Skip to main content
Skip table of contents

CyberArk

Purpose

This document provides setup information on the CyberArk integration.

Introduction

CyberArk provides a privileged account security solution and password vault. It is required to have the CyberArk AIM suite to use the integration.

CyberArk is supported in HIAB and OUTSCAN for both internal and external IP addresses.

CyberArk authentication cannot be configured on the policy level, only on the target level.

Define the Application Manually via CyberArk 

To define the Application manually via CyberArk’s PVWA (Password Vault Web Access) Interface:

  1. Log on with a user allowed to managed applications (Manage Users authorization is required)

  2. Go to Applications tab, click Add Application; the Add Application page is displayed.

  3. Fill with the pre-defined APPID the customer should use, specified in the Name field.

Set Up CyberArk in OUTSCAN or HIAB

To set up CyberArk in OUTSCAN or HIAB:

  1. Go to Main Menu > Settings > Integrations.

  2. Select the CyberArk tab.

    Integration07.png


    Provide the below information to use CyberArk:

Option

Description

Enabled

Click on this field to enable CyberArk.

Host

Provide the hostname to the CyberArk server.

Port

Provide the port that CyberArk accepts connections on.

AppID

Enter the application ID, an authentication token from CyberArk.

Default safe

Provide the CyberArk safe name to be used as default.

Default folder

Provide the folder to search for secrets.

Save

Click on this button to save your current settings.

  1. Click Save.

After enabling CyberArk:

  1. Go to Main Menu > Netsec > Manage Targets.

  2. Edit a target to setup the Authentication.
    CyberArk SSH and CyberArk SMB are now visible as new options.

  3. Click on any of the options to use the respective authentication.


  4. Provide your Credentials:

Option

Description

Username

Provide your username to use when authenticating to the target.

Object name

Check your CyberArk Vault administrator and provide the object name.  It is the name of the "secret" (which contains the specific credential).

Override safe

Provide a different safe name in case you wish to override the existing safe name.

Override folder

Provide a different folder name in case you wish to override the existing folder names. 

The Override settings provide the ability to change (override) them on a specific target.

  1. Click Test to start a verification.

  2. Click Save to enable the current settings.




Copyright

© 2025 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.