Edit

Share via

CyberArk Privilege Cloud

  • Article

Important

Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

CyberArk Privilege Cloud is a SaaS solution that provides a simplified path to securely store, rotate and isolate credentials (for both human and non-human users), monitor sessions, and quickly deliver scalable risk reduction to the business. You can use the CyberArk plugin with Microsoft Copilot for Security to:

  • List privileged accounts in Copilot for Security using natural language.
  • Leverage Copilot generative AI abilities to interact with privileged accounts data.

Set up the CyberArk plugin

Integration with Copilot for Security requires an OAuth service user account for authentication.

  1. Sign in to your CyberArk Identity Security Platform Shared Services (ISPSS) with a user account that has permissions to manage users in CyberArk Identity.

  2. Configure a new OAuth service user account by following these steps:

    1. From the service picker, choose Identity Administration.

      Screenshot showing a section of the CyberArk identity portal with Identity Administration highlighted.

    2. Expand Core Services, and then select Users.

    3. In the Users screen, select Add User, and then fill in the required details.

      Screenshot showing the Create User screen with required field to fill in.

    4. Under Status mark the checkbox next to Is OAuth confidential client, and then select Create User.

    5. In the menu, select Roles, and then assign the new user account to a Privilege Cloud Users role.

  3. Configure CyberArk Privilege Cloud to work with the Copilot for Security plugin. Follow these steps:

    1. In the service picker, select Privilege Cloud.

      Sceenshot showing CyberArk menu with Privilege Cloud selected.

    2. In the menu, expand Policies, select Safes, and then choose the safe you want to grant permissions for.

    3. In the Safe pane, select the Members tab. Select Add members, and select the user account you created earlier, and then select Next.

    4. Assign appropriate permissions, and then select Add.

  4. Sign in to Microsoft Copilot for Security.

  5. Access Manage Plugins by selecting the Plugin button from the prompt bar.

  6. Next to CyberArk, select the toggle to enable it.

  7. Provide your CyberArk Privilege Cloud instance URL and user account information.

  8. Save your changes.

Use the CyberArk plugin

After the CyberArky plugin is configured, you can use it by typing CyberArk in your Copilot for Security prompt bar, followed by an action. You can use the plugin to list privileged accounts and get account details. The following table lists some example prompts to try and their expected output:

Prompt example Expected output
Find an account with the username test_user Get all account details about an account with the username “test_user”.
Get all account details about an account with the username “test_user” Get a positive or negative answer whether an account with the username “test_user” and an address “10.0.1.103” is managed by CyberArk.
Get all accounts and show the results in a table Get details about all accounts, displayed in a table format.

See also

Other plugins for Microsoft Copilot for Security

Manage plugins in Microsoft Copilot for Security