At the CyberArk Impact conference in Boston this week, the identity security platform company debuted new capabilities for securing human, AI, and machine identities, aimed at positioning channel partners to take advantage of the lucrative identity-security-as-a-service market.
“We believe all roads lead to identity security in cyber,” CyberArk CEO Matt Cohen (pictured above) told partners. In the ever-evolving cyberthreat landscape, he said, “one common element across all those threats, across all those attacks, is ultimately the adversaries are trying to get to identities.”
In his opening keynote, Cohen stressed that MSPs and cybersecurity professionals face a new reality of “exponential change.” And with the rapid adoption of generative AI and the move toward agentic AI, “AI is creating new identities that we need to figure out in the industry how to secure from day one.”
To keep pace, he told the more than 1,700 attendees that CyberArk is shaping its identity security strategy around three trends: “The proliferation of human privilege throughout the entire organization, the rise of machines, and AI truly everywhere within our environments and our organizations.”
He added, “The CyberArk vision is simple. We believe every identity—human, machine, and AI—needs to be secured with the right level of privilege controls. The right level is the key word there, because we cannot take the heavy-handed approach to every identity. We need to blend in the right controls for the identity that target the situation, and produce a dynamic response to applying privilege controls to all identities.”
Securing AI Agents At Scale
CyberArk announced a number of new solutions at the event, including the CyberArk Secure AI Agents Solution, which will allow organizations to implement identity-first security for agentic AI using the CyberArk Identity Security Platform. The solution will help organizations mitigate new and unique identity-centric risks as AI agents autonomously communicate with other agents, access sensitive information, escalate privileges, interact with critical infrastructure, and modify their behaviors to accomplish complex tasks.
The Secure AI Agents Solution will enable discovery of known and shadow agents across SaaS applications, off-the-shelf and custom agents, and agentic infrastructure; enforce least privileged access; detect threats in real time; and automate lifecycle management and governance.
These capabilities will be available to customers towards the end of 2025.
Securing Non-Human Identities
CyberArk also announced the availability of the Secure Workload Access Solution, which provides visibility and control over the entire machine identity lifecycle, from creation and governance to automated rotation and renewal.
In addition, CyberArk has extended its discovery and context capabilities, designed to help security teams take the first steps to modernize workload authentication by assessing, understanding, and eliminating risks tied to unprotected machine identities. These automated capabilities help teams generate an inventory of secrets, certificates, and information about their environment; understand the risk of compromise tied to each machine identity; and prioritize mitigation actions.
Enhanced AI
CyberArk also enhanced its AI assistant, CORA AI, which is built into every aspect of the platform. New features include AI-based session audits for deeper insights, policy recommendations based on activity patterns and best practices, natural language interface for configuration and setup, and troubleshooting and diagnostic support.
Eyes on the MSP Opportunity
MSP partners got a sneak peek at the road map for CyberArk’s MSP-specific offerings prior to the opening of the conference at an invite-only Partner Day at Boston’s historic Cyclorama. The offering builds on last year’s rollout of the MSP Console and will be announced next week, according to the company.
Chris Moore, senior vice president of global channels, joined CyberArk in 2020 with a mission of evolving the company from “channel friendly/channel opportunistic to really more channel programmatic, trying to drive real true growth and joint offerings with the channel, as a true multiplier,” he explained.
The SMB market lacks the resources “to truly secure identities at scale within their organizations is to outsource that to someone in a managed kind of perspective,” he said. Identity security as a service “is right in the wheelhouse of a managed service provider.”
He added, “Managed services to me are the purest play in a subscription world because not only do they care about what we care about, which is licenses, they consume licenses, but also, if the customer’s not successful, they don’t survive. So they’re hyper focused on making the customer successful, driving adoption, driving expansion. So that’s why I’m so excited about managed services. It’s the purest, cleanest SaaS subscription model that’s out there from a channel ecosystem.”
Moore noted that CyberArk’s “managed services partner space is growing way faster than our traditional partner space. And by the way, our traditional partner space is migrating into managed services as well.”
IGA Modules Now in the Platform
The Impact conference was held on the heels of CyberArk’s acquisition of Zilla Security in February, an identity governance and administration (IGA) solution provider that automates identity compliance and provisioning across digital environments.
“Modern IGA for us is a game changer,” Cohen said, “and ability to remove obstacles for all of you in how you govern, how you ensure compliance, and how you automate the provisioning and life cycle of your organization.
Cohen announced on stage that “the modules that we acquired from Zillow Security around Provision and Comply are now universally available as offerings to our customers.”
Looking Ahead
Finally, on Partner Day, founder and executive chairman Udi Mokady reflected on the company’s 25-year journey from its roots in privileged access management to an identity security platform provider and public company with $1.1B in ARR and 4,000 employees. And he assured partners CyberArk remains “hungry” for growth while staying true to its culture of “smart, bold, and humble.”
