CyberArk Endpoint Privilege Manager
  • 14 Mar 2024
  • 2 Minutes to read
  • Dark
    Light
  • PDF

CyberArk Endpoint Privilege Manager

  • Dark
    Light
  • PDF

Article summary

CyberArk Endpoint Privilege Manager enforces least privilege, providing credential theft protection and application control at scale.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Host Name or IP Address (required) - The hostname or IP address of the CyberArk Endpoint Privilege Manager server.
  2. Authentication Method - The authentication method used for the connection. The following methods are supported for authentication: EPM or Windows. To use SAML select Use SSO Authentication.
  3. Application ID (required) - If you are not using SSO Authentication, enter the Application ID which is a unique value to identify the "Axonius" application. This is a unique value that has not been used in CyberArk EPM.
  4. User Name and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets.
  5. Verify SSL (required, default: False) - Choose whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
  6. HTTPS Proxy (optional, default: empty) - Connect the adapter to a proxy instead of directly connecting it to the domain.
  7. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
  8. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the server using the HTTPS Proxy.

Using SSO Authentication
You can use SSO Authentication, either Okta, or ADFS.

  1. Toggle on Use SSO Authentication.
  2. Select your Identity Provider.
  3. Select SAML as the SSO Protocol.
  4. Enter the Redirect URL

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

CyberArkEnpintPrivilegeManager


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings, refer to ​Advanced Configuration for Adapters

  1. Fetch events - Select this option to fetch event info, file info, source, pre-history and reputation information from CyberArk

  2. Customize rate limits - Toggle on this option to customize rate limits. Use the options below to limit the number of requests the adapter sends per unit of time.

    • Number of requests per second (default: 5)- Set the number of requests per second. Set the number of seconds to send the request in 'Number of seconds'.

    • Number of seconds - Set the number of seconds during which the requests will be sent.

Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.


APIs

Axonius uses the CyberArk’s Web Services SDK.

Required Permissions

The value supplied in User Name must include enabled "Allow to manage sets" for the user profile and set to read only.

Version Matrix

This adapter has only been tested with the versions marked as supported, but may also work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.

VersionSupportedNotes
Version 11.0 and upYes

Was this article helpful?