What's new

New Cloud Entitlements Manager versions are released and announced on a varying cadence. Occasionally, new versions that include only performance, stability and bug fixes, and do not require customer actions, are released without an announcement.

October 3, 2022

Dashboard redesign

The CEM dashboard has been redesigned for better usability and enhanced visibility into the excessive permissions and privileged access gaps and critical issues found in customers' multi-cloud environments.

The new, enhanced dashboard clearly highlights high-severity issues that should be investigated and remediated, such as identities with high exposure levels and identities that have shadow admin access. Users can drill through directly from the dashboard to begin investigating affected identities and mitigate risk.

September 12, 2022

Privilege Cloud-Cloud Entitlements Manager integration expanded to Shared Services

Privilege Cloud customers who have migrated their Privileged Access Manager capabilities to Shared Services in order to secure and protect privileged break-glass and sensitive accounts (for example, AWS IAM users), may want to leverage this new deployment and integrate with Cloud Entitlements Manager to discover and identify cloud identities with administrator privileges and manage them in Privilege Cloud.

The integration between Privilege Cloud and Cloud Entitlements Manager has been streamlined, and is now enabled by default, without any additional configuration required, when both Privilege Cloud and Cloud Entitlements Manager are on the Shared Services platform.

July 11, 2022

Ability to discover cloud service accounts and application keys

The CEM discovery engine can now detect cloud service accounts and application keys, including AWS IAM user access keys, Microsoft Azure service principal secrets, and Google Cloud service account keys. This new capability furthers our goal to provide customers with complete visibility into all the methods by which entities can gain access and permissions within the cloud.

June 9, 2022

Cloud Entitlements Manager increases official SLA to 99.9%

Cloud Entitlements Manager is now committed to an SLA of 99.9%. This improvement emphasizes our commitment to making CEM even more robust and reliable.

May 1, 2022

Integration with ServiceNow Change Management workflow

Cloud Entitlements Manager supports integration with the ServiceNow Change management workflow, so that organizations can incorporate CEM-recommended remediation processes within their existing approval workflow. This integration enables cloud security personnel to share CEM's insights, recommendations, and required remediation actions with people in the organization that don't necessarily have access to CEM.

April 14, 2022

Enhanced integration with Privilege Cloud - support for manually uploading cloud entities

Cloud Entitlements Manager admins can now control what standing privileged accounts they want to add to the Privilege Cloud pending accounts queue. Choose from the existing automatic upload option, or the new ability to manually upload accounts individually from the list of Cloud Entitlements Manager cloud entities.

April 1, 2022

Support for serverless cloud functions

CEM has extended its ability to manage the risk of excessive permissions, enabling organizations to implement least privilege access across human and machine identities in the cloud, and now serverless functions. CEM's newest feature analyzes code and fine tunes permissions to reduce the risk of excessive privileges, which positions security teams to better partner with developers and the software development lifecycle. With processes in place to implement least privilege for new and existing serverless applications, organizations can securely expand the deployment and unlock the operational efficiencies of cloud-native applications.

March 14, 2022

Detection of Microsoft Azure classic administrator role

Cloud Entitlements Manager can now detect when a Microsoft Azure subscription contains a classic administrator role, and generates a recommendation to remove it and manage access to Microsoft Azure resources using Azure role-based access control (Azure RBAC) instead (based on Microsoft best practices).

February 1, 2022

Cloud entitlements exposure report

This executive report provides an overview of your organization's security posture in a multi-cloud environment, focusing on excessive permissions, privileged access, and IAM risk insights. Available from the dashboard.

January 17, 2022

Cloud Entitlements Manager received SOC-2 Type 2 certification

This certification demonstrates an independent auditing firm has reviewed, tested and examined CyberArk Cloud Entitlements Manager to ensure compliance with the AICPA Trust Service Principles framework. The SOC-2 Type 2 certification provides assurance that controls for the Cloud Entitlements Manager service meet and exceed strict standards for security, availability, confidentiality.

To view the reports for Cloud Entitlements Manager or any other CyberArk SaaS solution, contact your CyberArk account team.