Try our new research platform with insights from 80,000+ expert users

Amazon Cognito vs CyberArk Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Amazon Cognito
Average Rating
7.4
Reviews Sentiment
6.9
Number of Reviews
15
Ranking in other categories
Access Management (7th)
CyberArk Privileged Access ...
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
217
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
 

Featured Reviews

Wojciech Doganowski - PeerSpot reviewer
International setup localization challenges drive custom development while outsourcing credential management enhances security
We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API. I hope they will fix this soon because it's useful to rely on already prepared flows for all the account management. As it doesn't work with different languages, rewriting it is quite complicated. Additionally, maybe they could find another step in the price so there is not such a significant jump from the basic to extended functionality. Some flexibility would be helpful.
Lasantha Wijesinghe - PeerSpot reviewer
We have visibility and control through real-time user behavior analytics
It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of Amazon Cognito are OTP validation and email validation."
"Cognito speeds up our development and saves us time."
"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
"The solution is proto connective and integrates well with other AWS services."
"The federation is one of the most efficient features as the pricing is competitive."
"They offer a permission tool to help us manage multi-factor authentication."
"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."
"I appreciate Amazon Cognito's ability to scale with demand and its seamless user verification features."
"Customer support has been very helpful and responsive."
"Our most valuable features would probably be key rotation, the SKM or SSH key manager, and account discovery."
"I would rate this solution a nine out of ten."
"It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password."
"I would recommend CyberArk Privileged Access Manager because it is a leading solution for privileged access management."
"It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."
"The features that are most effective, like every PAM solution, include monitoring and password rotations."
"Central Password Manager is useful for agentless automated password management through AD integration as well as endpoints for different devices."
 

Cons

"I believe this product could improve by enriching user profiles."
"Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT."
"Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT. It requires a complex program to customize the token currently, however, the UI could support this configuration better."
"What I found generally lacking in AWS is privileged access management (PAM)."
"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."
"Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API."
"Amazon Cognito’s UI needs improvement while onboarding new users."
"I would rate its scalability as five out of ten. Moving users between different pools or accounts creates new identities, which means IDs stored in our database must also be changed."
"They need to provide better training for the System Integrator."
"It can be made user-friendly, in the sense of the console is pretty outdated."
"CyberArk PAM is a very broad product as everyone's requirements for implementation are different. In our particular case, the initial implementation was planned and developed by people who didn't know our specific network requirements, so the initial implementation needed to be tweaked over time. While this is normal, at the time all these "major" changes required CyberArk professional services to come in-plant and "assist" with the changes."
"Transitioning from a traditional on-premises deployment to the privileged cloud has resulted in losing access to many logs and administrative tools typically available on the back end."
"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug."
"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"New functionalities and discovered bugs take longer to patch. We would greatly appreciate quicker development of security patches and bug corrections."
"The current process for accessing RDP through the CyberArk or administrative portal involves downloading an RDP file. This is inconvenient for users and problematic due to security restrictions that prevent accessing servers via downloaded RDP files."
 

Pricing and Cost Advice

"The price of Amazon Cognito is low. The pricing model is based on the users."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."
"The pricing of this solution is good compared to other solutions on the market."
"We pay $600 monthly per user for licences and there are no other additional costs."
"The product is relatively inexpensive compared to other tools."
"The pricing is bad so I rate it a two out of ten."
"The price of the solution depends on the number of users using it."
"The price of Amazon Cognito is expensive. We are on an annual subscription."
"CyberArk Enterprise Password Vault is a very expensive product."
"Pricing and licensing depend on the environment."
"Pricing is a problem. CyberArk is expensive compared to other products I know. It is similar to buying a German car. It comes with all the bells and whistles, but some companies may find it too expensive."
"Payments have to be made on a yearly basis toward the licensing costs of the solution."
"The pricing is slightly higher compared to other solutions, but it is reasonable because there are better security features."
"It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain."
"It is in line with its competitors, but all such solutions cost too much money."
"It costs us around $200 per user."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Comms Service Provider
7%
Financial Services Firm
7%
Healthcare Company
6%
Educational Organization
34%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Amazon Cognito?
The most valuable feature of the solution is its swift authentication.
What is your experience regarding pricing and costs for Amazon Cognito?
The basic functionality is reasonably priced, but the extended functionalities, especially the extended security, are quite expensive. There is a significant jump from the basic to the extended fun...
What needs improvement with Amazon Cognito?
We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cog...
How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
 

Also Known As

No data available
CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
Rockwell Automation
Find out what your peers are saying about Amazon Cognito vs. CyberArk Privileged Access Manager and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.