When are new credentials rotated?
When a new account is created, how long before CyberArk attempts to rotate the password?
If someone add's a new account then they know what the password is. And once CA has the account details, there is a period of time where someone could be accessing the account outside of CyberArk without checking out the PW.
How quickly does CyberArk attempt to close that window? I couldn't find anything specific in the policies or docs that mentioned this.