CyberArk® Alero™ combines Zero Trust access, biometric multi-factor authentication and just-in-time provisioning into one SaaS-based solution.

CyberArk® AleroTM is specifically designed to provide fast, easy and secure privileged access for remote vendors that need to access critical internal systems that are managed by CyberArk. The cloud-based, multifactor authentication provided with Alero leverages the biometric capabilities from smartphones which in turn allows authorized remote vendors just-in-time secure privileged access with a simple glance or tap of a finger.

Introducing CyberArk Alero

WebSecure has a proven track record

Deploying CyberArk for more than 16 years WebSecure has consulted and deployed CyberArk Privileged Account Security Solutions into some of Australia’s largest enterprises.

How it Works

  • Remote Access

    When a remote vendor attempts to log in to CyberArk’s web portal, Alero displays a one-time, short-lived QR code on their workstation. Using the Alero mobile app the user scans the QR code and simultaneously authenticates their identity by means of facial or fingerprint recognition. If both the QR code and the biometric data are approved, the remote user is granted secure access to the CyberArk web portal and authorized to access privileged accounts from their workstation. The web browser session is isolated, and credentials are never shared to the end user’s workstation when they enter into critical IT systems for regular work, maintenance or otherwise. The session is encrypted end-to-end.

  • Connects to CyberArk Core

    The CyberArk Core Privileged Access Security Solution mitigates risks by helping enterprises efficiently manage privileged account access rights, proactively monitor and control privileged account activity, intelligently identify suspicious activity, and quickly and automatically respond to threats. Alero integrates seamlessly with the CyberArk Core Privileged Access Security Solution, providing just-in-time user provisioning and access for remote vendors to ensure critical assets are only accessed when necessary. The integration also provides enterprise operations and security teams full visibility and control over remote vendors’ privileged access activities.


  • Mitigate security risks.

    Implement Zero Trust access for remote vendors connecting to CyberArk Core PAS. Improve security posture with just-in-time provisioning to privileged accounts all while avoiding passwords, tokens and network-based access controls that can introduce vulnerabilities and expand attack surfaces.

  • Reduce operational expense and complexity.

    SaaS solution streamlines operations by eliminating VPNs, agents and credentials needed for remote vendor access. Temporarily authorize remote users in real-time without administrator intervention and delete users by policy when access is no longer required.

  • Simplify remote access for third-party vendors.

    Let authorized users securely authenticate to access privileged enterprise accounts with a simple glance or tap of a finger. Maintain biometric data on the mobile device separate from internal systems, for ultimate privacy and security.

  • Improve visibility and regulatory compliance.

    Full integration with the CyberArk Core Privileged Access Security Solution provides the ability to monitor privileged access activity in real-time via isolated browser sessions. Detect in-progress and potential attacks before perpetrators gain access to critical systems and do irreversible harm. Produce historical reports to support compliance audits.


WebSecure can arrange a proof of concept of the cloud based Alero solution.