Edit

Share via

CyberArk Privilege Cloud

  • Article

CyberArk Privilege Cloud is a SaaS solution that provides a simplified path to securely store, rotate and isolate credentials (for both human and non-human users), monitor sessions, and quickly deliver scalable risk reduction to the business. You can use the CyberArk plugin with Microsoft Security Copilot to:

  • List privileged accounts in Security Copilot using natural language.
  • Leverage Copilot generative AI abilities to interact with privileged accounts data.

Note

This article contains information about third-party plugins. This is provided to help complete integration scenarios. However, Microsoft does not provide troubleshooting support for third-party plugins. Contact the third-party vendor for support.

Know before you begin

Integration with Security Copilot requires an OAuth service user account for authentication. You'll need to take the following steps before using the plugin.

  1. Sign in to your CyberArk Identity Security Platform Shared Services (ISPSS) with a user account that has permissions to manage users in CyberArk Identity.

  2. Configure a new OAuth service user account by following these steps:

    1. From the service picker, choose Identity Administration.

      Screenshot showing a section of the CyberArk identity portal with Identity Administration highlighted.

    2. Expand Core Services, and then select Users.

    3. In the Users screen, select Add User, and then fill in the required details.

      Screenshot showing the Create User screen with required field to fill in.

    4. Under Status mark the checkbox next to Is OAuth confidential client, and then select Create User.

    5. In the menu, select Roles, and then assign the new user account to a Privilege Cloud Users role.

  3. Configure CyberArk Privilege Cloud to work with the Security Copilot plugin. Follow these steps:

    1. In the service picker, select Privilege Cloud.

      Sceenshot showing CyberArk menu with Privilege Cloud selected.

    2. In the menu, expand Policies, select Safes, and then choose the safe you want to grant permissions for.

    3. In the Safe pane, select the Members tab. Select Add members, and select the user account you created earlier, and then select Next.

    4. Assign appropriate permissions, and then select Add.

  4. Sign in to Microsoft Security Copilot.

  5. Access Manage Plugins by selecting the Plugin button from the prompt bar.

  6. Next to CyberArk, select the toggle to enable it.

  7. Provide your CyberArk Privilege Cloud instance URL and user account information.

  8. Save your changes.

Sample CyberArk prompts

After the CyberArk plugin is configured, you can use it by typing CyberArk in your Security Copilot prompt bar, followed by an action. You can use the plugin to list privileged accounts and get account details. The following table lists some example prompts to try and their expected output:

Prompt example Expected output
Find an account with the username test_user Get all account details about an account with the username “test_user”.
Get all account details about an account with the username “test_user” Get a positive or negative answer whether an account with the username “test_user” and an address “10.0.1.103” is managed by CyberArk.
Get all accounts and show the results in a table Get details about all accounts, displayed in a table format.

Provide feedback

To provide feedback, contact CyberArk.

See also

Non-Microsoft plugins for Microsoft Security Copilot

Manage plugins in Microsoft Security Copilot