Just a few years ago, Israeli cyber-security firm CyberArk was the new kid on the block, making a name for itself in a field dominated by companies like Checkpoint and FireEye. Now, the firm is making its own acquisitions.
On Wednesday, CyberArk announced that it had bought Viewfinity, Inc., a Waltham, Massachusetts-based provider of Windows privilege management and application control software, for $30.5 million in cash. The transaction is expected to close in the fourth quarter of 2015.
Viewfinity’s technology allows administrators to limit the privileges available to users and applications, allowing only trusted programs to run. Any account infected with malware can be halted in place, with administrators preventing further spread of the malware.
This is CyberArk’s second acquisition in as many months. In August, the company acquired Israeli firm CyberIntel, which catapulted to worldwide fame last year when it published details of what was probably the longest hack attack in history – a scam that since 2002 has been targeting banks, corporations and governments in Germany, Switzerland, and Austria. The “Harkonnen Operation,” as the scam was called, involved over 800 UK-based phony front companies — all using the same IP address – in order to install malware on victims’ servers and networks. In all, some 300 corporations and organizations were victims of the well-organized and executed attack.
Viewfinity fits right into CyberArk’s own technology. The Petah Tikva-based company specializes in protecting “privileged accounts” on corporate servers. Privileged accounts are computer system user accounts that have extra privileges, with owners of those accounts capable of controlling important aspects of a server or network. Large computer systems, especially those that have been around for years, usually contain many such accounts that are no longer in use. System administrators often set up these accounts for special purposes, such as trying to override a glitch in software in order to get out an important report, without being bound by system restrictions. The accounts may have also belonged to former employees who were given administrative rights to make changes on a server.
But sometimes administrators forget to delete these accounts after putting out the fire – and there they remain, waiting to be exploited by someone who guesses the password (which is often a simple one, thrown together quickly and designed to be easy for the boss to remember). Often these accounts stick around well after the need fort them expires and hackers can try cracking their password with no one even noticing their exploits, because those accounts aren’t being watched closely.
Cyber-Ark eliminates the possibility that privileged accounts will be abused by identifying and choking off access to them. Cyber-Ark sets up a policy on user accounts that forces users to change passwords on a regular basis, including dormant privileged accounts. In addition, the system sets up a “safe zone” for data to be managed when accessed from an account. The only data a user can manipulate is that inside the safe zone, and that data is not written to saved server files until it is checked and rechecked for malware. The software also looks for suspicious activity, alerting administrators on what is going on and allowing them to intervene at any time.
“CyberArk’s acquisition of Viewfinity is another step forward in our strategy to advance the new security layer inside the network that is necessary to protect valuable corporate assets from cyber attacks,” said Udi Mokady, president and chief executive officer of CyberArk.
“Privilege vulnerabilities exist all throughout an organization’s IT infrastructure – whether deep within the network or on end user devices — and are exploited in 80-100% of advanced attacks. The addition of Viewfinity to the CyberArk solution extends privileged account security to the beginning stages of the attack cycle decreasing the probability of wider infection and lateral movement.”
“Windows privilege management is an important part of a robust privileged account security program and we are seeing increased customer demand for it, driven by both risk and regulatory requirements. By having this technology in-house, our customers will benefit from a single, trusted partner with an integrated solution addressing all of their privileged account security needs,” Mokady added.
“We are excited to become part of CyberArk to help advance the Privileged Account Security Solution as the critical new security layer to protect businesses from the most damaging cyber attacks,” said Gil Rapaport, Viewfinity president and co-founder. “With CyberArk, Viewfinity’s customers will gain from the company’s global presence and support capabilities, continued innovation and coming integration with the CyberArk Shared Technology platform.”