CyberArk Software Ltd.
Automatic least-privilege access and control for target resources

Abstract:

The disclosed embodiments include systems and methods for implementing least-privilege access to, control of, and/or code execution on target network resources. Operations may include identifying a prompt associated with a least-privilege requesting identity to initiate a remote session on a target network resource; executing, in response to the prompt, a first agent; retrieving, from a secure storage location, a second agent; initiating, by the first agent, execution of the second agent on the target network resource, wherein the second agent executes using a least-privilege credential or using least-privilege permissions associated with the least-privilege requesting identity; and instructing the second agent to perform an action remotely on the target network resource through the remote session using the least-privilege credential or using the least-privilege permissions.