Hello, good afternoon and welcome or good evening or good morning, depending on where you're listening from today. Welcome to this latest webinar from KuppingerCole today is supported by cyber rock, and we'll be talking about the future of privileged access management and reducing risks from modern digital enterprises. My name is Paul Fisher. I'm a senior Analyst at KuppingerCole and I'm joined today. Very happy to be joined by Adam Bosnian.
Who's the executive vice president of cyber a
Just before we get into the actual webinar, just a little bit of information about some of the content and events that we've got lined up at obviously like many others. These are virtual events at the moment, but they are online and they're free. So we have privilege access management for your enterprise coming up on July 7th, then customer identity and marketing automation a week or so later in July 16th. And then finally the future of digital identity self-sovereign identity and Verifi credentials.
And that's taking place on August the sixth, 2020. So there's a couple of dates for your, as I said, they're all free and online.
Also, this will be mentioned later on as well, but we did a leadership compass recently, or I did it in which Cybera are featured. This is our biggest ever leadership compass of privilege access management. And we can, at the moment, if you're interested, have a look at it on our own site, under KC plus, and there's a free 30 day trial where you can see not only this report, but all of our recent reports on identity and access management and other parts of cybersecurity and it's well worth reading. And I'm not saying that just because I wrote it, but, but it is.
So that's a little reminder there for you, and I'm sure that we'll mention it as well. So a bit of housekeeping quickly, you, as a listener are muted centrally. So don't worry about muting or unmuting yourself, the podcast, sorry, the webinar will be available shortly after the live event. So all registrants will get a copy of that. And there will be an opportunity to ask Q and as, or rather to ask questions and at the end of the webinar, and you can do that by entering questions in the go to webinar control panel, which you should see on your right.
So with that, just a quick look at what we'll be talking about today. I will start off with a look at some of the trends and drivers in privilege, access management and how those are aligning or need to align with modern business demands. Then I'll hand over to Adam and he will look at the evolving use cases for Pam and some of fiber innovative approach to help their customers digitally transform. And as I said, after that, we have the Q and a session, which is your chance to ask us your questions.
So let's kick off with what we consider a privileged account and how it's changing and what type of account should be managed by a privileged access management solution.
You may or may not know that traditionally privilege accounts were handed out to sort of admins and perhaps other people senior in a business that needed access to privilege accounts quite often, as well as just admins who were allowed to access, for example, other people's data or applications so that they could do maintenance, et cetera.
But let's just go through some of the, the wider terms that is now affecting how privileged account is changing. You have individual versus shared accounts, should individual accounts be in scope if performing a privileged task quite often in modern organizations, actually, it's more common to have shared accounts simply because so many users will want access to privilege accounts and setting up individual accounts for every single user is time consuming and costly.
Having said that the, the shared accounts perhaps one day and Adam I'm sure has got a view on this shared accounts is something that perhaps one day we won't need anymore.
But in the meantime, the best Pam solutions are able to monitor and control shared accounts so that they're less risk to the business. So I mentioned just at the start there with it versus business, is it just about admin accounts about the admins and operator?
Well, no, it's now also about highly privileged business accounts. And as we'll say in a later slide, the number of users is increasing because it's not just business users, but people in application environments, DevOps, those sort of people are also now increasingly using privilege accounts. So is it on a server or is it on an end point?
The answer to that is both really it's, it's no longer just restricted to what you might have called the basic infrastructure of an organization, but privileged accounts are not only extended throughout the enterprise.
They're extended outside of the enterprise. And also people are seeking access to those privileged accounts from remote devices and mobile devices. And we mentioned right there, Twitter accounts, Twitter accounts, or social media, a great example of how privilege accounts or the definition is, is, is really changing to put that into sort of real world terms. You can imagine where a priv, a Twitter account or a social media fees, such as Instagram access, the official sort of social media account of the organization.
And if every or too many people or two or the wrong people have access to that, then road tweets can go out rogue, social media posts can go out, which can actually do quite a bit of damage to the organization. So that's something, you know, a real well example of how a privileged account, isn't something that's huge, only hugely technical and only something that administrators do. So the definition is really, really changing and we have traditional versus agile.
DevOps is something that you, everybody is talking about and everybody's talking about it because it's something that is very useful and valuable to organizations. So the key is used in DevOps and right along the CI and CD chain, they should be managed within privileged account management as well.
Internal versus external already kind of mentioned that, but increasingly it's not just what you might call traditional employees, but also partners those people in the supply chain, even customers.
Now, in some instances of a, of a organization are how possibly getting access to privilege accounts in the end. Then you take all that and it's all about risk. Like anything in business security it's really comes down to risk management and what you prepared to risk and what you know, that you must protect, et cetera. When you are thinking about PR then risk must always be reflected in the policies.
So let's just have a quick look. What kind of things that, that privilege accounts seek to protect within a modern organization.
And I, I, I've just listed a few here, but you, I mean, modern organizations are so complex now are so joined up. So globalized, you know, this talk at the moment that the COVID 19 crisis has perhaps seen a, a for stalling in the amount of globalization, but I don't think that those things are gonna change overnight, but even if we, even if we ignore that for a second, just think of the things that the average business has that needs to protect and privilege accounts are like the two have access to some of the following.
So intellectual property, the kind of stuff that we all know that state actors are trying to steal from companies and organizations around the world. And the reason for that is because they contain blueprints, formula patents and corporate strategies.
That stuff is hugely valuable and hugely risky. If it falls into the wrong hands and people that need access, that should indeed be considered privilege and they should indeed be protected, or at least to the access, which should be protected by privilege access management.
Then of course, there's confidential business, data, mergers and acquisitions, financial data, customer data, customer data. If you lose that, you're not only in danger of losing your customers, but you're also in danger of big, big fines under GDPR.
And increasingly in the United States, we have the burgeoning state by state data protection laws, which have sort of kicked off in California, like many of these things do, but I know that a number of states are following students soon, United States will be covered by a very similar set of, of governor's laws to GDPR there, of course, is board communications, HR information, legal and auditing information. And then there is third party data people it's not just what's happening within the organization. New organizations these days are siloed and work totally in a island.
There are vendors and supply chains that help them. And then of course, customer data is, is flowing through that as well. And recently in a world of APIs, microservices, where the infrastructure of an organization is broken down into hundreds and thousands of microservices, and those things operate in the cloud. The risk is that there is an easy way in, at some point into privileged data.
So just here to, and Adam will probably talk a bit more about this as well, but what I call the new business and security landscape of Pam, what Pam is now working sort of not against, but in tandem with and how it needs to protect. So we, the things it needs to protect in business technology, I just mentioned cloud, but also virtualization hybrid architecture.
And another thing that is making businesses more agile and more responsive, but at the same time, presenting new challenges to organizations to make sure they protect that architecture and protect the data that is being moved in and out of a hybrid architecture DevOps we've already talking about. And containerization is also related strongly to that. We see automation, which again, is proving to be a great help to organizations that want to be more agile and run faster and be more competitive.
The thing about automation is that most of that is will by, by the name it is, is automating applications, etcetera, and applications need access to other applications. And again, that is often called, we will need privilege access, artificial intelligence and machine learning. Also related to that.
And of course the internet of things amongst business processes, we have mobile working GDPR, which I've already mentioned, customer access, vendor access, agile development, collaborative working, and the list sort of goes on there, but business processes are changing and they're changing all the time. And these, you know, customer access one time was not something that was really taken too seriously within the bus in businesses.
But now for, especially those that deal directly with the public take customer access very seriously, then Pam needs to integrate with other existing security integrations, such as security incident and event management. We need to integrate it with analytics, with multi-factor access, sorry, authorization, single Stein and customer identity and access management and identity access management.
All of those things are properly already in existence in many organizations and Pam, whilst it can work purely as a tool to, as it does protect privileged accounts, it's even better when it integrates securely and really well with existing security products that are listed there.
The same goes for security processes. Pam must also be integrated with instant response security management, forensics teams, auditing reporting, and of course, risk management.
If, if Pam is, as I said, siloed, it'll do an effective job of what it should be doing, which is protecting those privileged accounts. But if it is integrated as part of a security policy, that's a security architecture, it's gonna do an even better job. So that's the sort landscape for Pam as I see it right now,
It just probably most people will know about this. But enterprises at the moment are under a certain amount of stress, mostly due to the recent pandemic, which is, has meant that working methods have changed radically in the last three to four months.
And you know, this is mostly born out in remote working. So these threats are bad enough when enterprises are not under stress, but the cyber attacks, internal areas compliance fairly and system failure and targeting our employers most significantly have all increased in recent months. Those are all, any of those will damage the enterprise, but when privilege accounts are targeted at the same time, the damage is potentially even worse. So it just cyber attacks, internal areas and failures of systems and compliance or all things that Pam can go some way towards preventing happening.
So a little bit more detail now of how pan is working with infrastructure and how digital transformation is increasing the access load onto sorry, the, the load onto privilege access. So
If we look at the different types of, so I say deployments, so we have on premises, infrastructure, service platforms and software service. So we can see that when this is on premises, then we have a number of traditional prime requirements, applications, databases, the guest operating system, hypervisor host operating system, cloud platform and network.
But as we, as we start looking towards how the infrastructures change into the more modern and more agile. So we have infrastructure as a service platforms and software as a service, I'm sorry, I slightly MIS at the start of that slide, then Pam Pam's load changes and potentially becomes greater and more of a challenge. So suddenly you have infrastructure as a service. Suddenly Pam has to deal with OT. If you move into platforms, then it becomes, the pitcher becomes even more complicated.
So suddenly Pam has to do with microservices, containers, container platforms, DevOps, and service desk tools.
And you can also add to that actually the growing trend towards digital workplace, where people are accessing their tools and applications from a sort of single pane of glass solution. And within that, you are likely to need at some point access to privilege accounts for end users, and then finally software as a service on top of the all creating load that we've already mentioned, then you can add in vendors, the workflow and consumers into the load.
So you can see that Pam far from being a kind of it's traditionally felt as I keep saying, as a kind of siloed and niche tool is actually becoming a fundamental cross enterprise tool that really, really can impact on the security of the whole business, the wider enterprise. And that includes the, the wider networking and right out to the endpoints, which to, to give a good example to the guy, sitting with a laptop on his dining table, with his family right now, trying to access perhaps spreadsheet somewhere. So that's the infrastructure and how it's changing.
The, if the demands are changing, then Pam is changing. And it's great to see. And what we saw in the Pam leadership compass was how well vendors are responding to these new demands that the ways of working are, are putting on Pam, but also customers. So we've had for a long time, what we kind of call basic patent functionality with the fun, with the various capabilities that are listed in the first column there. So you shared account password management.
As I, I mentioned right at the top, there is hugely important. All Pam should have a vault to store passwords and secrets that should be multifactor access account detection. And I won't, you can read the rest there, but the great thing is that nearly all Pam solutions will now offer at least most of those basic tools.
And they might even add on, for example, shortlived certificates and DevOps integration to the basic.
But we, we are seeing now that Pam is developing for particular parts of the operations. So for, for devs and within DevOps, suddenly you might be offered application to application access. And you'll probably almost definitely get shortlist certificates and DevOps integration. These are just examples.
Actually, this is, you know, a kind of abstract of, of the market. But if you delve into the report, you'll see that some vendors provide a lot more than others. And then finally integrated cloud pan. So Pam is being run in the cloud and it may be run all the cloud. And within that, then you are maybe supported some of the, sorry, excuse me, MFA for admins account life cycles, and a couple of the DevOps tools. The point about that is that at the moment, Pam, as a service is, is, is emerging and tends tune.
Although not ne not, not necessarily for all, but Pam is a service it's quite often useful to smaller businesses that wish to have Pam run for them because they don't have the resources in house. So that is, I believe the end of my section. So just some quick key takeaways, Pam is definitely no longer a siloed tool, but one that must support the whole organization and increasingly is doing so business focus, privilege accounts are multiplying everywhere and they can't be ignored. So Pam should accommodate workers.
You know, these are kind of what you might call the real people in own organizations, temp workers, contractors, partner, organizations, developers, vendors, and customers. They're not, it's not all about the tech people and Pam a solution must be capable of accommodating new access demands as they arise as traditional digital transformation increases. But as Pam meets these demands, the greater lower, perhaps perhaps the, the greater or low bearing of these tasks will be automated in future as well.
So with that, I we'll just go back to the agenda again and let you know that Adam Bosnian will be speaking next. And don't forget that we have questions and answers off to Adam. So I'll hand over to Adam.
Thank you very much.
Paul Adam, Bosie, I'm the executive vice president for cyber arc software, really glad to be with the team on the call and really glad to be with Paul talking about my favorite subject privilege, access management, you know, businesses have begun undergoing a radical transformation.
I think we all know that, you know, the way we conduct business, the way we interact with our peers, our partners, even our customers, even how we develop ops and deliver services, the new world is faster, more agile, and it has no boundaries, especially in the new work environment that we've all been dealing with over the last several months. But with these new investments and new technologies mentioned propel business and new dimensions, we're also introducing new risk as organizations invest in new technologies to transform their business.
The privilege related surface to Paul was speaking about is expanding dramatically.
Why? Because fundamentally privilege accounts are everywhere. They're in every piece of hardware and software. They exist across the entire it stack, including databases, applications, endpoints, and the network and privilege user. When we look at what they really are, is any user that has the capability to change, alter or impact the operational service of a business process.
So in any organization, this includes not only the system administrators, but also extends to users that you may not consider traditionally as quote unquote privilege, such as line of business users that manage function, specific applications like an HR application or a finance application privilege access also extends to non-human or machine users such as applications using service accounts to connect to other systems and applications or software robots as part of a robotic process automation workflow that many companies are implementing across their organization.
Things like the move to the cloud and DevOps and the increase of use the increased use of automation in general, all dramatically expand the attack surface as the number of users and the number of types of users explodes.
Each step forward creates new doors that need to be locked. So when we take a step back, it can seem like this is an insurmountable challenge. How do we do this without boiling the ocean? And more importantly, how do we do this without slowing things down? We cannot slow down the speed of our digital transformation. We cannot slow down the speed of the business.
When you proactively secure ma secure privilege accounts on both user and system access levels, you remove the ability of the external attackers and malicious insiders, leveraging compromise credentials to bypass your monitoring solutions and security controls.
The trends that are impacting the security landscape and thus organizations need for increased and more effective security are many. We have the continued innovation from the attacker side of the equation, as well as an expansion and the number type and sophistication of the attackers.
What was once activists and people try to build a reputation. Now, the age of organized crime and nation state attackers is fully in place and expected to increase in the future. Crossed with this increase in number is their ability continuing to evolve and often remaining one step ahead of the defense and security controls in place in organizations, especially for organizations that may not be as mature or current in their defense capabilities.
And then cross that with the increased attack surfaces and entry points brought a boat from the digital transformation and cloud migration journeys that continue from most enterprises as they increasingly adopt cloud automation and agile in their environment.
As mentioned earlier, this results in an explosion of users and new types of users, such as those robots, we mentioned earlier, or the, the development pipeline, the C C D pipeline, the different solutions that are used to manage those environments, the premise and of digital transformation benefits are real, but so are the increased risks that can arise if not proactively managed and addressed. And this is all occurring while the need to manage risk across the enterprise.
Not only becomes more imperative in the face of increasing attacks, attack services and successful data breaches, but also as regulations continue to evolve and multiply across many vectors from the privacy protections that Paul mentioned to ensuring alignment with the financial requirements, to even being able to work and transact business with your local and national government.
Now security is central to all of those transformation activities out there. And they're increasingly at the center of the organization as being in that center of the organization.
They're also being asked to step up from being, just focusing on security, but really also to focus on how to enable other parts of the organization to meet their goals and have successful initiatives, and to do that, they need to find ways to cross the threshold of those other constituencies and speak in the language of the business. I think that the CSO community is doing a great job of that.
And we as vendors are also helping in that both by having function specific capabilities for the different parts of the organization and these different constituencies, but also by partnering with other vendors that speak the language of those different parts of the business. So very often we find ourselves in a conversation, let's say with the finance side of the house with an RPA vendor, talking about the robotic process initiative, that's going on along with the CSO in the room.
And so they're able to speak the business initiative while we, and the CSO are able to talk about how we can enable that initiative to meet their goals while also being secure in the environment. Similarly, you know, we partner a lot in the DevOps space in working with companies like red hat to be able to be in the conversation with the developer and speak developer to the DevOps personnel while highlighting the importance of security and how we along with the CSO can help address those security challenges within their environment.
So when we look at those different constituencies, there's a range of use cases that really are critical to be addressed. The cyber arc provides the most comprehensive privilege access management solution and the market today. And as a company, we are committed to three key themes to help ensure our customers are mitigating. The most risk associated with privilege access first is defending against sophisticated at that second secure automation and transformation and third satisfy audit and regulatory compliance.
And we look outside those three themes and look at the use cases that build around them. I'd like to highlight a few that I think are particularly relevant as we look at the privilege access management trends highlighted by Paul in the leadership compass report. So let's start in the upper left hand corner around securing cloud workloads. We all know organizations are moving to the cloud and adopting cloud at an unprecedented rate.
And as these workloads move into the cloud, they still need to be secured from making sure the right people have access and the right people have the right kinds of access without leaving it vulnerable to attackers. We also need to secure how those workloads interact with each other and secure those accesses as well. And then of course, secure the cloud environment. Cyber does that as part of our core privilege access security capabilities and securing the cloud workload, the cloud environment and how those workloads communicate.
If we tick down to the next use case securing robotic process automation, really securing automation in general has two key elements that need to be considered securing the element that is doing the automation in this case, the robot, as well as securing the console that manages that automation workflow. So a robot needs access to let's say, log into the database, get the data, transform that data, and then go put it where it needs to go.
If that credential is not secured, especially that credential being very powerful because a robot can work across multiple roles, time zones, different geographies that credential could end up becoming the victim of a man in the middle attack. And now we have an issue of having an attacker in the organization with very powerful access.
So C provides a capability through our application access management capability to securely provide the credential that that robot needs to do the work and then manage and secure that credential once it's returned at the same time, though, that console that is managing the robots essentially becomes one of the most powerful console. And excuse me, one of the most powerful landing zones for an attacker in the organization, many times people talk about consoles as the new domain controller for where the attacker wants to land. In the case of robotic process automation.
If the attacker is on that console, they now can create robot reprogram robots, even delete robots, creating chaos within the environment. So we need to protect the administrator, the power user access to that console. And cyber does that by working with over 10 different robotic process automation players, to secure both the robots access as well as the user's access to the console.
Now, many use cases today are aimed at trying to reduce the attack surface within the organization. And that's why we see a lot of just in time capabilities being rolled out to enforce least privilege at the moment that it's needed the idea being don't have any standing privileges in the environment and don't have any standing privileges with the user, give the user what they need when they need it and remove it. When they're done.
CyberArk is able to support that through a range of different just in time capabilities to meet the different workflows and approaches within the organization, to allow the user, to have the privilege at time of need and remove the privilege once that time of need has been completed.
And now we've addressed the standing privilege in the environment and the standing privilege of that user. And we've reduced the attack surface while still allowing those users to do what they need to do.
As we move counterclockwise on the right hand side in today's environment, we all know that we're working remotely and both ourselves as direct employees of an organization, but also as third party vendors to our customers. And being able to secure that remote access as users are increasingly leveraging their own devices on their own networks is really become a highly critical element of the it security environment. Today. It's one thing to enable a remote user to have access.
It's another to make sure it's done securely and cyber has invested a lot in this area, through our Allero offering, which allows an organization to have their remote users and their remote third party vendors be able to have the privilege access within their environment without the need to go through a VPN, being able to have the user leverage their own solutions with good multifactor authentication on, and then to resources within the organization, leveraging all of the policies and security that the core paths functionality that's already implemented in their environment.
And then as we talked about earlier, a lot of DevOps activity going on, and when we look at DevOps, we wanna make sure that we manage all of the secrets that need to be leveraged by the application and the different parts of the applications in the modern architectures, but also managing the credentials that are used by all of the tools that have grown up around and within the DevOps environment to manage the development delivery and maintenance of the applications that DevOps pipeline.
So managing the secrets to the different parts of the application, managing the access to that environment and managing all of the credentials needed for the solutions supporting that DevOps environment is a core part of our functionality of both our DAP offering our DAP offering as well, offering
Help surface, and enable our customers to focus on their business. Cyber provides a critical layer of security to proactively protect these privilege accounts against advanced cyber attacks.
And that pro that critical layer is privileged security and proactively putting these controls in place helps to protect your organization and also help you to react. If there are any challenges in the environment, or as you have new users that need new access within that environment, helping your organization become not only much more secure, but also much more agile.
And that's why market leaders around the world and across a range of industries, trust cyber arc to manage privilege across their enterprise, whether we're talking from the manufacturing world where over 20 of the top vendors leverage cyber arc or the financial world where you see almost all of the top banks in the world, leveraging cyber arc or in the energy in the oil and gas space, where again, 21 of the top leveraging cyber arc cyber arc really is chosen by the top enterprises within their environments to solve the most critical risk vector in their environment. The privilege challenge.
Now we continue to invest in innovation across our platform and across the cyber privilege access security solution. And by doing that, we now are able to deliver the most comprehensive offerings for modern infrastructure that enable business reduce risk and approves improve operational efficiency. We do that. We've done that by continuing to deepen our advanced DevOps capabilities and integrations. And we remain the only privileged access management vendor to provide comprehensive just in time offerings, across cloud and hybrid environments.
And on every endpoint, we do that by cyber a providing the industry's most complete portfolio of SAS offering for privilege access management, including the cyber Aero solution. I mentioned earlier for remote access, the cyber privilege cloud for that core privilege access security capabilities delivered from the cloud and from cyber A's endpoint privilege manager to manage privilege and access on the endpoint.
And most recently with our acquisition of adaptive, to be able to provide MFA multifactor authentication and single sign on from a, a cloud based delivery for enterprises of all sizes as the undisputed leader in privilege access management with more than 5,400 customers globally, and more than 50% of the fortune 500, we're working with organizations around the globe to move forward with digital transformation initiatives while minimizing the privilege security risk that can arise from that expansion of users and user types that we highlighted earlier, cyber differentiate in the market with a strong track record in the privileged access management market, having pioneered this space.
And we have a strong track record of success built on our innovative technology that we've done across the last 15 years, our deep R and D resources and a commitment to improving the security of our customers.
And we do that by not only delivering these capabilities, but also working very closely with our loyal blue chip global customer base to understand their specific scenarios, their requirements, what they're seeing out in their day to day environment and helping them come up with solutions to address them this all results in a very strong company with a very strong revenue growth and track record of sustained profitability, making us a very solid choice for enterprises to choose as their partner in the access security arena.
That is why cyber is really proud to be named the overall P access management leader for the 50 year in a row in the KuppingerCole Analyst, 2020 leadership compass privilege access management report that Paul referred to as the industry leader, CyberArk remains relentless in its commitment to deliver the products and solutions that empower organizations of all sizes to securely embrace new technologies and transform their business.
So I would encourage you to download the report, visit www cyber.com to be able to download the report or the KC website, to be able to get the report and see how cyber a is delivering this type of capability and functionality and value to their customers. Paul, I'll turn it back to you.
Thank you, Adam. That was great. Thanks for that overview there. I really appreciate that.
We do have a, I've got a couple of questions actually, and that I'd like to ask you sort be interested in your perspectives in Pam and the broader security ecosystem, which we kind of alluded to there, but do you see there's any natural synergies with security technologies that people listening today may already have in their environments?
Yeah, I think it's, it's a great question.
It's one of near and dear to my heart because it's an area that I focus on, but I also think that it's something that the industry has really truly embraced, and that is it's great to get the value from security solution one within your environment and from the cyber arc solution within your environment and that's value, you know, one and two. But when you start to bring these solutions together, not only are you able to address a wider set of use cases, you now get another set of value out of these existing assets.
So whether it's connecting cyber arc with the SIM, as you mentioned, so that now all of the user identity information, the accesses, all of that privilege information that is very often not looked at by the SIM and the detection solutions is now, pardon me, able to be brought to bear to understand not only what's going on in the environment, but who is doing what, when in the environment bringing all of that identity security information into the security solutions helps to inform those security solutions and helps them to do better threat detection.
But I think also helps them to help you as an organization more quickly recover through putting out the remediation capabilities that we see in many of the source solutions out there today. So that's one area, but I think there's many other areas that this really feeds into, whether it's into your traditional governance environment, you really wanna make sure you have a view of all the access that Adam has, but you also wanna make sure that you have a view of all of the access that everything has in your environment.
So cyber arc, managing that robot, as we talked about earlier and managing that administrator, that information flowing up to a governance solution now allows the governance solution to deliver a much wider and deeper review and verification of the true access environment within their organization, and then allow them to make decisions which says, Hey, we don't wanna have Adam have this range of access or these entitlements as a privileged user, or frankly, we don't want this robot to be able to work in this range of the organization.
And then cyber arc is able to implement that as a reactive control from the governance solution. So I think by connecting the capabilities of cyber arc with the different it and security solutions, a lot more value is unlocked. A lot greater security is delivered. And it's why we talk about security as a team game. Meaning we together with the vendors, with the customer, along with the delivery folks together work as a team against a common enemy, the bad guy.
Great, thanks. We've actually a question coming from one of the listeners, Bruce Smith, he wants to hear about a bit more, what, how you deal with replication. He says certainly full tolerance is mandatory in the Pam space. Do you include replication? Is it native?
Yeah, so I, I, I don't wanna get too deep down into the, the functionalities of the offering, but in general, absolutely replication is critical. And whether it's the standard, you know, Dr. Type of environment, or leveraging some of the cloud capabilities that exist, or even going through an active, active type of environment, you know, having that resilience in the environment certainly is critical and something that we've really been delivering from day one, we wanna make sure we secure your access, but we wanna make sure you always have your access regardless of what's happening.
And that's why we invest a great deal on that side of the solution.
Great. And I'm sure to the attendees can follow up with you with any more deeper questions or, or in, in the future. One thing that we've been talking about is right throughout this presentation, both of us talked about the emergence of the business user and the potential risks from, from a privilege access perspective. So how does cyber view this user segment that is becoming so important?
Yeah, I think it's a great question. I think it's gonna be one that continues to unfurl in the industry. And what I mean by that is I think that we, and, and cybers been part of this, we we've really been working under a construct to this point where we have, you know, fully privileged users leveraging these shared accounts that you talked about earlier and everybody else. And I think that that's really evolving more to a view that we have a range of users that have a range of privileges, some that have all of them and some don't have enough. So we don't don't don't have that much.
And so as we look at it more from that privileges management, I think that that's where the business user really fits in. And many of the just in time types of capabilities that we deliver today is very applicable to that business user or allowing business the access without them needing to use their own credentials or their own accounts through things like our privilege session management solution, et cetera.
But the idea being it's not just an it admin using a shared account, it could be, as I mentioned earlier, an HR person who is allowed to add and remove users to the HR application, that is a privileged function, that's a business user, and we need to be able to manage that as well. And we do that in our current solution. So we'll continue to do that as we expand our capability.
Fantastic. Okay.
Well, we're coming almost to, to the end of our time. So I'll just, just a few ads to finish. Don't forget, Casey plus. So I mentioned that earlier at the top where you can download not only the leadership compass on pan, but all, all of our reports, and you can also get a 30 day trial if you sign up and it's, if you like it it's 800 euros for full access for 12 months.
We also have our KC digital advisories coming up, which are video conferencing, shared documents, online collaboration, which will give you knowledge in IM cybersecurity, technology, elevations, evaluations, portfolio analysis, roadmap, definitions, and a lot more, you can find more about that at KGR slash digital advisory. Our masterclass are ongoing and we obviously have one on Pam and you can find all the details about those.
Also on the Casey website, we are increasing the amount of masterclass and webinars that we are doing to cover all areas of identity and access management and privilege. Access management already mentioned the virtual events. Don't forget those days for your diary, July the seventh, July 16th and August the sixth here is just some related research to what we've been talking about. Once again, the leadership compass there, all of these can be found on the website and again, are available on KC plus.
And with that, I'll like to say, thank you very much, especially to Adam from cyber.
Thanks very much for your time today, but also to all our attendees. It's been great having you here, and I hope to join you again soon on another webinar. Thank you.
Thank you very much.
