Amazon Cognito vs CyberArk Privileged Access Manager comparison

Amazon Web Services (AWS) and CyberArk are both solutions in the Access Management category. Additionally, 76% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 94% of CyberArk users who would recommend it.

Amazon Cognito

Read 13 Amazon Cognito reviews

2,181 Views
1,823 Comparison Views

76% willing to recommend

CyberArk Privileged Access ...

Read 210 CyberArk Privileged Access Manager reviews

9,475 Views
5,744 Comparison Views

94% willing to recommend

Amazon Cognito

CyberArk Privileged Access ...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Amazon Cognito and CyberArk Privileged Access Manager based on real PeerSpot user reviews.

Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Amazon Cognito vs. CyberArk Privileged Access Manager Report (Updated: January 2025).

Buyer's Guide

Amazon Cognito vs. CyberArk Privileged Access Manager

January 2025

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Amazon Cognito

Average Rating

7.6

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Access Management (6th)

CyberArk Privileged Access ...

Average Rating

8.6

Reviews Sentiment

6.9

Number of Reviews

210

Ranking in other categories

User Activity Monitoring (1st), Enterprise Password Managers (3rd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)

Featured Reviews

Erik Aceiro

Solutions Architect III at Raizen

Good integration with AWS services but not feasible for B2C because MFAs are nonexistent

The developer experience for mobile apps is terrible. Documentation is very poor and it is difficult to read the documents available to put things into practice. Our team has issues finding information related to using the solution. SDK and libraries available for mobile apps are terrible. For example, if you use MFA to migrate one user from your database to the pool, you need to use Lambda functions or other methods in AWS to get the solution enabled. It is extremely difficult to put a very, very scalable project into practice. Our team doesn't think you can use the solution for B2C on a large scale. We thought the solution would provide an agile experience but it does not. The solution needs to keep a history of passwords. For example, you should be able to check if customers used the same password in the past when connecting to a company by username and password. This type of feature is a must for our project. The MFA related to the solution's side is nonexistent. MFA should occur on the Facebook or Google side and also on the solution's side. This is a big problem because we have wallets, credit cards, and sensitive data stored for each customer. One layer of security is totally missing.

Read full review

Lasantha Wijesinghe

Cybersecurity Specialist at a comms service provider with 5,001-10,000 employees

We have visibility and control through real-time user behavior analytics

It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features of Amazon Cognito are OTP validation and email validation."

"The solution is proto connective and integrates well with other AWS services."

"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."

"The multi-factor authentication setup has room for improvement."

"The most valuable feature of the solution is its swift authentication."

"The federation is one of the most efficient features as the pricing is competitive."

"Cognito speeds up our development and saves us time."

"The features most valuable to us are the ability to integrate with various IDPs and the capability to sync with multiple applications."

More Amazon Cognito pros

"The most valuable features of CyberArk Privileged Access Manager are its robust functionality and reliability."

"The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."

"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."

"CyberArk is a good and adaptive solution. It is easy to adopt and install. It is easy for every use case."

"All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information."

"It's highly secure and very flexible. It gives us all types of storage options and it gives us a high level of security."

"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."

"CyberArk Privileged Access Manager’s ability to safeguard credentials for our organization is very important because it helps in managing the keys to the kingdom, especially the privileged access for various platforms."

More CyberArk Privileged Access Manager pros

Cons

"Amazon Cognito’s UI needs improvement while onboarding new users."

"The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint."

"I believe this product could improve by enriching user profiles."

"Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT."

"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."

"Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT. It requires a complex program to customize the token currently, however, the UI could support this configuration better."

"The MFA related to the solution's side is nonexistent."

"You need to evaluate the export users. The multifactor authentication, much less this room for improving the configuration setup of that."

More Amazon Cognito cons

"Their post-sale support area requires a big improvement. Customers cannot automate tickets directly with CyberArk. They have to come through the distributor or bring in partners who have access to the support portal. Basically, the support for post-sales implementation is there, but the role of CyberArk is very minimal. Customers have to rely on partners, which sometimes creates issues. Some of the vendors help you during the implementation process, but the CyberArk support team does not do that. They have 24/7 support for our region, but they help only if there is an emergency or there is a problem with their system. If the password vault is down or the system is down, they provide immediate attention. For almost everything else, they take more time to respond. They give low priority to service-related or migration-related questions."

"Customer support is somewhat lacking. They are often unavailable on Fridays, and the support process, such as raising a call or case, can take too long."

"There are upwards of six components you need to set it up. And you might need anywhere from two to five servers. It takes some work to set that up, especially in a larger environment."

"The solution is too big and complex for any businesses that are small or medium-sized. They should offer a more compact version or make a solution better suited to smaller businesses."

"I would prefer that this is a fully-managed service, rather than have to manage the software ourselves and keep it up to date."

"The support services could act faster when people reach out to resolve issues."

"Over the past seven years, I have seen a lot of ups and downs with the product."

"The only problem involves granting access to people who are authorized to view it."

More CyberArk Privileged Access Manager cons

Pricing and Cost Advice

"The pricing is bad so I rate it a two out of ten."

"The product is relatively inexpensive compared to other tools."

"We pay $600 monthly per user for licences and there are no other additional costs."

"The price of Amazon Cognito is low. The pricing model is based on the users."

"The price of the solution depends on the number of users using it."

"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."

"The price of Amazon Cognito is expensive. We are on an annual subscription."

"The pricing of this solution is good compared to other solutions on the market."

"Pricing is quite high and it could be improved."

"It's per-company, license-based."

"There are additional features added to our CyberArk Privileged Access Manager license. For example, features that allow us to integrate into various kinds of platforms."

"I believe that this solution is priced well. It's the market leader and I think that it's the best solution."

"I rate the tool's pricing an eight out of ten."

"The cost is high compared to other products."

"Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."

"CyberArk has been Gartner's number-one pick for the past ten years, so you can infer that their pricing is higher than everyone else. When you are the best, you will charge appropriately for it."

More CyberArk Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Access Management solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

Healthcare Company

Comms Service Provider

Educational Organization

34%

Financial Services Firm

12%

Computer Software Company

11%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Amazon Cognito?

The most valuable feature of the solution is its swift authentication.

See all answers

What is your experience regarding pricing and costs for Amazon Cognito?

Pricing is considered expensive for smaller organizations. Cognito's pricing was rated seven out of ten due to its cost.

See all answers

What needs improvement with Amazon Cognito?

The setup and configuration can be complex, especially for advanced use cases. A dedicated documentation portal with comprehensive information would be helpful. The user interface could be more int...

See all answers

How does Sailpoint IdentityIQ compare with CyberArk PAM?

We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...

See all answers

What do you like most about CyberArk Privileged Access Manager?

The most valuable features of the solution are control and analytics.

See all answers

What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?

I focus more on the technical side, but I hear customers say that if CyberArk was more affordable, they might have acquired more licenses. Some clients consider alternative solutions due to pricing...

See all answers

Comparisons

Microsoft Entra ID vs Amazon Cognito

Compared 58% of the time

Auth0 vs Amazon Cognito

Compared 16% of the time

Cloudflare One vs Amazon Cognito

Compared 8% of the time

ForgeRock vs Amazon Cognito

Compared 7% of the time

Gluu Flex vs Amazon Cognito

Compared 2% of the time

More Amazon Cognito Competitors

Microsoft Entra ID vs CyberArk Privileged Access Manager

Compared 10% of the time

Delinea Secret Server vs CyberArk Privileged Access Manager

Compared 8% of the time

Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager

Compared 7% of the time

WALLIX Bastion vs CyberArk Privileged Access Manager

Compared 6% of the time

One Identity Safeguard vs CyberArk Privileged Access Manager

Compared 4% of the time

More CyberArk Privileged Access Manager Competitors

Product Reports

Buyer's Guide

Amazon Cognito

February 2025

Download Amazon Cognito product report

Buyer's Guide

CyberArk Privileged Access Manager

February 2025

CyberArk Privileged Access Manager report

Download CyberArk Privileged Access Manager product report

Also Known As

No data available

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault

Overview

Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices. You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. With Amazon Cognito, you can save any kind of data in the AWS Cloud, such as app preferences or game state, without writing any backend code or managing any infrastructure. This means you can focus on creating great app experiences instead of having to worry about building and managing a backend solution to handle identity management, network state, storage, and sync.

Amazon Web Services (AWS)

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers

Rockwell Automation

Buyer's Guide

Amazon Cognito vs. CyberArk Privileged Access Manager

January 2025

Free Report: Amazon Cognito vs. CyberArk Privileged Access Manager

Find out what your peers are saying about Amazon Cognito vs. CyberArk Privileged Access Manager and other solutions. Updated: January 2025.

DOWNLOAD NOW

838,713 professionals have used our research since 2012.

See our Amazon Cognito vs. CyberArk Privileged Access Manager report.

See our list of best Access Management vendors.

We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.