CyberArk Privileged Access Manager vs HashiCorp Vault comparison

CyberArk and HashiCorp are both solutions in the Enterprise Password Managers category. CyberArk is ranked #2 with an average rating of 8.7, while HashiCorp is ranked #4 with an average rating of 8.3. CyberArk holds a 7.8% mindshare in EPM, compared to HashiCorp’s 12.3% mindshare. Additionally, 94% of CyberArk users are willing to recommend the solution, compared to 89% of HashiCorp users who would recommend it.

CyberArk Privileged Access ...

Read 221 CyberArk Privileged Access Manager reviews

6,110 Views
3,684 Comparison Views

94% willing to recommend

HashiCorp Vault

Read 17 HashiCorp Vault reviews

8,083 Views
5,601 Comparison Views

89% willing to recommend

CyberArk Privileged Access ...

HashiCorp Vault

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 16, 2024

CyberArk Privileged Access Manager and HashiCorp Vault compete in privileged access management and secrets management. CyberArk may have an advantage due to its modular, feature-rich design appealing to enterprises with complex needs.

Features: CyberArk Privileged Access Manager provides Central Policy Manager, Privileged Session Manager, and Enterprise Password Vault, facilitating modular integrations and scalability for managing, protecting, and monitoring privileged access. HashiCorp Vault emphasizes secrets management with dynamic secrets and leasing, supporting API integration suited for DevOps and cloud-agnostic environments.

Room for Improvement: CyberArk could improve user experience, session recording search, better documentation, and user training. Meanwhile, HashiCorp Vault users require enhanced cloud integration documentation and a more intuitive initial setup process.

Ease of Deployment and Customer Service: CyberArk supports on-premises, private, and hybrid clouds targeting large enterprises with complex deployments, offering costly yet comprehensive support. HashiCorp Vault, offering an open-source version, suits those with cloud deployments needing fewer resources but may lack the structured support that CyberArk provides.

Pricing and ROI: CyberArk is often expensive, with additional fees for certain features but offers significant ROI in security and risk reduction. HashiCorp Vault's open-source option offers cost savings, with enterprise features scaling in cost but providing reasonable pricing for advanced features, making it a sustainable option for long-term investments with potentially lower upfront costs.

To learn more, read our detailed CyberArk Privileged Access Manager vs. HashiCorp Vault Report (Updated: April 2025).

Buyer's Guide

CyberArk Privileged Access Manager vs. HashiCorp Vault

April 2025

Download the complete report

Helped 850,671 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CyberArk Privileged Access ...

Ranking in Enterprise Password Managers

2nd

Average Rating

8.6

Reviews Sentiment

6.9

Number of Reviews

221

Ranking in other categories

User Activity Monitoring (1st), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)

HashiCorp Vault

Ranking in Enterprise Password Managers

4th

Average Rating

8.2

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2025, in the Enterprise Password Managers category, the mindshare of CyberArk Privileged Access Manager is 7.8%, down from 9.2% compared to the previous year. The mindshare of HashiCorp Vault is 12.3%, down from 14.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Enterprise Password Managers

Featured Reviews

Lasantha Wijesinghe

Cybersecurity Specialist at a comms service provider with 5,001-10,000 employees

We have visibility and control through real-time user behavior analytics

It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.

Read full review

AKASHGUPTA3

Credit Analyst at Standard Chartered Bank

Easy to manage and maintain the password API but stability could be improved

I would advise doing a Proof of Concept first and then deciding accordingly because your use case might be simple. You can try out AWS Key Management or Azure Key Vault. They are different products. Do the POC and then decide what you need. Overall, I would rate the solution a six out of ten. No solution is a ten in my opinion.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"CyberArk's GUI is user friendly."

"Every aspect of the solution is very well integrated, and even that gives comfort. It is a fail-safe kind of environment."

"It allows users to self-provision access to the accounts that they need."

"The solution helps our developers access internal systems. It also helps us in Privilege Access Management."

"You can see the benefits of CyberArk Privileged Access Manager immediately."

"The most valuable features of CyberArk Privileged Access Manager include its search capabilities."

"We have accomplished our security goals. We have two-factor authenticated and vaulted our important accounts, so people can't just steal stuff from us."

"We are able to know who is accessing what and when; having accountability."

More CyberArk Privileged Access Manager pros

"It is a good product to consider for companies who are looking to build on-premise or hybrid infrastructure."

"It is an added value for our customers to have a Secrets Management workflow available that is PaaS/CaaS/KaaS Platform agnostic."

"The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp."

"We use the solution for secret management."

"The interface is very simple to navigate."

"It's stable. I would rate the stability a nine out of ten."

"This solution is easy to use and to integrate."

"The most valuable feature of HashiCorp Vault is the management of tickets in the pipeline."

More HashiCorp Vault pros

Cons

"There are some options in the web portal where they can improve the user experience. For example, in remote, there is a parameter called 'access to remote machine.' When we put host names in that field, we are not able to search it. It"

"The solution's architecture could be improved. It requires installation on four to five different servers."

"The initial setup of CyberArk is a challenge if you do not have prior experience with it."

"There is room for improvement, particularly with Vendor PAM."

"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."

"This product needs professional consulting services to onboard accounts effectively based user profiles."

"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."

"The issue of technical support is crucial, as there are not many specialized partners available in Brazil to provide this service. While English language support is of good quality, there is a significant shortage of partners capable of meeting the demand locally."

More CyberArk Privileged Access Manager cons

"A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution."

"I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube."

"It would be helpful to have more advanced features."

"I would like to see better integration of HashiCorp Vault with SAP products."

"There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security."

"An improvement needed is the ability for auto-initialization. There should be an inbuilt option for automatic initialization rather than running it manually."

"In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through API calls. I think CyberArk has a better approach because it provides a UI that integrates features across all its components, making it easier, especially for new users or those from organizations with strict licensing policies."

"The solution could be much easier to implement."

More HashiCorp Vault cons

Pricing and Cost Advice

"There are no additional costs other than the standard licensing fees."

"The cost is high compared to other products."

"Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect."

"I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year. You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features."

"The solution is available at a high price"

"My company always complains about the cost of CyberArk Privileged Access Manager because it's too high."

"They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."

"The price of this solution is expensive."

More CyberArk Privileged Access Manager pricing and cost advice

"The AWS version is much cheaper than HashiCorp Vault."

"I am using the open-source version of Vault and I would have to buy a license if I want to get support."

"The product is expensive."

"The solution's cost is reasonable."

"It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud."

"In my case, the open-source version works well. It's advisable for small to medium-scale organizations, but for large-scale organizations, you should go with the enterprise version."

See which vendors are best for you

Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.

See recommendations

850,671 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

33%

Financial Services Firm

12%

Computer Software Company

11%

Manufacturing Company

Financial Services Firm

20%

Computer Software Company

15%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?

We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...

See all answers

What do you like most about CyberArk Privileged Access Manager?

The most valuable features of the solution are control and analytics.

See all answers

What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?

With the current model of licensing, for my use cases, sometimes it's hard to convince the management and get budget approvals for it. It's expensive and you're not getting anything new. It's just ...

See all answers

Which is better - HashiCorp Vault or AWS Secrets Manager?

HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic sol...

See all answers

What do you like most about HashiCorp Vault?

The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applications, making it easy to set up and implement quickly. This allows you to test it...

See all answers

What is your experience regarding pricing and costs for HashiCorp Vault?

If I were to set it up in AWS Secret Management, I would have to manage it, pay, and create secrets without being cloud agnostic. The advantage with Vault is that it is cloud agnostic. I can deploy...

See all answers

Comparisons

Microsoft Entra ID vs CyberArk Privileged Access Manager

Compared 9% of the time

Delinea Secret Server vs CyberArk Privileged Access Manager

Compared 7% of the time

WALLIX Bastion vs CyberArk Privileged Access Manager

Compared 6% of the time

Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager

Compared 6% of the time

More CyberArk Privileged Access Manager Competitors

Bitwarden vs HashiCorp Vault

Compared 23% of the time

AWS Secrets Manager vs HashiCorp Vault

Compared 20% of the time

Keeper vs HashiCorp Vault

Compared 11% of the time

Azure Key Vault vs HashiCorp Vault

Compared 11% of the time

BeyondTrust Password Safe vs HashiCorp Vault

Compared 4% of the time

More HashiCorp Vault Competitors

Product Reports

Buyer's Guide

CyberArk Privileged Access Manager

May 2025

CyberArk Privileged Access Manager report

Download CyberArk Privileged Access Manager product report

Buyer's Guide

HashiCorp Vault

April 2025

Download HashiCorp Vault product report

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault

No data available

Overview

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

HashiCorp Vault is a cloud-agnostic solution used for security and secret management. Its valuable features include integration with other HashiCorp tools, token sharing, open source nature, cloud agnosticism, and on-the-fly encryption management.

The solution provides encryption of data at rest, in use, in transit, on the fly, and linked with applications. It is free to use, and the interface is simple to navigate. HashiCorp Vault has helped organizations with its multiple authentication methods and RESTful API.

HashiCorp Vault Features

Data encryption: The solution is capable of encrypting and decrypting data, and will not store it. Organizations’ security personnel define their own encryption protocols; developers can store the encrypted data where they choose and are not obligated to design specific encryption processes.
Robust secrets: For systems such as AWS or SQL databases, Vault is able to generate secrets automatically. HashiCorp Vault is able to generate AWS keypairs with all the appropriate permissions when necessary, and when the approved time expires, will nullify them.
Secure secret storage: Any type of value or key secrets can be stored in the Vault. The Vault automatically encrypts the desired secrets before recording them into persistent storage, keeping them safe and secure. Users can record data using HCP Vault’s Consul service or disk, or choose from other options.
Nullification: Vault is able to nullify single secrets or all secrets from a particular group or specific user. This process is integral in securing systems in the event of an attack or inappropriate access.

Reviews from Real Users

“The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive. The lifecycle of a key is so easy to manage in terms of rotating, revoking, and issuing. They have different auth methods, and I tried all different auth methods. It is seamless.”- Project Manager at a comms service provider.

“The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud-agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp. “ - Mohamed A., Lead DevOps Engineer at Etisalat.

HashiCorp

Sample Customers

Rockwell Automation

Adobe, SAP Ariba, Citadel, Spaceflight, Cruise

Buyer's Guide

CyberArk Privileged Access Manager vs. HashiCorp Vault

April 2025

Free Report: CyberArk Privileged Access Manager vs. HashiCorp Vault

Find out what your peers are saying about CyberArk Privileged Access Manager vs. HashiCorp Vault and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,671 professionals have used our research since 2012.

See our CyberArk Privileged Access Manager vs. HashiCorp Vault report.

See our list of best Enterprise Password Managers vendors.

We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.