https://www.msbiro.net/tags/cyberark/ Recent content in Cyberark on Cloud Native & Open Source: A Team Lead’s Working Journal https://www.msbiro.net/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E https://www.msbiro.net/%3Clink%20or%20path%20of%20image%20for%20opengraph,%20twitter-cards%3E Hugo -- 0.163.1 en-us Mon, 11 Aug 2025 12:39:03 +0000 https://www.msbiro.net/posts/0day-cves-secrets-manager/ Mon, 11 Aug 2025 12:39:03 +0000 https://www.msbiro.net/posts/0day-cves-secrets-manager/ This article highlights recent zero-day vulnerabilities discovered in CyberArk and HashiCorp secrets managers, emphasizes the importance of timely software updates, and offers practical advice for staying proactive about security patches. https://www.msbiro.net/posts/cyberark-conjur-134-evolution-continues/ Wed, 09 Oct 2024 07:30:03 +0000 https://www.msbiro.net/posts/cyberark-conjur-134-evolution-continues/ CyberArk Conjur 13.4 introduces exciting new features including syncing empty safes from Vault for improved policy automation, dynamic application configuration through the conjur.yml file, and extended support for regex queries in the External Secrets Operator. This release marks another step in the continuous enhancement of Conjur Enterprise, making it more powerful and flexible for enterprise secrets management. https://www.msbiro.net/posts/cyberark-conjur-132-released/ Thu, 01 Feb 2024 12:30:03 +0000 https://www.msbiro.net/posts/cyberark-conjur-132-released/ CyberArk released Conjur 13.2 with important bug fixes, support for OpenShift 4.14, and new key features including high availability for the Vault Synchronizer and enhanced support for the Container Storage Interface (CSI) driver. This release improves disaster recovery strategies and optimizes secret injection into Kubernetes pods, representing another solid step in Conjur’s ongoing evolution. https://www.msbiro.net/posts/cyberark-conjur-131-released/ Thu, 07 Dec 2023 08:30:03 +0000 https://www.msbiro.net/posts/cyberark-conjur-131-released/ CyberArk has released Conjur 13.1, a point update focusing on under-the-hood improvements that enhance the resiliency of Conjur followers. Key changes include major upgrades to the underlying container base image, PostgreSQL, and etcd versions, as well as enhanced flexibility in vault synchronization and secret segregation. This release is recommended for all Conjur Enterprise users seeking improved performance and stability. https://www.msbiro.net/posts/conjur-13-is-available/ Tue, 06 Jun 2023 18:30:03 +0000 https://www.msbiro.net/posts/conjur-13-is-available/ CyberArk has released Conjur 13.0, bringing notable enhancements like OIDC login support, secret data segregation for followers, optimized password management, and faster Vault synchronization for enterprise environments. This post covers the highlights of version 13, why you should consider upgrading, and how these improvements impact admins, security teams, and Kubernetes users. https://www.msbiro.net/posts/resolving-podman-log-rotation-issue-conjur-enterprise-129/ Wed, 24 May 2023 17:30:03 +0000 https://www.msbiro.net/posts/resolving-podman-log-rotation-issue-conjur-enterprise-129/ This post addresses a log rotation issue seen in CyberArk Conjur 12.9 container deployments running on Podman. Unlike Docker, Podman requires the container to be recreated with the AUDIT_WRITE capability added and a specific permission set on the Nginx log directory for proper log rotation. The resolution was developed collaboratively with CyberArk support and is now documented for future updates. Essential guidance for operators using Podman with Conjur containers. https://www.msbiro.net/posts/troubleshooting-conjur-follower-setup-postgres-connectivity/ Mon, 21 Nov 2022 11:23:03 +0000 https://www.msbiro.net/posts/troubleshooting-conjur-follower-setup-postgres-connectivity/ This post covers troubleshooting a CyberArk Conjur follower setup issue where the follower pod could connect to the Conjur API leader but failed to connect to the Postgres database, causing replication to stall and system errors. The solution involved verifying Postgres connectivity using openssl s_client with TLS, revealing a network load balancer misconfiguration that was subsequently corrected. Learn how to use this simple openssl command for effective container and network diagnostics. https://www.msbiro.net/posts/cyberark-vault-synchronizer-casvm035e-fix/ Fri, 30 Sep 2022 07:30:03 +0000 https://www.msbiro.net/posts/cyberark-vault-synchronizer-casvm035e-fix/ This post addresses the CyberArk Vault Synchronizer error 'CASVM035E Vault name is missing' encountered during upgrade from version 11.7 to 12.7. It guides users through the straightforward fix by updating the INTEGRATION_VAULT_NAME value in the VaultConjurSynchronizer.exe.config file, restoring secrets synchronization functionality on Windows. https://www.msbiro.net/posts/cyberark-impact-world-tour-2022/ Wed, 21 Sep 2022 19:30:03 +0000 https://www.msbiro.net/posts/cyberark-impact-world-tour-2022/ CyberArk announces the Impact World Tour, a series of global cybersecurity events featuring expert sessions and networking opportunities. This post shares details on tour locations, agenda, and registration, along with a personal note on attending the Milan event in October 2022. https://www.msbiro.net/posts/cyberark-conjur-architecture-system-requirements/ Sun, 24 Jul 2022 11:40:03 +0000 https://www.msbiro.net/posts/cyberark-conjur-architecture-system-requirements/ This post provides a comprehensive overview of CyberArk Conjur Enterprise architecture, detailing its multi-node cluster design with auto-failover capabilities, follower deployment for scaling, and essential system requirements for production and test environments. Essential reading for anyone planning to deploy Conjur as an enterprise-grade secrets manager. https://www.msbiro.net/posts/new-job-devsecops-teamleader/ Wed, 25 May 2022 11:30:03 +0000 https://www.msbiro.net/posts/new-job-devsecops-teamleader/ Starting May 16, 2022, I embarked on a new journey as Senior DevSecOps Engineer at SIGHUP. This post marks the beginning of a shift towards cloud-native infrastructure security topics, including tools like CyberArk Conjur. While previous content remains available, expect fresh insights into securing modern cloud environments. My role as organizer of the LetsConnect user group continues, and I look forward to connecting at upcoming events.