Try our new research platform with insights from 80,000+ expert users

Azure Key Vault vs CyberArk Privileged Access Manager comparison

Microsoft and CyberArk are both solutions in the Enterprise Password Managers category. Microsoft is ranked #1 with an average rating of 8.7, while CyberArk is ranked #3 with an average rating of 8.9. Additionally, 97% of Microsoft users are willing to recommend the solution, compared to 94% of CyberArk users who would recommend it.
Azure Key Vault
Read 45 Azure Key Vault reviews
  • 19,757 Views
  • 14,001 Comparison Views
97% willing to recommend
CyberArk Privileged Access ...
Read 197 CyberArk Privileged Access Manager reviews
  • 8,412 Views
  • 4,977 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 16, 2024

CyberArk Privileged Access Manager and Azure Key Vault compete in the realm of privileged account and key management solutions. CyberArk appears to have the upper hand in terms of comprehensive privileged session management features, while Azure Key Vault excels at seamless integration within the Azure ecosystem.

Features: CyberArk offers centralized policy management, automated password rotation, auditing, session recording, and compliance tools like Enterprise Password Vault and Privileged Session Manager. Azure Key Vault focuses on secure key and secret storage with easy integration in Azure, supporting cryptographic key management.

Room for Improvement: CyberArk users seek enhancements in user interface, platform integration, session recording search, plugin connectors, and reporting features. Azure Key Vault users desire improved key rotation, integration with third-party services, and a streamlined setup process, particularly for non-Microsoft services.

Ease of Deployment and Customer Service: CyberArk is primarily deployed in on-premises and hybrid cloud environments, requiring detailed configuration and strong technical support but with noted delays. Azure Key Vault's cloud-native deployment ensures easy setup, proficient support, and seamless Azure service integration, despite some service delays and feature request challenges.

Pricing and ROI: CyberArk is costly, targeting larger enterprises, but delivers significant ROI by enhancing security and compliance. Azure Key Vault offers a more affordable pay-as-you-go model within the Azure ecosystem, although costs can rise with the volume of managed keys.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Azure Key Vault vs. CyberArk Privileged Access Manager Report (Updated: December 2024).
Buyer's Guide
Azure Key Vault vs. CyberArk Privileged Access Manager
December 2024
Download the complete report
Helped 824,053 peers since 2012
 

Categories and Ranking

Azure Key Vault
Ranking in Enterprise Password Managers
1st
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
45
Ranking in other categories
Certificate Management Software (1st), Microsoft Security Suite (14th)
CyberArk Privileged Access ...
Ranking in Enterprise Password Managers
3rd
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
197
Ranking in other categories
User Activity Monitoring (1st), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
 

Featured Reviews

Mayur B N - PeerSpot reviewer
Offers good integration capabilities to its users
I use the tool to manage encryption keys and secrets in our application. In our company's production environment, we have some secrets and certificates that need to be accessed by the Kubernetes cluster, which is why we store those secrets in Azure Key Vault. In Kubernetes, we have a SecretProviderClass, which helps us access those keys from Azure Key Vault and then give them to our applications. Speaking about how Azure Key Vault plays a crucial role in our company's security strategy, in Kubernetes, you have to define environment variables for the application. In my company, we have around 60 to 70 environment variables, and most of them are sensitive. In Kubernetes, you define YAML files, and you can't directly use any values in YAML files and commit them to the GitHub commit because you will basically see the text values in YAML files. Instead, we store it in Azure Key Vault and then access those keys and values as variables for our company's applications. In terms of the benefits of cryptographic key management features, I would say that my company has used only the secret option in the tool, so we haven't checked out the keys and certificates. In my company, we just store key-value pairs for variables in Azure Key Vault. The product's integration capabilities are good. The tool has a pretty good firewall, which allows my company to access only private networks and certain IP addresses. Everything else is good with the product. My company doesn't use the policies in the product since we rely on roles and role assignments. One person is enough to take care of the maintenance of the solution. The product helps my company comply with the industry regulations since I believe that Azure Key Vault has its own set of SLAs and compliances, which we have gone through. I think Azure has some default compliance for each and every resource, which would be enough considering that I work in a very small organization where we didn't think of going into the details related to it. Azure is a very good platform, but it is a bit expensive. I think the price is justified because of the reduced complexity and the way it handles things, considering that Azure manages certain things better than its competitors. The tool is a bit expensive, but the management and configurations would be less expensive from the user's side. I rate the tool a nine out of ten.
Read full review
SatishIyer - PeerSpot reviewer
Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK
When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time. PTA is essentially the monitoring interface of the broker (e.g. Privileged Access Management, the Vault, CPM, PSM, etc.), and it's where you can capture your broker bypass and perform related actions. For this reason, we thought that this kind of mapping would be required, but CyberArk informed us that they did not have the capability we had in mind with regard to MITRE ATT&CK. I am not sure what the situation is now, but it would definitely help to have that kind of alignment with one of the more well-known frameworks like MITRE. For CyberArk as a vendor, it would also help them to clearly spell out in which areas they have full functionality and in which ares they have partial or none. Of course, it also greatly benefits the customers when they're evaluating the product.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I would say it's granular controller who can access them."
"The most valuable features of Microsoft Azure Key Vault are the security and convenience of changing passwords in multiple places."
"The solution's most valuable features are reusability and safety."
"The solution can scale up as needed."
"I am satisfied with the product overall."
"The initial setup is very straightforward. It only took a few minutes."
"The security on offer seems to be quite good."
"Among the features that have helped improve our security posture are storing secrets in a secure location to create a trusted situation, trusted resources, and incorporating identity access management so that we know who has access to what."
More Azure Key Vault pros
"I would rate CyberArk Privileged Access Manager nine out of ten."
"We can make a policy that affects everybody instantly."
"When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution."
"You can easily manage more than 4000 accounts with one PSM."
"It is scalable."
"The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials."
"All of the features of CyberArk Privileged Access Manager are valuable."
"CyberArk has helped us to identify, store, protect, and monitor the usage of privileged accounts."
More CyberArk Privileged Access Manager pros
 

Cons

"Many times, the first round of support itself will fail, and they will bring some more competent people in the subsequent support. So it gets into a hierarchical mode. By then, we will lose a good amount of time. The technical support needs improvement."
"One of my previous clients was one of the big banks here in the Netherlands and the EU courts have stated that Microsoft Azure Key Vault is not, according to their perspective, secure due to the fact that Microsoft has access to Key Vault."
"If the region where the Azure Key Vault data center is hosted goes down, it would be a cumbersome task since our company will have to come up with a different Azure Key Vault and migrate all the secrets or keys into it."
"I would like more code examples."
"We've experienced issues with configuration."
"It needs to offer dynamic secrets management."
"The solution needs to improve reliability and protection."
"If I consider how some people complain that a solution to store information should be available at a low cost, I would say that Azure Key Vault's price should be made cheaper."
More Azure Key Vault cons
"Password Vault is much pricier than other solutions. A vendor team might struggle to explain why that price is justified. There are good alternatives that cost less."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"Having a centralized place to manage the solution has been something that I have always wanted, and they are starting to understand that and bring things back together."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive."
"Online help needs to be looked into with live agent support."
"The Vault's disaster recovery features need improvement."
"The current user interface is a little dated. However, I hear there are changes coming in the next version."
More CyberArk Privileged Access Manager cons
 

Pricing and Cost Advice

"Currently, the tool's monthly licensing costs are around 1,800 USD for all the environments combined, including the production and pre-production environments."
"The price of the product is okay for my company."
"Pricing is quite reasonable and support is included, although premium support is available for an additional fee."
"The cost of the Azure Key Vault is very high and the pricing model is based on the number of keys that you store and retrieve."
"I find the pricing of Azure Key Vault to be reasonable."
"There are no extra costs beyond the standard fees, beyond maybe data transfer charges. It's $0.025 per 10,000 data transactions, so it is quite cheap."
"The product has good pricing."
"The product is inexpensive."
More Azure Key Vault pricing and cost advice
"There are no additional costs other than the standard licensing fees."
"CyberArk Privileged Access Manager is on the expensive side. It is very expensive."
"The solution is available at a high price"
"Quite expensive"
"The solution is cost-effective for the features."
"It's expensive, certainly. But CyberArk is the leader in the market with regards to privileged access management. You pay a lot, but you are paying for the value that is being delivered."
"The main problem for the tool is its licensing. I work for a really big company. When you try to develop this as a service, usually you work with leverage teams who are formed with dozens of members. You might dedicate one FTE, or less, for something, e.g., an antivirus administrator. You might have half an FTE's effort dedicated to administering the antivirus, but then you have a team of about 30 users who might access that ticket. The problem is that CyberArk eliminated the possibility of concurrent users years ago. This is a big problem for companies who work with leverage teams. You need to pay for everyone. 40 licenses are used by 20 or 30 people. This is a big problem because licenses are not precisely cheap."
"Generally, I don't get involved in the licensing or the purchasing side of it, but I do know that the licenses are expensive."
More CyberArk Privileged Access Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
See recommendations
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Government
7%
Educational Organization
32%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Key Vault or AWS Secrets Manager?
Azure Key Vault is a SaaS solution. You can easily store passwords and secrets securely and encrypt them. Azure Key Vault is a great solution to ensure you are compliant with security and governanc...
See all answers
What do you like most about Microsoft Azure Key Vault?
With Azure Key Vault, we can generate our own keys and then import them inside the system, which provides a higher level of security than provider-managed keys.
See all answers
What is your experience regarding pricing and costs for Microsoft Azure Key Vault?
Azure Key Vault is a very, very expensive solution. Currently, the solution's pricing is based on the number of transactions, which is very high in some cases.
See all answers
How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
See all answers
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
See all answers
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
CyberArk Privileged Access Manager comes at a high cost. But the solution is worth its price.
See all answers
 

Comparisons

AWS Secrets Manager vs Azure Key Vault Logo
AWS Secrets Manager vs Azure Key Vault
Compared 55% of the time
HashiCorp Vault vs Azure Key Vault Logo
HashiCorp Vault vs Azure Key Vault
Compared 12% of the time
AWS Certificate Manager vs Azure Key Vault Logo
AWS Certificate Manager vs Azure Key Vault
Compared 5% of the time
1Password vs Azure Key Vault Logo
1Password vs Azure Key Vault
Compared 4% of the time
Bitwarden vs Azure Key Vault Logo
Bitwarden vs Azure Key Vault
Compared 3% of the time
More Azure Key Vault Competitors
Microsoft Entra ID vs CyberArk Privileged Access Manager Logo
Microsoft Entra ID vs CyberArk Privileged Access Manager
Compared 10% of the time
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager Logo
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager
Compared 8% of the time
Delinea Secret Server vs CyberArk Privileged Access Manager Logo
Delinea Secret Server vs CyberArk Privileged Access Manager
Compared 8% of the time
WALLIX Bastion vs CyberArk Privileged Access Manager Logo
WALLIX Bastion vs CyberArk Privileged Access Manager
Compared 6% of the time
One Identity Safeguard vs CyberArk Privileged Access Manager Logo
One Identity Safeguard vs CyberArk Privileged Access Manager
Compared 3% of the time
More CyberArk Privileged Access Manager Competitors
 

Product Reports

Buyer's Guide
Azure Key Vault
December 2024
Azure Key Vault reportDownload Azure Key Vault product report
Buyer's Guide
CyberArk Privileged Access Manager
December 2024
CyberArk Privileged Access Manager reportDownload CyberArk Privileged Access Manager product report
 

Also Known As

Microsoft Azure Key Vault, MS Azure Key Vault
CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
 

Learn More

Microsoft
CyberArk
 

Overview

Microsoft Azure Key Vault is a cloud-based data security and storage service that allows users to keep their secrets safe from bad actors.

Benefits of Microsoft Azure Key Vault

Some of the benefits of using Microsoft Azure Key Vault include:

  • Secure your secrets in a single central location, enabling you to control how your information is disseminated.
  • Keep your data away from bad actors. Application administrators can store their application’s security information away from the actual application. Microsoft Azure Key Vault reduces the chance that a bad actor will be able to leak an application’s secrets. Because the data is not stored in the code of the application, hackers will be unable to steal the security information.
  • Retrieve your information securely. When the information is needed, the application can securely retrieve it by using a uniform resource identifier (URI) to connect to Microsoft Azure Key Vault.
  • Securely store your digital keys and secrets. Microsoft Azure Key Vault stores data behind layers of security protocol. No one can access the information stored in a Microsoft Azure Key Vault without first obtaining the necessary authentication and authorization. The authentication process allows the system to figure out who is trying to access the vault in question. This process is performed by Azure’s Active Directory. After the person or entity is authenticated, Microsoft Azure Key Vault then assigns them a level of authorization. This determines what sort of actions they will be able to perform.
  • Choose from two different authorization options. The level of a user’s authorization can be either role-based or dictated by a policy that the administrator sets. Azure’s role-based access control (Azure RBAC) enables users to both manage and access stored data. A key vault access policy limits users to data access.
  • Secure your data in the way that best fits your needs. Your data can be protected by either industry-standard algorithm software or hardware security modules (HSMs). Your data is even safe from Microsoft, as the vaults are designed so that not even Microsoft can get in and access the information.
  • Easily monitor who accesses your vault(s). Microsoft Azure Key Vault enables administrators to keep a close eye on their secrets. Users can activate a vault-logging feature that will track every piece of information. It will record who accessed the vault, when they accessed it, and other pertinent details.
  • Choose how you want to store your logs. Users can store logs in multiple ways. These logs can be archived, sent to the Azure monitor logs area, or streamed to an events hub. The logs can be secured to prevent unauthorized viewing and deleted when they are no longer needed.

Reviews from Real Users

Microsoft Azure Key Vault stands out among their competitors for a number of reasons. Two major ones are the overall robustness of the solution and its ability to protect and manage many different digital asset types. The many features that the solution offers allows users to tailor their experience to meet their specific needs. Its flexibility enables users to accomplish a wide variety of security and identity management related tasks. It empowers users to secure a wide array of assets. Users can keep many different types of secrets away from bad actors.

A cloud architect at a marketing services firm writes, “All its features are really valuable. It's really well thought-out. It's a complete turnkey solution that has all the concerns taken care of, such as access control and management. You can use it in infrastructure as code to create key vaults, APIs, PowerShells, CLIs, even Terraform. You can also use it in different services across the board. If you have app services, or virtual machines, Kubernetes, or Databricks, they can all use Key Vault effectively. In my opinion, in a DevSecOps, DevOps, or even in a modern Azure implementation, you have to use Azure Key Vault to make sure you're addressing security and identity management concerns. By "identity" I mean usernames, passwords, cryptography, etcetera. It's a full-blown solution and it supports most breeds of key management: how you store keys and certify.”

Roger L., the managing director of Cybersecurity Architecture at Peloton Systems, says, “The most valuable aspect of the product is its ability to keep our admin password accounts for keys and a lot of our high-value assets. It can manage those types of assets. So far, the product does a great job of managing keys.”

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

  • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
  • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
  • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

 

Sample Customers

Adobe, DriveTime, Johnson Controls, HP, InterContinental Hotels Group, ASOS
Rockwell Automation
Buyer's Guide
Azure Key Vault vs. CyberArk Privileged Access Manager
December 2024
Free Report: Azure Key Vault vs. CyberArk Privileged Access Manager
Find out what your peers are saying about Azure Key Vault vs. CyberArk Privileged Access Manager and other solutions. Updated: December 2024.
DOWNLOAD NOW
824,053 professionals have used our research since 2012.
See our Azure Key Vault vs. CyberArk Privileged Access Manager report.
See our list of best Enterprise Password Managers vendors.

We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.