[Owasp-singapore] Checking on Cyber-Ark Solutions

Andrew Chong andrewjw at singnet.com.sg
Thu Dec 9 14:06:15 EST 2010

Hi Daniel,

We are using Cyber-Ark for privilege accounts management.

A quick overview of what cyber-ark can do is:

1. Privilege account managements - Main function
2. Secure document vault for document access and sharing
3. APIs for applications and scripts to call for password retrieval. (remove hardcoding, properties file, ini file, etc risk).
4. Linux super user privilege access management, logging and auditing (a more powerful SUDO without the need for sudoers file)
5. Allows monitoring and video recording playback for activities

You will certainly require professional service to understand and to streamline the cyber-ark process into your working environment.

Andrew Chong
  ----- Original Message ----- 
  From: Donald Ong 
  To: Daniel.Tong at asia.ing.com 
  Cc: security-77 at meetup.com ; owasp-singapore at lists.owasp.org 
  Sent: Thursday, December 09, 2010 10:55 AM
  Subject: Re: [Owasp-singapore] Checking on Cyber-Ark Solutions

  Hi Daniel,

  Thanks for the quick reply.

  I heard the implementation are complicated. Is it true?

  Do you have any whitepaper that explains how the cyberark solution works?


  Sent from Nexus One

  On Dec 9, 2010 10:49 AM, <Daniel.Tong at asia.ing.com> wrote:
  > Donald
  > We are using deploying it.
  > Depending on your environment, it is sometimes not so straight forward and dependent on your intended use.
  > Regards
  > Daniel
  > ________________________________
  > From: owasp-singapore-bounces at lists.owasp.org <owasp-singapore-bounces at lists.owasp.org>
  > To: SIG - OWASP Singapore @MailingList <security-77 at meetup.com>; SIG - OWASP Singapore @MailingList <owasp-singapore at lists.owasp.org>
  > Sent: Thu Dec 09 10:15:11 2010
  > Subject: [Owasp-singapore] Checking on Cyber-Ark Solutions
  > Hi,
  > Anyone heard of this company called Cyber-Ark before? Any good review on it?
  > http://www.cyber-ark.com
  > It provides a very good way of 2FA. Seems the SG bank is using it.
  > Regards,
  > Donald
  > ----------------------------------------------------------------------------- 
  > The information in this Internet email is confidential and may be legally
  > privileged. It is intended solely for the addressee. Access to this Internet
  > email by anyone else is unauthorised. 
  > If you are not the intended recipient, any disclosure, copying, distribution
  > or any action taken or omitted to be taken in reliance on it, is prohibited
  > and may be unlawful. When addressed to our clients any opinions or advice
  > contained in this Internet email are subject to the terms and conditions
  > expressed in any applicable governing ING's terms of business or
  > client engagement letter.
  > Visit us at www.ing.com
  > -----------------------------------------------------------------------------


  Owasp-singapore mailing list
  Owasp-singapore at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20101210/9f4fd30a/attachment.html 

More information about the Owasp-singapore mailing list