We primarily use the solution on our endpoints. 

We are using pretty much everything there. Basically, what we are trying to do, is when the end user connects to machines, the actual Window servers, Linux servers, et cetera, everything is run through CyberArk. We haven't got into the Application Identity Management part yet, using CyberArk APIs. 

That said, we are using CyberArk whenever somebody wants to access a remote server or any server, for that matter. Our infrastructure is basically set up so that access is given through CyberArk.

The solution is used for:

Rotating local administrator passwords: EPM can be used to rotate the passwords of local administrator accounts on endpoints, which helps to prevent attackers from gaining unauthorized access to these accounts.

Revoking access to privileged accounts: EPM can be used to revoke access to privileged accounts when users no longer need it, which helps to reduce the risk of unauthorized access.

Monitoring privileged activity: EPM can be used to monitor all privileged activity on endpoints, which helps to identify and investigate suspicious activity.

Auditing privileged access: EPM can be used to audit all privileged access to sensitive systems and data, which helps to comply with security regulations.

I'm using it in my company. It helps us manage our endpoints and keep things secure.

We use the solution to secure direct access to servers. Users could open their browsers and access resources. This applies to different teams, such as DevOps, IT services, and development teams. They can no longer use RDP connections directly to the server for their day-to-day tasks. Instead, they must log in to CyberArk with their account and then use a shared account to access the server. Another advantage is using (Privilege Access Management) PAM accounts, which have high permissions but are limited in their access.

The primary use case for CyberArk Endpoint Privilege Manager (EPM) is to control applications on work sessions, particularly in environments where users are not supposed to have open rights. It can be utilized to remove local admin rights from work sessions and protect the local admin group from unauthorized modifications. By deploying policies on these work sessions, organizations can restrict users' privileges and prevent them from adding users to the local admin group, reducing administrative privilege risks on endpoints.

Furthermore, it enables the deployment of policies that allow users to elevate application permissions without granting additional user rights. These application policies benefit specific applications without affecting users' overall rights. For instance, developers may require elevated permissions for certain software applications without needing broader administrative rights. However, EPM does not directly improve an organization's response to endpoint threats. Instead, it depends on other policies, such as those designed to prevent ransomware attacks. These policies focus on different aspects of endpoint security, while application policies specifically address the elevation of application permissions for user tasks, such as development activities.

I work with CyberArk Endpoint Privilege Manager for my partners. It is mainly for compliance, managing credentials securely, and monitoring what's going on with those credentials. Also, there's this thing about limiting privileges for certain users in production environments. But it seems like it's not just for big setups, it's also used across all kinds of workplaces.

Previously, the enterprise EPM was on-premises. Now, it has gone to the SaaS model. So, we have used CyberArk professional services, wherein CyberArk deployed all the agents into our different Unix machines. This deployment is currently underway. The policy changes and the reconfigurations part are pending. In the coming quarter, or by the end of it,  the overall EPM deployment will be completed with this customer.

My primary use case for CyberArk Endpoint Privilege Manager is malware prevention. The solution enables malware detonation, which helps you solve ransomware problems. For example, suppose an unknown application comes into your environment, and you have installed a CyberArk Endpoint Privilege Manager agent. In that case, the solution will filter the unknown traffic from an unknown publisher and stop it from infiltrating. The solution dashboard also lets you know that specific software is suspicious. Still, it depends on the category, but malware prevention is one use case of CyberArk Endpoint Privilege Manager.

Classifying a trusted or whitelisted application is also a use case of the solution.

Another use case of CyberArk Endpoint Privilege Manager is stopping credential theft. For example, you have credential stores all around, whether you know it or not. You have credential stores in web browsers like Chrome and Microsoft Edge. The solution protects you against an attacker that has already gained access to your environment, an internal person that leverages your system and wants to go to your web browser, or probably there's a browser path attack where the person has access to your browser. He can check your credential store, but if CyberArk Endpoint Privilege Manager is in place, that situation will be prevented.

Just-In-Time Access is another use case of the solution. For example, there's no administrator privilege on the system, but let's say a database administrator or application administrator wants to use the credential. You can provide that person with Just-In-Time Access so he can use the credential for thirty minutes, then that credential expires once the time is up.

CyberArk Endpoint Privilege Manager also separates the privileges. For example, a team of application managers receives access to specific software that the network team can't access.

Inside we have a lot of applications, including three or four critical applications. With this application, remote users cannot run another application if you do not grant access to these applications. For example, if you want users to use Word or PowerPoint, you can allow usage of those and block usage of other things. If you want to run one application and you need to get permission, you send a ticket to ask for authorization to use it. That way, the company can control the access of every user.

CyberArk Endpoint Privilege Manager can be deployed across all platforms, such as AWS, GCP, and Ali Baba. 

The solution is used for management, multi-site failover, satellite vaulting, distributed architecture, custom CPM, PSM deployment, custom CCP, and CCP deployment.

We use the solution for cyber security to block unwanted things and ensure endpoint security. We also use the solution to collect user analytics.

Because we are dealing with personal health information, we have had to setup up a security broker for admin access in and out of the accounts.

They wanted to have a break-glass solution in case there was a problem with the multi-factor authentication or any other issues.

We chose to use CyberArk for their failover abilities. If the Multi-factor authentication fails then you can still log in and it has a second factor that authenticates.  

It gives them the break glass option that they needed.

I use the solution in my company since its PAM features are used for privileged accounts.

We primarily use the solution on our endpoints. 

We use CyberArk Endpoint Privilege Manager mainly for privilege management.

CyberArk Endpoint Privilege Manager is used for compliance with password policies.

I use the solution in my company since some users need a certain level of activity in EXE files. The tool is used to block certain issues that we don't want in our environment.

We use the solution as a Privilege Access Manager to manage user's passwords. 

We are implementing this product to control the Privilege account. For example, from a Cyber Privilege account, we just want to know what the user is doing and how to control it. We use it for security and monitoring.

There are a lot of companies that have servers that want to monitor their members if they do something that violates their policy.

Our primary use case for this solution is to manage enterprise passwords and monitor session connections.