Try our new research platform with insights from 80,000+ expert users

Amazon Cognito vs CyberArk Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Amazon Cognito
Average Rating
7.4
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Access Management (7th)
CyberArk Privileged Access ...
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
219
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
 

Featured Reviews

Wojciech Doganowski - PeerSpot reviewer
International setup localization challenges drive custom development while outsourcing credential management enhances security
We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API. I hope they will fix this soon because it's useful to rely on already prepared flows for all the account management. As it doesn't work with different languages, rewriting it is quite complicated. Additionally, maybe they could find another step in the price so there is not such a significant jump from the basic to extended functionality. Some flexibility would be helpful.
Lasantha Wijesinghe - PeerSpot reviewer
We have visibility and control through real-time user behavior analytics
It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
"What is quite valuable is that we can outsource storage of the credentials to AWS, and they manage it quite securely."
"Cognito speeds up our development and saves us time."
"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
"One of the key benefits of this software is its ease of integration with a wide range of applications, including mobile apps and web applications. This simplifies the process of integration, and it can be seamlessly incorporated with Azure, Kubernetes, and other software systems."
"The most valuable features of Amazon Cognito are OTP validation and email validation."
"The multi-factor authentication setup has room for improvement."
"I appreciate Amazon Cognito's ability to scale with demand and its seamless user verification features."
"I appreciate CyberArk's real-time capabilities. I can secure critical sessions, such as SSH or database sessions. As a security professional, I have real-time visibility into ongoing sessions. If anything suspicious occurs, I can terminate or freeze the session, which is part of user behavior analytics."
"I find the discovery feature, which includes credential management, session management, monitoring, and remediation within a session, to be very valuable."
"Automates password management to remove the human chain weakness."
"CyberArk probably has probably the best vault on the market because of the multiple layered security and each password getting its own encryption."
"It is very simple to use."
"It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."
"CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
"The AI capabilities, including advanced threat detection features, are very helpful for us. They reduce human effort and errors, allowing us to quickly identify and respond to threats."
 

Cons

"Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT."
"I believe this product could improve by enriching user profiles."
"I would rate its scalability as five out of ten. Moving users between different pools or accounts creates new identities, which means IDs stored in our database must also be changed."
"The setup and configuration can be complex, especially for advanced use cases."
"Amazon Cognito’s UI needs improvement while onboarding new users."
"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."
"In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users."
"Amazon Cognito could improve by simplifying the configuration."
"The initial setup could be simplified. Right now, in comparison to its nearest competitors, it's quite complex."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"The main challenge was integrating with in-house IT and business applications, which are not standard. We needed to create special updates for that kind of integration."
"One area for improvement is the plug-in development challenge. Although CyberArk provides a plug-in generator utility, it does not fully meet our needs, particularly for web-based applications."
"This product needs professional consulting services to onboard accounts effectively based user profiles."
"CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve."
"It could be more user-friendly. Sometimes I encounter issues, and I do not know what the issue is. It takes a lot of time to find the error and fix it. Sometimes it gives an error, but I do not know what the error is. I have to find the documents, but it does not provide all the details needed to fix the error. This is one of the day-to-day issues with CyberArk."
"In CyberArk Privileged Access Manager, the UI has room for improvement, as does the dashboard reporting, which could be made better or easier to use."
 

Pricing and Cost Advice

"We pay $600 monthly per user for licences and there are no other additional costs."
"The pricing of this solution is good compared to other solutions on the market."
"The price of the solution depends on the number of users using it."
"The product is relatively inexpensive compared to other tools."
"The price of Amazon Cognito is expensive. We are on an annual subscription."
"The pricing is bad so I rate it a two out of ten."
"The price of Amazon Cognito is low. The pricing model is based on the users."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."
"This solution is expensive."
"Its price can be reduced."
"Compared to other solutions, it is costly."
"The main problem for the tool is its licensing. I work for a really big company. When you try to develop this as a service, usually you work with leverage teams who are formed with dozens of members. You might dedicate one FTE, or less, for something, e.g., an antivirus administrator. You might have half an FTE's effort dedicated to administering the antivirus, but then you have a team of about 30 users who might access that ticket. The problem is that CyberArk eliminated the possibility of concurrent users years ago. This is a big problem for companies who work with leverage teams. You need to pay for everyone. 40 licenses are used by 20 or 30 people. This is a big problem because licenses are not precisely cheap."
"CyberArk DNA is free if you purchase the CyberArk solution. There is no additional charge for CyberArk DNA, which is great."
"They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."
"The solution is cost-effective for the features."
"Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Comms Service Provider
8%
Government
7%
Financial Services Firm
6%
Educational Organization
34%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Cognito?
The most valuable feature of the solution is its swift authentication.
What is your experience regarding pricing and costs for Amazon Cognito?
The basic functionality is reasonably priced, but the extended functionalities, especially the extended security, are quite expensive. There is a significant jump from the basic to the extended fun...
What needs improvement with Amazon Cognito?
We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cog...
How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
 

Also Known As

No data available
CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
Rockwell Automation
Find out what your peers are saying about Amazon Cognito vs. CyberArk Privileged Access Manager and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.