Israeli cybersecurity start-up CyberArk on Tuesday filed for an initial public offering on the NASDAQ stock exchange. The filing with SEC, the US Securities and Exchange Commission, did not say how much the company would seek to raise with the IPO, but industry analysts said CyberArk was likely to seek at least $75 million.
In a recent interview, a company official described CyberArk’s technology. “According to international research firm Deloitte, 100% of sophisticated attacks use privileged accounts to get into critical systems. We prevent attacks simply by choking off access to these accounts, denying hackers the opportunity to use them to break into systems,” the official said.
Privileged accounts are computer system user accounts that have extra privileges, with owners of those accounts capable of controlling important aspects of a server or network. Large computer systems, especially those that have been around for years, usually contain many such accounts that are no longer in use.
System administrators often set up these accounts for special purpose “missions,” such as trying to override a glitch in software in order to get out an important report, without being bound by system restrictions. The accounts may have also belonged to former employees who’d been given administrative rights to make changes on a server.
Sometimes, however, administrators forget to delete these accounts after putting out the fire — and there they remain, waiting to be exploited by someone who guesses the password (which is often a simple one, thrown together quickly and designed to be easy for the boss to remember). Often, these accounts stick around well past their “due date,” and hackers can try cracking their password with no one even noticing their exploits; those accounts aren’t being watched closely.
CyberArk chokes off the possibility of privileged accounts being abused by identifying and cutting off access to them. CyberArk sets up a policy on accounts that forces users to change passwords on a regular basis, including those of dormant, privileged accounts. In addition, the system sets up a “safe zone” for data to be managed when accessed from an account.
The only data a user can manipulate is that inside the safe zone, and that information is not written to saved server files until it is checked and rechecked for malware. The software also looks for suspicious activity, alerting administrators to what is going on and allowing them to intervene at any time.
The system isolates the privileged session from the rest of the network and keeps it away from the system until it is thoroughly analyzed, the official said. Thus, all work sessions using accounts monitored by CyberArk remain isolate, while credentials for an account — its password, etc. — remain isolated as well. The result, according to the official, is that if a hacker is copying the data using a keylogger or other malware, the only data they can access is that of the session itself, and not anything more on the server.
According to SEC, J.P. Morgan Securities and Deutsche Bank Securities are leading the filing. When the IPO is approved, CyberArk will trade under the symbol CYBR.
Due to SEC rules, company officials could not discuss the IPO.