Try our new research platform with insights from 80,000+ expert users

AWS Secrets Manager vs CyberArk Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Secrets Manager
Ranking in Enterprise Password Managers
3rd
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
13
Ranking in other categories
No ranking in other categories
CyberArk Privileged Access ...
Ranking in Enterprise Password Managers
2nd
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
219
Ranking in other categories
User Activity Monitoring (1st), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
 

Mindshare comparison

As of April 2025, in the Enterprise Password Managers category, the mindshare of AWS Secrets Manager is 19.4%, down from 20.7% compared to the previous year. The mindshare of CyberArk Privileged Access Manager is 7.5%, down from 9.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Enterprise Password Managers
 

Featured Reviews

ManuelTorres - PeerSpot reviewer
Simplifies and secures secret management within the AWS ecosystem, though it could enhance integration capabilities with external platforms
AWS Secrets Manager has streamlined our processes for managing secrets and their lifecycle. We typically handle everything through automation, following a predefined approach. When we undertake our developments, we seamlessly integrate the process into our workflows. Essentially, our secrets require minimal intervention; they are automatically managed by the system itself. This ensures smooth operations without the need for manual intervention. We integrate this tool with various AWS services, utilizing AWS Secrets Manager specifically for AWS resources. Any application, service, or deployment within AWS leverages Secrets Manager whenever it requires access to it.
Lasantha Wijesinghe - PeerSpot reviewer
We have visibility and control through real-time user behavior analytics
It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of AWS Secrets Manager is its seamless integration with various AWS services."
"AWS Secrets Manager is used for storing secret information that has to be a secret from your customer and your employees."
"It's highly scalable, so I'd rate it a ten out of ten."
"The API is fine and works well."
"The most valuable feature of AWS Secrets Manager is the ability to keep data secret and assign access permissions to people to grant or restrict access."
"Integrating with other services was straightforward, especially within the AWS environment."
"The product is easy to use and is inexpensive."
"All our workloads are running on AWS, so integration with our workload is much easier on AWS Secrets Manager than going with another solution such as Thycotic."
"Session recordings and timestamps are valuable features. They allow me to specifically select the time a particular command was executed, so I do not have to review the entire recording. I can click on events to determine where and when they happened."
"The module called PTA, Privileged Threat Analytics, is very useful. When you give access to a user, it monitors and detects if the user's behavior is unusual. After giving access, it continually checks if the user is the same user."
"The integrations are the most valuable aspect of CyberArk Privileged Access Manager. The software offers pre-built integrations, and our team can also create custom connectors. This flexibility allows us to integrate with systems that we previously didn't consider integrating with, making it a significant advantage for us."
"It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."
"The most valuable feature is that it always provides flexibility, password quality and one-time user check-in and check-out."
"The fact that I can put my vault here in a central location on one net for example, and I'll have a CPM in California, a CPM in Texas, a CPM in New York, a CPM in Florida, and actually be able to grow with my company and not necessarily have to continue to grow my vault until I get to a certain number accounts - yet I can still manage everything across the country, if not the world - I love that. I love the flexibility and the capability of being able to pull those components out."
"CyberArk Privileged Access Manager’s ability to safeguard credentials is very important."
"The AI capabilities, including advanced threat detection features, are very helpful for us. They reduce human effort and errors, allowing us to quickly identify and respond to threats."
 

Cons

"An area for improvement in AWS Secrets Manager could be expanding integration options beyond AWS services."
"The solution's initial setup process is complicated."
"AWS Secrets Manager could support hybrid infrastructure."
"There is room for improvement in terms of integrating with certain other platforms."
"It would be good if the AWS Secrets Manager were more customizable."
"The price of the solution could improve."
"If you add one more layer of security to AWS Secrets Manager, even the programmer will not be able to see the secrets."
"If you don't have enterprise support, then you will not be able to get through to them to get the help. It is not only applicable to AWS Secrets Manager. It is also applicable to any service on AWS."
"The documentation is rather basic and it is missing many use cases."
"CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve."
"The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple."
"There are some options in the web portal where they can improve the user experience. For example, in remote, there is a parameter called 'access to remote machine.' When we put host names in that field, we are not able to search it. It"
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"CyberArk Enterprise Password Vault's deployment is complex for resources with little experience. Tech support needs to be improved as well based on quality and knowledge."
"I'd like it to be a little more granular. I want a little bit more control over exactly what we do. I know if you do that, you add more knobs and dials to deal with, but that's just my personal approach: granular access."
"CyberArk Privileged Access Manager is more expensive than its competitors, such as BeyondTrust, Delinea, and ManageEngine PAM360."
 

Pricing and Cost Advice

"The cost is somewhat high."
"We've observed that AWS Secrets Manager pricing is based on a per-secret-per-month model. As a result, we prefer to divide our secrets into individual pieces to increase security and grant specific access permissions to certain secrets, systems, or individuals. However, this approach results in higher costs. Therefore, we have been exploring ways to combine our secrets into groups to reduce expenses and simplify management. Nonetheless, we acknowledge that this issue may not be related to the secret manager's functionality."
"We purchase a monthly license for the product."
"I don't believe there is a license cost for the solution."
"The solution is expensive."
"Its price can be reduced."
"Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
"It's expensive, certainly. But CyberArk is the leader in the market with regards to privileged access management. You pay a lot, but you are paying for the value that is being delivered."
"CyberArk has been Gartner's number-one pick for the past ten years, so you can infer that their pricing is higher than everyone else. When you are the best, you will charge appropriately for it."
"I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year. You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features."
"There are additional features added to our CyberArk Privileged Access Manager license. For example, features that allow us to integrate into various kinds of platforms."
"Its cost is fair."
"It can be an expensive product."
report
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
8%
Government
6%
Educational Organization
34%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Key Vault or AWS Secrets Manager?
Azure Key Vault is a SaaS solution. You can easily store passwords and secrets securely and encrypt them. Azure Key Vault is a great solution to ensure you are compliant with security and governanc...
Which is better - HashiCorp Vault or AWS Secrets Manager?
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic sol...
What do you like most about AWS Secrets Manager?
The most valuable feature of AWS Secrets Manager is its seamless integration with various AWS services.
How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
 

Also Known As

No data available
CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
 

Overview

 

Sample Customers

Autodesk, Clevy, Stackery
Rockwell Automation
Find out what your peers are saying about AWS Secrets Manager vs. CyberArk Privileged Access Manager and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.