end user and correlated to the level of risk 1 2 3 4 5
  • 59. 59 The Delivery Paradox: Challenges of Controls 59
  • 60. 60 60 Assume Breach (and Trampled-on Grass)
  • 61. 61 Resources Environments Applications & Services Hybrid & Multi-Cloud Infrastructure & Endpoints Data OT Data Centers SaaS Identities Admins Workforce DevOps Third Parties Workloads Devices Customers Identity Security Platform Workforce & Customer Access Endpoint Privilege Security Privileged Access Management Secrets Management Cloud Security Identity Management Identity Security Intelligence Seamless & Secure Access for All Identities Intelligent Privilege Controls Flexible Identity Automation & Orchestration Shared Services Single Admin Portal Workflows Unified Audit Authentication & Authorization SaaS Hybrid Self-Hosted
  • 62. 62 © 2023 CyberArk Software Ltd. All rights reserved Next: • CyberArk Innovation
  • 63. 63 CENTRALIZED MANAGEMENT Provide single console to store and manage credentials, define security policies and control access SECURE ACCESS Protect access to credentials stored in the Self-hosted Vault or in the Identity Cloud with SSO and MFA PASSWORD SHARING Enable secure password sharing without involving IT while ensuring compliance and access governance VISIBILTIY AND CONTROL Track access activity, control password complexity, and revoke access to credentials when no longer needed. Securely store, access and share username and password-based credentials for business applications Workforce Password Management
  • 64. 64 Different environments require different methods Provide 100% native controls and experience for CSP services IN the cloud. Users: Just-In-Time and Zero Standing Privilege or Zero Standing Access Provide secure access for workloads ON the cloud. Users: Just-In-Time and Zero Standing Privilege Access Secure access for traditional workloads running in the VM. Leverage traditional PAM for System Accounts with full session isolation and monitoring Secure high-risk access to third party SaaS apps. Session monitoring and recording
  • 65. 65 65 Just-in-Time, Least Privilege Access to Cloud Consoles Access to cloud consoles is elevated Just-in-Time, for limited session durations. Just in Time Elevation Full integration with CyberArk Identity. Support for additional IDPs. SSO + MFA and native experience Access is provisioned only with necessary permissions. Least Privilege Access Web sessions protected from hijacking. All activity recorded. Session Protection + Monitoring Secure Cloud Access
  • 66. 66 ACCESS CONTROL Provision granular access to applications and provide advanced authorizations to access app data GATHER AND TRANSFORM ANY DATA Use structured or unstructured data in ANY app(s) with 3000+ connectors and built-in logic NO-CODE INTEGRATION Integrate and automate any combination of apps with any identity Speaking of Automation: Identity Flows CONFIGURABLE WORKFLOWS Easily create complex workflows to get any data into any app or take actions based on specific triggers Key Features Quickly reduce complexity and eliminate manual tasks with flexible workflows
  • 67. 67 Introducing CyberArk Secure Browser Extend Identity Security controls to web browsing on managed and unmanaged devices
  • 68. 68 © 2023 CyberArk Software Ltd. All rights reserved Next: • Final Thoughts
  • 69. 69 Identity security controls + processes Foundational PAM secures the highest-risk identities with: • Credential vaulting and rotation • Privileged session isolation and monitoring (including for vendors!) • Threat detection and prevention Modern SaaS PAM accelerates : • Operational access • Just-in-time and least privilege access • Correlated threat detection and prevention To secure privileged access, orgs also need: • Identity automation and orchestration • Lifecycle management • Continuous compliance and certification More Than Vault Traditional privileged accounts Cloud and ephemeral privileged access