Thales background banner

Luna Cloud HSM for CyberArk


Free Evaluation

Luna Cloud HSM for CyberArk provides a root of trust for CyberArk Privileged Access Security Solution’s top-level encryption key in an HSM.

Luna Cloud HSM for CyberArk

Luna Cloud HSM for CyberArk generates and stores the server keys, providing private key protection and strong entropy for key generation for CyberArk Privileged Access Security Solution system keys.

Together, Luna Cloud HSM for CyberArk secures the master key that is used within the vault, and is hosted in a secure environment. Luna Cloud HSM for CyberArk mitigates the risk of the master key being exposed or compromised by protecting it in a secure vault.

Key Features

  • Manages keys and certificates within carefully designed cryptographic boundaries
  • Provides robust access control mechanisms
  • Simplify security audits by following industry best practice for key security

Benefits

  • Ensures that data protected by CyberArk Privileged Access Security Solution is always protected
  • Enables policy enforcement
  • Ensures keys are only used for their authorized purpose
  • Reduces administration overhead
Thales Data Protection on Demand Services - Solution Brief

Thales Data Protection on Demand Services - Solution Brief

Thales Data Protection on Demand is a cloud-based platform that provides a wide range of Cloud HSM and key management services through a simple online marketplace. With Luna Cloud HSM and CipherTrust Key Management services on Data Protection on Demand (DPoD), security is made...

Thales CyberArk Privileged Access Security Solutions with Luna HSM and Data Protection on Demand HSMoD for CyberArk

Thales CyberArk Privileged Access Security Solutions with Luna HSM and Data Protection on Demand HSMoD for CyberArk

Protecting privileged access management credentials presents one of the largest security risks an organization faces today. These access accounts allow control of an organization’s resources, disable security systems, and enable access to vast amounts of sensitive data. Forrester estimates that 80 percent of security breaches involve privileged credentials1 . These breaches can come from external attackers and malicious insiders seeking a way to gain direct access to the heart of the enterprise. The fast adoption of ‘everything to the cloud’ has increased the IT footprint, creating an increasingly porous enterprise perimeter. Protecting this widely dispersed corporate and customer data, along with their associated user credentials, is paramount to a corporation’s reputation, and their success.

CyberArk Vault: Integration Guide Luna HSM and DPoD Luna Cloud HSM

CyberArk Vault: Integration Guide Luna HSM and DPoD Luna Cloud HSM

At the core of CyberArk Privileged Account Security Solution is the CyberArk Digital Vault that contains a highly secure database for storing privileged account credentials, access control policies, credential management policies, and audit information. To protect both the Digital Vault database and the data stored within the database, CyberArk has designed a multi-layered encryption hierarchy that uses FIPS 140-2 compliant encryption. Each individual file and safe within the Digital Vault database is encrypted with its own unique encryption key. The Digital Vault Server uses key-hierarchy for protecting each object in the Vault. Based on this unique and highly secure approach, CyberArk has the top-level encryption key (server key) required to start the Digital Vault.

CyberArk Digital Vault Integration

CyberArk Digital Vault Integration

Once the vault is installed, the server key can be generated on the service, where it is stored as a non-exportable key.