CyberArk Software Ltd.
Discovering and evaluating privileged entities in a network environment

Abstract:

Systems and methods are provided for automatically discovering and evaluating privileged entities in a network environment. The systems and methods can include scanning the network environment to identify a plurality of network entities. This scan can include identifying network permissions corresponding to the plurality of network entities. The operations can further include performing a multi-layer evaluation of the permissions corresponding to the plurality of network entities, the multi-layer evaluation being based at least on factors of network action sensitivity and network resource sensitivity. The network action sensitivity factor can address the sensitivity of particular actions that the plurality of network entities are able to take in the network environment. The network resource sensitivity factor can address the sensitivity of particular resources in the network environment that the plurality of network entities are able to access. The system and methods can identify privileged entities using this multi-layer evaluation.