What's new

New Cloud Entitlements Manager versions are released and announced on a varying cadence. Occasionally, new versions that include only performance, stability and bug fixes, and do not require customer actions, are released without an announcement.

July 11, 2022

Ability to discover cloud service accounts and application keys

The CEM discovery engine can now detect cloud service accounts and application keys, including AWS IAM user access keys, Microsoft Azure service principal secrets, and Google Cloud service account keys. This new capability furthers our goal to provide customers with complete visibility into all the methods by which entities can gain access and permissions within the cloud.

June 9, 2022

Cloud Entitlements Manager increases official SLA to 99.9%

Cloud Entitlements Manager is now committed to an SLA of 99.9%. This improvement emphasizes our commitment to making CEM even more robust and reliable.

May 1, 2022

Integration with ServiceNow Change Management workflow

Cloud Entitlements Manager supports integration with the ServiceNow Change management workflow, so that organizations can incorporate CEM-recommended remediation processes within their existing approval workflow. This integration enables cloud security personnel to share CEM's insights, recommendations, and required remediation actions with people in the organization that don't necessarily have access to CEM.

April 14, 2022

Enhanced integration with Privilege Cloud - support for manually uploading cloud entities

Cloud Entitlements Manager admins can now control what standing privileged accounts they want to add to the Privilege Cloud pending accounts queue. Choose from the existing automatic upload option, or the new ability to manually upload accounts individually from the list of Cloud Entitlements Manager cloud entities.

April 1, 2022

Support for serverless cloud functions

CEM has extended its ability to manage the risk of excessive permissions, enabling organizations to implement least privilege access across human and machine identities in the cloud, and now serverless functions. CEM's newest feature analyzes code and fine tunes permissions to reduce the risk of excessive privileges, which positions security teams to better partner with developers and the software development lifecycle. With processes in place to implement least privilege for new and existing serverless applications, organizations can securely expand the deployment and unlock the operational efficiencies of cloud-native applications.

March 14, 2022

Detection of Microsoft Azure classic administrator role

Cloud Entitlements Manager can now detect when a Microsoft Azure subscription contains a classic administrator role, and generates a recommendation to remove it and manage access to Microsoft Azure resources using Azure role-based access control (Azure RBAC) instead (based on Microsoft best practices).

February 1, 2022

Cloud entitlements exposure report

This executive report provides an overview of your organization's security posture in a multi-cloud environment, focusing on excessive permissions, privileged access, and IAM risk insights. Available from the dashboard.

January 17, 2022

Cloud Entitlements Manager received SOC-2 Type 2 certification

This certification demonstrates an independent auditing firm has reviewed, tested and examined CyberArk Cloud Entitlements Manager to ensure compliance with the AICPA Trust Service Principles framework. The SOC-2 Type 2 certification provides assurance that controls for the Cloud Entitlements Manager service meet and exceed strict standards for security, availability, confidentiality.

To view the reports for Cloud Entitlements Manager or any other CyberArk SaaS solution, contact your CyberArk account team.