What is Secure Web Sessions?

This topic introduces you to CyberArk Identity Secure Web Sessions .

The solution

CyberArk Identity Secure Web Sessions is a cloud-based service that gives customers the ability to record and monitor user activity within web applications and cloud consoles protected by CyberArk Identity and third party IdPs. Web applications protected by SWS are protected from malicious processes originating on endpoints, and all actions performed by end-users can be searched down to a users' exact clicks. Further, with Secure Web Sessions, customers can enable continuous authentication that monitors user behavior patterns and enforces re-authentication when anomalous activity is detected.

Secure Web Sessions is designed for companies with a variety of web-based business applications that contain sensitive data, such as financial records, customer information, and intellectual property. With Secure Web Sessions, companies can record in-app user activities without relying on extensive app customizations, complicated integrations with 3rd party tools, or manual log reviews.

CyberArk Identity Workforce SSO is able to support almost every application in your organization. For those applications where CyberArk Identity Workforce SSO is required, SWS can be implemented and trusted to prevent access to high-risk applications unless one or more security layers (step recording, continuous authentication, and session protection) are activated.

How it works

  • Records user actions taken inside of high-risk web applications regardless of where the application is hosted (on-prem or cloud).

  • Ensures that the user who starts the application is the same user using the application via re-prompting for biometric authentication with a QR scan during the session.

  • Ensures that unattended user sessions are not left open with sensitive data exposed.

  • Protects the sensitive web session in the browser by hardening the browser level (using the SWS extension) and optionally the client level (using optional EPM integration).

  • Provides searchable sessions so that auditor questions can be answered easily.

User flow