AWS CloudTrail vs CyberArk Privileged Access Manager comparison

Amazon Web Services (AWS) and CyberArk are both solutions in the User Activity Monitoring category. Amazon Web Services (AWS) is ranked #3 with an average rating of 8.8, while CyberArk is ranked #1 with an average rating of 8.7. Amazon Web Services (AWS) holds a 6.8% mindshare in UAM, compared to CyberArk’s 20.2% mindshare. Additionally, 100% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 94% of CyberArk users who would recommend it.

AWS CloudTrail

Read 11 AWS CloudTrail reviews

351 Views
113 Comparison Views

100% willing to recommend

CyberArk Privileged Access ...

Read 210 CyberArk Privileged Access Manager reviews

252 Views
208 Comparison Views

94% willing to recommend

AWS CloudTrail

CyberArk Privileged Access ...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 3, 2025

CyberArk Privileged Access Manager and AWS CloudTrail compete in the privileged access and API call logging category, respectively. CyberArk appears to have an edge in enterprise-focused security features, while AWS CloudTrail is better suited for those using AWS environments.

Features: CyberArk Privileged Access Manager provides password vaulting, session management, and threat analytics for comprehensive enterprise security. AWS CloudTrail offers detailed API call logging, management events monitoring, and integration with AWS services for enhanced AWS environment visibility.

Room for Improvement: CyberArk could streamline deployment complexity and improve plugin offerings. AWS CloudTrail could benefit from reduced log visibility lag and better integration with non-AWS services.

Ease of Deployment and Customer Service: CyberArk supports on-premises, cloud, and hybrid setups but its deployment can be complex and requires significant support. AWS CloudTrail, as a SaaS offering, is easy to deploy in AWS environments and benefits from AWS's global support network.

Pricing and ROI: CyberArk is priced at a premium due to its robust capabilities, making it ideal for larger enterprises with substantial security needs. AWS CloudTrail offers a cost-effective option for those heavily integrated with AWS, with minimal costs unless extensive data storage is required.

To learn more, read our detailed AWS CloudTrail vs. CyberArk Privileged Access Manager Report (Updated: January 2025).

Buyer's Guide

AWS CloudTrail vs. CyberArk Privileged Access Manager

January 2025

Download the complete report

Helped 839,422 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS CloudTrail

Ranking in User Activity Monitoring

3rd

Average Rating

8.8

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

No ranking in other categories

CyberArk Privileged Access ...

Ranking in User Activity Monitoring

1st

Average Rating

8.6

Reviews Sentiment

6.9

Number of Reviews

210

Ranking in other categories

Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)

Mindshare comparison

As of March 2025, in the User Activity Monitoring category, the mindshare of AWS CloudTrail is 6.8%, down from 13.9% compared to the previous year. The mindshare of CyberArk Privileged Access Manager is 20.2%, down from 23.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

User Activity Monitoring

Featured Reviews

MuhammadMuhammad

Information Security Officer at Habib InsuranceSecurity Officer Habib Insurance

There is no downtime and administration is very simple

The setup experience was very bad. Initially, when we began migrating our teams and configuring systems like AWS CloudTrail, we encountered some complications. Understanding the administration and navigating access loops resulted in numerous emails. However, after three or four years of experience, we understand the platform. Five to seven people including support are required for deployment. I rate the initial setup a six out of ten, where one is difficult, and ten is easy.

Read full review

Lasantha Wijesinghe

Cybersecurity Specialist at a comms service provider with 5,001-10,000 employees

We have visibility and control through real-time user behavior analytics

It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The product’s most valuable feature is monitoring. It helps us audit the changes in AWS account at the application and resource level."

"AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana."

"AWS CloudTrail integrates with AWS Config and provides custom event, security, and compliance auditing."

"The management events and CloudTrail Insights are valuable."

"What I found most valuable in AWS CloudTrail is that it provides a good context of what's happening in the environment, so it's an excellent way to baseline what's occurring. I also like that AWS CloudTrail helps with audits."

"The solution is good as a central logging platform for showing all cloud events."

"From a scalability point of view, the tool has no issue, and it is completely fine."

"It is a stable solution. AWS handles it well."

More AWS CloudTrail pros

"Our privileged accounts are now stored in a more secure location and lateral movement within the network have been lessened."

"We are able to rotate privileged user passwords to eliminate fraudulent use."

"CyberArk has resulted in a massive increase in our security footprint."

"The accounts are maintained automatically. Hence, resource and administration costs are less."

"Technical support is very helpful whenever we have any questions."

"Rather than multiple tools for maintaining regulatory compliance around passwords and privileged accounts, we have centralized as much as possible with CyberArk. This is now a one stop shop for end users to access their elevated credentials."

"We utilize PTA, and we are now integrating that into our risk management program so we can identify the uses of the vault which are outside of the norm, e.g., people accessing after hours. It has reduced the amount of time that we are looking through logs and audit logs."

"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."

More CyberArk Privileged Access Manager pros

Cons

"The product's initial setup phase is not pretty straightforward."

"Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great."

"The platform’s reporting log sheet feature could be more user-friendly."

"I have not experienced any challenges while using it."

"More controls should be introduced in CloudTrail, especially to see the logs in CloudTrail itself without saving them in S3, as S3 starts to incur charges."

"The solution's operation visibility could be improved."

"Once the organization defines its policies, it must immediately enable AWS CloudTrail and integrate it with auto-remediation procedures using Lambda functions. This ensures that the main administrator can receive information quickly and on time without delay."

"Filtering multiple values within the console is a feature that has yet to exist in AWS CloudTrail. You can look up a user identity, service, or action, but you can't search for multiple dimensions."

More AWS CloudTrail cons

"The lead product has a slow process. There are some reports and requirements from CyberArk which are not readily available as an applicable solution. We have made consistent management requests in the logs."

"The price is high compared to Azure Key Vault. It's the most expensive solution."

"There is a bit of a learning curve, but it's a pretty complex solution."

"Online help needs to be looked into with live agent support."

"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."

"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."

"What could be improved in CyberArk Privileged Access Manager is the licensing model. It should be more flexible in terms of the users. Currently, it's based on the number of users, but many users only log in once in four months or once in five months. It would be great if the licensing model could be modified based on user needs. We even have users who have not logged in even once."

"The turnaround time for technical support is lengthy."

More CyberArk Privileged Access Manager cons

Pricing and Cost Advice

"The solution is free if you don't need customizations but is not expensive otherwise."

"AWS CloudTrail is pretty affordable, and I have to double-check, but the service is free to use. I can add logs on the console, but if I want to store logs long-term, then I have to pay a storage fee, but it's relatively inexpensive."

"CloudTrail itself is free of cost."

"It is a very cheap service because management is a SaaS offering from AWS."

"AWS CloudTrail is a cheap solution."

"AWS CloudTrail is free."

"I would rate the cost of CyberArk Privileged Access Manager seven out of ten with ten being the most expensive."

"It is not a cheap solution. It is expensive as compared with other solutions. However, it is one of the best solutions in their domain."

"CyberArk Privileged Access Manager is perceived to be somewhat overpriced compared to similar market products. It is a little bit overvalued. It could come down a little bit for my liking. However, the industry-leading reputation and the quality of service justify the high price point to some extent."

"CyberArk is very expensive and there are additional fees for add-ons."

"The price of the solution is reasonable."

"The solution is available at a high price"

"The main problem for the tool is its licensing. I work for a really big company. When you try to develop this as a service, usually you work with leverage teams who are formed with dozens of members. You might dedicate one FTE, or less, for something, e.g., an antivirus administrator. You might have half an FTE's effort dedicated to administering the antivirus, but then you have a team of about 30 users who might access that ticket. The problem is that CyberArk eliminated the possibility of concurrent users years ago. This is a big problem for companies who work with leverage teams. You need to pay for everyone. 40 licenses are used by 20 or 30 people. This is a big problem because licenses are not precisely cheap."

"Generally, I don't get involved in the licensing or the purchasing side of it, but I do know that the licenses are expensive."

More CyberArk Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which User Activity Monitoring solutions are best for your needs.

See recommendations

839,422 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

No data available

Educational Organization

34%

Financial Services Firm

12%

Computer Software Company

11%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about AWS CloudTrail?

In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the emplo...

See all answers

What is your experience regarding pricing and costs for AWS CloudTrail?

The cost depends on the volume of logs generated from various services. So, depending on how many logs are gathered, it could vary from being cheap to expensive.

See all answers

What needs improvement with AWS CloudTrail?

Right now, AWS CloudTrail is perfect. I have not experienced any challenges while using it.

See all answers

How does Sailpoint IdentityIQ compare with CyberArk PAM?

We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...

See all answers

What do you like most about CyberArk Privileged Access Manager?

The most valuable features of the solution are control and analytics.

See all answers

What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?

I focus more on the technical side, but I hear customers say that if CyberArk was more affordable, they might have acquired more licenses. Some clients consider alternative solutions due to pricing...

See all answers

Comparisons

No data available

Microsoft Entra ID vs CyberArk Privileged Access Manager

Compared 10% of the time

Delinea Secret Server vs CyberArk Privileged Access Manager

Compared 8% of the time

Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager

Compared 7% of the time

WALLIX Bastion vs CyberArk Privileged Access Manager

Compared 6% of the time

Bitwarden vs CyberArk Privileged Access Manager

Compared 4% of the time

More CyberArk Privileged Access Manager Competitors

Product Reports

Buyer's Guide

AWS CloudTrail

March 2025

Download AWS CloudTrail product report

Buyer's Guide

CyberArk Privileged Access Manager

March 2025

CyberArk Privileged Access Manager report

Download CyberArk Privileged Access Manager product report

Also Known As

CloudTrail

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault

Overview

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting.

Amazon Web Services (AWS)

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

Sample Customers

HTC, British Gas, Solinor, 2C2P

Rockwell Automation

Buyer's Guide

AWS CloudTrail vs. CyberArk Privileged Access Manager

January 2025

Free Report: AWS CloudTrail vs. CyberArk Privileged Access Manager

Find out what your peers are saying about AWS CloudTrail vs. CyberArk Privileged Access Manager and other solutions. Updated: January 2025.

DOWNLOAD NOW

839,422 professionals have used our research since 2012.

See our AWS CloudTrail vs. CyberArk Privileged Access Manager report.

See our list of best User Activity Monitoring vendors.

We monitor all User Activity Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.