[Owasp-singapore] Checking on Cyber-Ark Solutions

Donald Ong donald.ong at gmail.com
Thu Dec 9 21:42:49 EST 2010


Hi Daniel, Andrew,

Thanks for the quick reply.

The reviews given so far is not very smooth sail during the implementation.
If the decision is to adopt this solution, proper planning has to be put in
place in case things went wrong.

Overall, do you guys think is it worth the trouble to implementing such
solution?

In the meantime, I will go ahead and read through the white papers first on
the solution and implementation process.

@Onn-Chee, are you using the services from BeyondTrust?


Regards,
Donald

On Fri, Dec 10, 2010 at 9:20 AM, <Daniel.Tong at asia.ing.com> wrote:

>  Hi Andrew
>
>
>
> I gather you were replying to Donald right ?
>
>
>
> Donald
>
>
>
> You can find the Cyber-ark white papers here:
> http://www.cyber-ark.com/constants/white-papers.asp
>
>
>
> Depending on the platforms that you intend to the deploy it there have been
> times during the deployment – the passwords went out of sync (wintel/unix),
> which was a bit of a nightmare for us, performance is not very satisfactory
> – its slow for our administrators  to raise request.
>
>
>
> Our intended/current deployment apart from the standard privilege IDs from
> our Wintel/Unix environment and also for any passwords (it could be
> application privilege IDs, macros for critical spreadsheets, etc) that are
> currently under ‘dual’ control (typically that means for us a split password
> in an envelope)- we’d probably create separate vaults for these.
>
>
>
> Cheers
>
> Daniel
>
>
>
> *From:* Andrew Chong [mailto:andrewjw at singnet.com.sg]
> *Sent:* Friday, December 10, 2010 3:06 AM
> *To:* Tong, Daniel
>
> *Cc:* security-77 at meetup.com; owasp-singapore at lists.owasp.org
> *Subject:* Re: [Owasp-singapore] Checking on Cyber-Ark Solutions
>
>
>
> Hi Daniel,
>
>
>
> We are using Cyber-Ark for privilege accounts management.
>
>
>
> A quick overview of what cyber-ark can do is:
>
>
>
> 1. Privilege account managements - Main function
>
> 2. Secure document vault for document access and sharing
>
> 3. APIs for applications and scripts to call for password retrieval.
> (remove hardcoding, properties file, ini file, etc risk).
>
> 4. Linux super user privilege access management, logging and auditing (a
> more powerful SUDO without the need for sudoers file)
>
> 5. Allows monitoring and video recording playback for activities
>
>
>
>
>
> You will certainly require professional service to understand and to
> streamline the cyber-ark process into your working environment.
>
>
>
> Regards,
>
> Andrew Chong
>
>  ----- Original Message -----
>
> *From:* Donald Ong <donald.ong at gmail.com>
>
> *To:* Daniel.Tong at asia.ing.com
>
> *Cc:* security-77 at meetup.com ; owasp-singapore at lists.owasp.org
>
> *Sent:* Thursday, December 09, 2010 10:55 AM
>
> *Subject:* Re: [Owasp-singapore] Checking on Cyber-Ark Solutions
>
>
>
> Hi Daniel,
>
> Thanks for the quick reply.
>
> I heard the implementation are complicated. Is it true?
>
> Do you have any whitepaper that explains how the cyberark solution works?
>
> Regards,
> Donald
>
> Sent from Nexus One
>
> On Dec 9, 2010 10:49 AM, <Daniel.Tong at asia.ing.com> wrote:
> > Donald
> >
> > We are using deploying it.
> > Depending on your environment, it is sometimes not so straight forward
> and dependent on your intended use.
> >
> > Regards
> > Daniel
> >
> > ________________________________
> > From: owasp-singapore-bounces at lists.owasp.org <
> owasp-singapore-bounces at lists.owasp.org>
> > To: SIG - OWASP Singapore @MailingList <security-77 at meetup.com>; SIG -
> OWASP Singapore @MailingList <owasp-singapore at lists.owasp.org>
> > Sent: Thu Dec 09 10:15:11 2010
> > Subject: [Owasp-singapore] Checking on Cyber-Ark Solutions
> >
> > Hi,
> >
> > Anyone heard of this company called Cyber-Ark before? Any good review on
> it?
> >
> > http://www.cyber-ark.com
> >
> > It provides a very good way of 2FA. Seems the SG bank is using it.
> >
> >
> > Regards,
> > Donald
> >
> >
> -----------------------------------------------------------------------------
>
> > The information in this Internet email is confidential and may be legally
> > privileged. It is intended solely for the addressee. Access to this
> Internet
> > email by anyone else is unauthorised.
> >
> > If you are not the intended recipient, any disclosure, copying,
> distribution
> > or any action taken or omitted to be taken in reliance on it, is
> prohibited
> > and may be unlawful. When addressed to our clients any opinions or advice
> > contained in this Internet email are subject to the terms and conditions
> > expressed in any applicable governing ING's terms of business or
> > client engagement letter.
> >
> > Visit us at www.ing.com
> >
> -----------------------------------------------------------------------------
>  ------------------------------
>
> _______________________________________________
> Owasp-singapore mailing list
> Owasp-singapore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>
>
> _______________________________________________
> Owasp-singapore mailing list
> Owasp-singapore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-singapore
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20101210/547998c3/attachment.html 


More information about the Owasp-singapore mailing list