CyberArk CEO Touts New Browser That Secures Privileged UsersMatt Cohen on How to Prevent Attackers From Using Cookies for Session Hijacking
CyberArk's new Secure Browser prevents adversaries from harvesting the credentials of privileged users who are accessing sensitive web applications, said CEO Matt Cohen during the company's annual conference, CyberArk Impact 23.
Cohen said hackers take advantage of consumer-grade browsers to facilitate session hijacking, meaning they use a cookie to continue a web session using the identity of the individual whose credential they've stolen. CyberArk's new browser is designed to allow users to get maximal value out of their web applications while not engaging in risky behaviors such as exposing credentials and cookies to bad actors, he said (see: CyberArk Promotes COO Matt Cohen to Replace CEO Udi Mokady).
"It's designed for users within an organization that have privileges," Cohen said Tuesday, and "that access applications that security wants to be able to protect. And it actually operates and is used just like the corporate browser that everybody is used to. So from a productivity perspective, there's no learning curve for individuals."
In this video interview with Information Security Media Group, Cohen also discusses:
- What makes the CyberArk Secure Browser different from browsers by Talon or Island;
- Risks around supply chain attacks, generative AI and quantum computing;
- Security challenges associated with nonhuman, machine and bot identities.
Cohen joined CyberArk in 2019 as chief revenue officer and was promoted to chief operating officer in November 2020 and CEO in February 2023. He spearheaded CyberArk's transition to a subscription business model and transitioned the enterprise sales organization from a product-centric sales focus to a platform motion. Previously, Cohen was executive vice president of field operations at PTC, where he played an instrumental role in executing the organization's transition to a subscription model and the rapid development and rollout of PTC's cloud strategy.