diff --git a/package.json b/package.json
index cc1f8d8..bab1a82 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jupiterone/jupiterone-alert-rules",
-  "version": "0.24.2",
+  "version": "0.26.2",
   "description": "Alert rule packages for the JupiterOne platform",
   "scripts": {
     "validate": "tsx ./scripts/validate.ts"
diff --git a/rule-packs/cyberark-idaptive-misconfigurations.json b/rule-packs/cyberark-idaptive-misconfigurations.json
new file mode 100644
index 0000000..4f504cf
--- /dev/null
+++ b/rule-packs/cyberark-idaptive-misconfigurations.json
@@ -0,0 +1,62 @@
+[
+  {
+    "name": "cyberark-idaptive-MFA-disabled",
+    "description": "This query will look for devices that do not have SSO enabled.",
+    "queries": [
+      {
+        "name": "query0",
+        "query": "FIND cyberark_idaptive_device THAT HAS << cyberark_idaptive_user with ssoEnabled != true",
+        "version": "v1"
+      }
+    ],
+    "alertLevel": "MEDIUM"
+  },
+  {
+    "name": "cyberark-idaptive-no-user-assigned-to-account",
+    "description": "This query will look for cyberark accounts that have no user associated.",
+    "queries": [
+      {
+        "name": "query0",
+        "query": "FIND cyberark_idaptive_account THAT !HAS cyberark_idaptive_user",
+        "version": "v1"
+      }
+    ],
+    "alertLevel": "INFO"
+  },
+  {
+    "name": "cyberark-idaptive-no-user-assigned-role",
+    "description": "This query will look for cyberark users that have no role assigned.",
+    "queries": [
+      {
+        "name": "query0",
+        "query": "FIND cyberark_idaptive_user THAT !ASSIGNED cyberark_idaptive_role",
+        "version": "v1"
+      }
+    ],
+    "alertLevel": "INFO"
+  },
+  {
+    "name": "cyberark-idaptive-no-longer-active-devices",
+    "description": "This query will look for cyberark devices that may no longer be valid.",
+    "queries": [
+      {
+        "name": "query0",
+        "query": "FIND cyberark_idaptive_device WITH lastSeenOn < DATE.now - 30 days",
+        "version": "v1"
+      }
+    ],
+    "alertLevel": "INFO"
+  },
+  {
+    "name": "cyberark-idaptive-non-compliant-device",
+    "description": "This query will look for cyberark devices that aren't compliant.",
+    "queries": [
+      {
+        "name": "query0",
+        "query": "FIND cyberark_idaptive_device WITH complianceState != 'compliant' OR 'Compliant'",
+        "version": "v1"
+      }
+    ],
+    "alertLevel": "INFO"
+  }
+]
diff --git a/rule-packs/index.js b/rule-packs/index.js
index 6da295f..d3d0e29 100644
--- a/rule-packs/index.js
+++ b/rule-packs/index.js
@@ -15,4 +15,5 @@ module.exports.IntegrationMonitoring = require("./integration-monitoring.json");
 module.exports.SophosEndpointSecurity = require("./sophos-endpoint-security.json");
 module.exports.ArmisEndpointSecurity = require("./armis-endpoint-security.json");
 module.exports.TrellixEndpointSecurity = require("./trellix-endpoint-security.json");
+module.exports.CyberarkIdaptiveMisconfigurations = require("./cyberark-idaptive-misconfigurations.json");
 module.exports.CyberarkEPMMisconfigurations = require("./cyberark-epm-misconfigurations.json");