[Owasp-singapore] Checking on Cyber-Ark Solutions

Daniel.Tong at Asia.ING.com Daniel.Tong at Asia.ING.com
Thu Dec 9 20:20:10 EST 2010

Hi Andrew

I gather you were replying to Donald right ?


You can find the Cyber-ark white papers here: http://www.cyber-ark.com/constants/white-papers.asp

Depending on the platforms that you intend to the deploy it there have been times during the deployment – the passwords went out of sync (wintel/unix), which was a bit of a nightmare for us, performance is not very satisfactory – its slow for our administrators  to raise request.

Our intended/current deployment apart from the standard privilege IDs from our Wintel/Unix environment and also for any passwords (it could be application privilege IDs, macros for critical spreadsheets, etc) that are currently under ‘dual’ control (typically that means for us a split password in an envelope)- we’d probably create separate vaults for these.


From: Andrew Chong [mailto:andrewjw at singnet.com.sg]
Sent: Friday, December 10, 2010 3:06 AM
To: Tong, Daniel
Cc: security-77 at meetup.com; owasp-singapore at lists.owasp.org
Subject: Re: [Owasp-singapore] Checking on Cyber-Ark Solutions

Hi Daniel,

We are using Cyber-Ark for privilege accounts management.

A quick overview of what cyber-ark can do is:

1. Privilege account managements - Main function
2. Secure document vault for document access and sharing
3. APIs for applications and scripts to call for password retrieval. (remove hardcoding, properties file, ini file, etc risk).
4. Linux super user privilege access management, logging and auditing (a more powerful SUDO without the need for sudoers file)
5. Allows monitoring and video recording playback for activities

You will certainly require professional service to understand and to streamline the cyber-ark process into your working environment.

Andrew Chong
----- Original Message -----
From: Donald Ong<mailto:donald.ong at gmail.com>
To: Daniel.Tong at asia.ing.com<mailto:Daniel.Tong at asia.ing.com>
Cc: security-77 at meetup.com<mailto:security-77 at meetup.com> ; owasp-singapore at lists.owasp.org<mailto:owasp-singapore at lists.owasp.org>
Sent: Thursday, December 09, 2010 10:55 AM
Subject: Re: [Owasp-singapore] Checking on Cyber-Ark Solutions

Hi Daniel,

Thanks for the quick reply.

I heard the implementation are complicated. Is it true?

Do you have any whitepaper that explains how the cyberark solution works?


Sent from Nexus One
On Dec 9, 2010 10:49 AM, <Daniel.Tong at asia.ing.com<mailto:Daniel.Tong at asia.ing.com>> wrote:
> Donald
> We are using deploying it.
> Depending on your environment, it is sometimes not so straight forward and dependent on your intended use.
> Regards
> Daniel
> ________________________________
> From: owasp-singapore-bounces at lists.owasp.org<mailto:owasp-singapore-bounces at lists.owasp.org> <owasp-singapore-bounces at lists.owasp.org<mailto:owasp-singapore-bounces at lists.owasp.org>>
> To: SIG - OWASP Singapore @MailingList <security-77 at meetup.com<mailto:security-77 at meetup.com>>; SIG - OWASP Singapore @MailingList <owasp-singapore at lists.owasp.org<mailto:owasp-singapore at lists.owasp.org>>
> Sent: Thu Dec 09 10:15:11 2010
> Subject: [Owasp-singapore] Checking on Cyber-Ark Solutions
> Hi,
> Anyone heard of this company called Cyber-Ark before? Any good review on it?
> http://www.cyber-ark.com
> It provides a very good way of 2FA. Seems the SG bank is using it.
> Regards,
> Donald
> -----------------------------------------------------------------------------
> The information in this Internet email is confidential and may be legally
> privileged. It is intended solely for the addressee. Access to this Internet
> email by anyone else is unauthorised.
> If you are not the intended recipient, any disclosure, copying, distribution
> or any action taken or omitted to be taken in reliance on it, is prohibited
> and may be unlawful. When addressed to our clients any opinions or advice
> contained in this Internet email are subject to the terms and conditions
> expressed in any applicable governing ING's terms of business or
> client engagement letter.
> Visit us at www.ing.com<http://www.ing.com>
> -----------------------------------------------------------------------------
Owasp-singapore mailing list
Owasp-singapore at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20101210/7c48dea4/attachment-0001.html 

More information about the Owasp-singapore mailing list