Cybersecurity company CyberArk has announced the launch of a new open-source tool called SkyArk to identify Shadow admin accounts in Microsoft Corp Azure and Amazon Web Services. The tool will allow companies to combat Shadow admins by targeting and securing the most privileged entities in the cloud. Shadow admins can be created by accident when enterprises integrate cloud environments with on-premise assets.
SkyArk offers AzureStealth and AWStealth scanning modules to scan Azure and AWS environments. It requires read-only permissions as it simply queries cloud entities and their assigned permissions before performing analysis and providing results. The new SkyArk tool which is open-sourced on GitHub comes with the appropriate documentation to get system administrators started.