We performed a comparison between AWS CloudTrail and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two User Activity Monitoring solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."AWS CloudTrail integrates with AWS Config and provides custom event, security, and compliance auditing."
"The product’s most valuable feature is monitoring. It helps us audit the changes in AWS account at the application and resource level."
"What I found most valuable in AWS CloudTrail is that it provides a good context of what's happening in the environment, so it's an excellent way to baseline what's occurring. I also like that AWS CloudTrail helps with audits."
"In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the employees' activities, revealing that they were downloading specific files from our customer's environment. Without it enabled, we wouldn't have been aware of this."
"AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana."
"It is a stable solution. AWS handles it well."
"The solution is good as a central logging platform for showing all cloud events."
"It has helped us with our adoption with other teams, and it has also helped us to integrate it at the ground level."
"It is very simple to use."
"With PAM in place, we've experienced a significant reduction in potential security breaches."
"Performance-wise, it is excellent."
"All access to our servers by both staff and vendors is monitored and recorded."
"It has the ability to scale out. We have scaled out quite a bit with our product and use of it to get to multiple locations and businesses, so it has the breadth to do that."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"Filtering multiple values within the console is a feature that has yet to exist in AWS CloudTrail. You can look up a user identity, service, or action, but you can't search for multiple dimensions."
"The solution's operation visibility could be improved."
"The solution should incorporate visibility for CloudWatch events."
"Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great."
"The platform’s reporting log sheet feature could be more user-friendly."
"Once the organization defines its policies, it must immediately enable AWS CloudTrail and integrate it with auto-remediation procedures using Lambda functions. This ensures that the main administrator can receive information quickly and on time without delay."
"More additional features as far as the REST is concerned, because we have something which was the predecessor to REST. A lot of the features which were in the predecessor have not necessarily been ported over to REST yet."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"There were a lot of manual steps in the initial setup which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5."
"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."
"We need a bit more education for our user community because they are not using it to its capabilities."
"Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting."
"New functionalities and discovered bugs take longer to patch. We would greatly appreciate quicker development of security patches and bug corrections."
"If we could have some kind of out-of-the box feature that you can simply say "no" so they don't have to go into a development mode, that would a really helpful feature."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
AWS CloudTrail is ranked 3rd in User Activity Monitoring with 8 reviews while CyberArk Privileged Access Manager is ranked 1st in User Activity Monitoring with 144 reviews. AWS CloudTrail is rated 8.8, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of AWS CloudTrail writes "Very comprehensive logs with good points of view for auditing and compliance". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". AWS CloudTrail is most compared with , whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our AWS CloudTrail vs. CyberArk Privileged Access Manager report.
See our list of best User Activity Monitoring vendors.
We monitor all User Activity Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.