CyberArk has released a new free tool that can detect shadow administrator accounts inside cloud environments like Amazon Web Services (AWS) and Microsoft Azure. This new tool created by CyberArk is called SkyArk. It comes with two components, namely AWStealth and AzureStealth, each for scanning a company’s respective AWS and Azure environments.
Shadow administrator accounts usually slip under the radar because they are not members of some Privileged Active Directory security group, but rather are granted privileges through a direct assignment. Shadow administrator accounts have sensitive low-level and seemingly limited permissions in their cloud environment that can be exploited in order to escalate to fully privileged administrator accounts. These accounts may not have even been created intentionally, but were a product of other processes, such as integrating on-premises resources with a cloud environment, which then resulted in unpredictable interactions and unsecured access to company data. They are usually not intended to have so much power to begin with.
SkyArk assists organizations using cloud environments by bringing a very detailed and high-level visibility on any accounts considered Privileged in a cloud environment, and then further classifies the resources that these accounts have access to. For example, a privileged account with full access to manage AWS EC2 instances with no MFA and/or no conditions for their permissions will be classified accordingly as an unsecured privileged account.
Do you want to learn more about your privileged accounts in AWS or Azure? Contact us today to schedule a quick demo of SkyArk and to learn more about how you can make your cloud environment more secure with CyberArk tools.
For more information, review the CyberArk SkyArk Data Sheet.