CyberArk Expands Machine Identity Security Portfolio with Advanced Discovery and Context Capabilities, Enabling Enhanced Visibility and Control

October 07, 2025 at 09:30 AM EDT

Machine identities outnumber human identities by 82 to 1.

Automated discovery and context-driven approaches are needed to meet complex machine identity security challenges.

CyberArk’s platform enhancements help security teams easily find, manage and secure machine identities across the enterprise.

CyberArk IMPACT World Tour 2025--CyberArk (NASDAQ: CYBR), the global leader in identity security, today announced new discovery and context capabilities across its Machine Identity Security portfolio. The enhancements enable security teams to automatically find, understand and secure machine identities – spanning certificates, keys, secrets, workloads and more – reducing risk and simplifying compliance at scale.

Machine identities outnumber human identities by an estimated 82 to 1, driven by increased AI adoption and cloud native growth. As a result, machine identity-related security incidents are on the rise, with 72% of security leaders reporting certificate-related outages and 50% experiencing security incidents or breaches from compromised machine identities, according to CyberArk research. Manual processes can no longer keep up, and organizations need an automated discovery and context-driven approach to stay ahead.

“Implementing machine identity security programs has become increasingly complex as organizations grapple with shrinking certificate lifespans, the rise of AI agents, vault sprawl and vulnerable software supply chains. With these new discovery, context and remediation capabilities, customers gain the visibility and control they need to tame sprawl, enforce policy and secure their environments more efficiently,” said Kurt Sand, GM of Machine Identity Security at CyberArk. “This milestone, just one year after our acquisition of Venafi, marks a significant step forward in our commitment to delivering the industry’s most comprehensive, end-to-end machine identity security solution.”

CyberArk’s expanded Machine Identity Security portfolio delivers centralized visibility, automated policy enforcement and context-driven insights to help organizations monitor and secure every machine identity, anywhere, across the enterprise. Key enhancements include:

CyberArk Secrets Hub

Discovery and Context for HashiCorp Vault¹ – Helps address critical vault sprawl challenges by providing visibility into dispersed HashiCorp Vault instances and ensuring enterprise-wide policy compliance without disrupting developer workflows.

Risk Management and Remediation Dashboard² – Centralizes observability across market-leading secrets vaults and integrates third-party scanner data to identify high-risk areas, enabling organizations to prioritize remediation and track compliance progress.

CyberArk Certificate Manager, SaaS

CA/B Forum TLS Certificate (47-day) Dashboard¹ – Provides real-time visibility into certificate expiration timelines, renewal projections and certificate authority usage to help organizations prepare for reduced TLS certificate lifespans (from 398 days today to 200 days in 2026, 100 days in 2027 and 47 days by 2029), allowing them to easily manage renewals and prevent outages.

Code Sign Management, Policy Enforcement and Deep DevOps Integrations² – Provide automated, policy-enforced code signing and governance alongside certificate lifecycle management to reduce infrastructure overhead, accelerate adoption and help ensure only trusted, compliant software is released.

CyberArk SSH Manager for Machines

New Authorization and Policy Controls¹ – Grant real-time authorization tracking and discovery for centralized visibility, risk reduction and audit compliance to help better manage SSH key sprawl and unmitigated access.

To learn more about the new capabilities, in addition to upcoming news and previews related to CyberArk’s machine identity security solutions:

Watch the keynote at CyberArk IMPACT World Tour 2025 in Long Beach for demos of the new features (available live and on-demand)
Join CyberArk’s Securing the New Frontier of Agentic AI virtual event on November 4 for new updates on the CyberArk Secure AI Agents Solution (available live and on-demand)
Join CyberArk’s Workload Identity Day Zero on November 10 in Atlanta for new updates on the CyberArk Secure Workload Access Solution (available on-demand)

About CyberArk

CyberArk (NASDAQ: CYBR) is the global leader in identity security, trusted by organizations around the world to secure human and machine identities in the modern enterprise. CyberArk’s AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With CyberArk, organizations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at cyberark.com.

¹Available now

²Available by late 2025

Copyright © 2025 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders. This release is for informational purposes only, and represents CyberArk's current view of its innovation direction. It is not a commitment or an obligation to deliver any product or functionality. The development, release, timing, if any, of any future innovation or product remains at our sole discretion and may be subject to applicable fees.

Cautionary Language Concerning Forward-Looking Statements

This release contains forward-looking statements, which express the current beliefs and expectations of CyberArk's (the "Company") management. In some cases, forward-looking statements may be identified by terminology such as "believe," "may," "estimate," "continue," "anticipate," "intend," "should," "plan," "expect," "predict," "potential" or the negative of these terms or other similar expressions. Such statements involve a number of known and unknown risks and uncertainties that could cause the Company's future results, levels of activity, performance or achievements to differ materially from the results, levels of activity, performance or achievements expressed or implied by such forward-looking statements. Important factors that could cause or contribute to such differences include, but are not limited to: risks related to the Company’s acquisitions of Venafi Holdings, Inc. (“Venafi”) and Zilla Security Inc. (“Zilla”), including potential impacts on operating results; challenges in retaining and hiring key personnel and maintaining business; risks related to the successful integration of Venafi’s or Zilla’s operations and the ability to realize anticipated benefits of the combined operations; disruption of the current plans and operations of the Company and/or Zilla as a result of the announcement of the transaction, including risks of cyberattacks; changes to the drivers of the Company’s growth and the Company’s ability to adapt its solutions to the information security market changes and demands, including artificial intelligence (“AI”); the Company’s ability to acquire new customers and maintain and expand the Company’s revenues from existing customers; intense competition within the information security market; real or perceived security vulnerabilities, gaps, or cybersecurity breaches of the Company, or the Company’s customers’ or partners’ systems, solutions or services; risks related to the Company’s compliance with privacy, data protection and AI laws and regulations; the Company’s ability to successfully operate its business as a subscription company and fluctuation in its quarterly results of operations; the Company’s reliance on third-party cloud providers for its operations and software-as-a-service (“SaaS”) solutions; the Company’s ability to hire, train, retain and motivate qualified personnel; the Company’s ability to effectively execute its sales and marketing strategies; the Company’s ability to find, complete, fully integrate or achieve the expected benefits of additional strategic acquisitions; the Company’s ability to maintain successful relationships with channel partners, or if the Company’s channel partners fail to perform; risks related to sales made to government entities; prolonged economic uncertainties or downturns; the Company’s history of incurring net losses, the Company’s ability to generate sufficient revenue to achieve and sustain profitability and the Company’s ability to generate cash flow from operating activities; regulatory and geopolitical risks associated with the Company’s global sales and operations; risks related to intellectual property claims; fluctuations in currency exchange rates; the ability of the Company’s products to help customers achieve and maintain compliance with government regulations or industry standards; the Company’s ability to protect its proprietary technology and intellectual property rights; risks related to using third-party software, such as open-source software; risks related to stock price volatility or activist shareholders; any failure to retain the Company’s “foreign private issuer” status or the risk that the Company may be classified, for U.S. federal income tax purposes, as a “passive foreign investment company”; changes in tax laws; the Company’s expectation to not pay dividends on the Company’s ordinary shares for the foreseeable future; risks related to the Company’s incorporation and location in Israel, including wars and other hostilities in the Middle East; and other factors discussed under the heading “Risk Factors” in the Company’s most recent annual report on Form 20-F filed with the Securities and Exchange Commission. Forward-looking statements in this release are made pursuant to the safe harbor provisions contained in the U.S. Private Securities Litigation Reform Act of 1995. These forward-looking statements are made only as of the date hereof, and the Company undertakes no obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise, except as required by applicable law.