The rising popularity of automation tools is enabling unprecedented growth within teams no longer responsible for completing the tedious, repetitive work better performed by programmable robots. But as businesses grow with the help of robotic process automation, cybersecurity is often left playing catch-up with both organizations and the new risks rapidly evolving to take advantage of emerging process vulnerabilities.

To combat these challenges, Brandon Traffanstedt (pictured), national director of solutions engineering at information security company CyberArk Software Ltd., is building security into customer processes through Amazon Web Services Inc. to facilitate simpler secure RPA authentication.

Traffanstedt spoke with Jeff Frick (@JeffFrick), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS Marketplace and Service Catalog Experience Hub event in Las Vegas. They discussed the current risks in RPA security and how CyberArk is simplifying processes to ensure security becomes a priority business measure. (* Disclosure below.)

[Editor’s note: The following answers have been condensed for clarity.]

Give us the overview of CyberArk.

Traffanstedt: CyberArk does privileged access security, the vaulting rotation in management of incredibly powerful accounts. Both traditional ones, the domain admin, to ones that exist in a cloud state. Access key, secret key pairs, route access into your console, our goal is to take those out of the minds of users, spreadsheets, hard coded code stacks, [and] place them in a secure location, rotate them, and provide secure access to people, as well as non-people.

When we look at the general spectrum of accounts in an organization, you’ve got the lower ones that are identity driven, but really those high value credentials [are] what bring down organizations. The focus there on those powerful ones is what gets us the most security posture increase with the least amount of effort.

You said you’ve been doing this for 20 years. How [have] your challenges changed?

Traffanstedt: Years ago, organizations were very monolithic, but the architecture broke down. Ten years ago, virtualization was the big thing. Same types of accounts, but more systems, more automation flows. As we replaced humans with non-humans, more human users got over-privileged. One of the things that we saw was the breaking down of the application stacks to the point that we are now — you can spin up thousands of instances in a matter of seconds. Move that into a microservices model, and you now have tens of thousands of nodes in the blink of an eye, all having the same type of access restrictions but far more distributed.

One of the hot topics in today’s world is RPA, robotic process automation. How should people be thinking about RPA and security?

Traffanstedt: One of the things about automation and centralization is that now attackers don’t have to go through that same type of flow they used to. Now, all it takes is one compromise into your cloud management console, for instance, and a lot of times that’s game over.

In order for robots to do their jobs, to build this automation, they’ve got to authenticate. A lot of times we’ll see that authentication happen as kind of an isolated secret that’s stored inside of Automation Anywhere, for instance. One prevalent theme is [finding] a centralized and secure source to manage them and allow the robotic process automation to authenticate securely to that entity [and] pull the secrets as they need. Now, we can rotate that 12 times a day if we wanted to without our RPA missing a beat.

At CyberArk we have what’s called a C³ Alliance, where we brought together a number of RPA vendors, as well as other automation platforms, security vendors, [so] you don’t have to do the work of integrating. It’s already there, and it’s been built.

Share how you work with AWS Marketplace, and what that’s meant for your company.

Traffanstedt: AWS Marketplace has helped us provide our open-source solution in a beautifully deployed package to as many folks as possible, so that at least they have some secure place to store secrets without altering the way they do things. If they have to go outside of the Marketplace flows that they’re used to, it’s extra work. We never want security to be a constraint to building good, quality automation development practices.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS Marketplace and Service Catalog Experience Hub event. (* Disclosure: TheCUBE is a paid media partner for the AWS Marketplace and Service Catalog Experience Hub event. Neither Amazon Web Services Inc., the event sponsor, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE