CyberArk (NASDAQ: CYBR), the global leader in identity security, today announced new discovery and context capabilities across its Machine Identity Security portfolio. The enhancements enable security teams to automatically find, understand and secure machine identities – spanning certificates, keys, secrets, workloads and more – reducing risk and simplifying compliance at scale.

Machine identities outnumber human identities by an estimated 82 to 1, driven by increased AI adoption and cloud native growth. As a result, machine identity-related security incidents are on the rise, with 72% of security leaders reporting certificate-related outages and 50% experiencing security incidents or breaches from compromised machine identities, according to CyberArk research. Manual processes can no longer keep up, and organisations need an automated discovery and context-driven approach to stay ahead.

“Implementing machine identity security programs has become increasingly complex as organisations grapple with shrinking certificate lifespans, the rise of AI agents, vault sprawl and vulnerable software supply chains. With these new discovery, context and remediation capabilities, customers gain the visibility and control they need to tame sprawl, enforce policy and secure their environments more efficiently,” said Kurt Sand, GM of Machine Identity Security at CyberArk. “This milestone, just one year after our acquisition of Venafi, marks a significant step forward in our commitment to delivering the industry’s most comprehensive, end-to-end machine identity security solution.”

CyberArk’s expanded Machine Identity Security portfolio delivers centralised visibility, automated policy enforcement and context-driven insights to help organisations monitor and secure every machine identity, anywhere, across the enterprise. Key enhancements include:

CyberArk Secrets Hub

• Discovery and Context for HashiCorp Vault¹ – Helps address critical vault sprawl challenges by providing visibility into dispersed HashiCorp Vault instances and ensuring enterprise-wide policy compliance without disrupting developer workflows.
• Risk Management and Remediation Dashboard² – Centralises observability across market-leading secrets vaults and integrates third-party scanner data to identify high-risk areas, enabling organisations to prioritise remediation and track compliance progress.

CyberArk Certificate Manager, SaaS

• CA/B Forum TLS Certificate (47-day) Dashboard¹ – Provides real-time visibility into certificate expiration timelines, renewal projections and certificate authority usage to help organisations prepare for reduced TLS certificate lifespans (from 398 days today to 200 days in 2026, 100 days in 2027 and 47 days by 2029), allowing them to easily manage renewals and prevent outages.

• Code Sign Management, Policy Enforcement and Deep DevOps Integrations² – Provide automated, policy-enforced code signing and governance alongside certificate lifecycle management to reduce infrastructure overhead, accelerate adoption and help ensure only trusted, compliant software is released.

CyberArk SSH Manager for Machines

• New Authorisation and Policy Controls¹ – Grant real-time authorisation tracking and discovery for centralised visibility, risk reduction and audit compliance to help better manage SSH key sprawl and unmitigated access.

To learn more about the new capabilities, in addition to upcoming news and previews related to CyberArk’s machine identity security solutions:

• Watch the keynote at CyberArk IMPACT World Tour 2025 in Long Beach for demos of the new features (available live and on-demand)
• Join CyberArk’s Securing the New Frontier of Agentic AI virtual event on November 4 for new updates on the CyberArk Secure AI Agents Solution (available live and on-demand)
• Join CyberArk’s Workload Identity Day Zero on November 10 in Atlanta for new updates on the CyberArk Secure Workload Access Solution (available on-demand)

About CyberArk

CyberArk (NASDAQ: CYBR) is the global leader in identity security, trusted by organisations around the world to secure human and machine identities in the modern enterprise. CyberArk’s AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With CyberArk, organisations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at cyberark.com.