Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs HashiCorp Vault comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CyberArk Privileged Access ...
Ranking in Enterprise Password Managers
2nd
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
217
Ranking in other categories
User Activity Monitoring (1st), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
HashiCorp Vault
Ranking in Enterprise Password Managers
4th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Enterprise Password Managers category, the mindshare of CyberArk Privileged Access Manager is 7.5%, down from 9.4% compared to the previous year. The mindshare of HashiCorp Vault is 12.8%, down from 14.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Enterprise Password Managers
 

Featured Reviews

Lasantha Wijesinghe - PeerSpot reviewer
We have visibility and control through real-time user behavior analytics
It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.
AKASHGUPTA3 - PeerSpot reviewer
Easy to manage and maintain the password API but stability could be improved
I would advise doing a Proof of Concept first and then deciding accordingly because your use case might be simple. You can try out AWS Key Management or Azure Key Vault. They are different products. Do the POC and then decide what you need. Overall, I would rate the solution a six out of ten. No solution is a ten in my opinion.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I find value in notifications from CyberArk when passwords fail verification and have other issues."
"Previously, we used to share passwords for service and normal admin accounts among team members. However, since we started managing it through the product, we've transitioned to individual admin accounts or implemented dual control for shared accounts. With dual control, exclusive checking and checkout options are available, and passwords are not stored in clear text anywhere in the credentials."
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"The most valuable feature is that it is flexible. It has many connectors. that have done well, the EPV and SSH sessions are all being recorded and everything works fine."
"It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."
"The session recording and monitoring capabilities are valuable. We have real-time session management ability to record, audit, and monitor any privileged user activities. That is a big deal."
"I would rate this solution a nine out of ten."
"The whole concept of Zero Trust and implementing it with CyberArk, which somewhat adheres to the 'never trust, always verify' principle, is very valuable. I really appreciate this aspect. Moreover, the just-in-time access is impressive, allowing access for a specific time."
"It is a good product to consider for companies who are looking to build on-premise or hybrid infrastructure."
"The interface is very simple to navigate."
"It is an added value for our customers to have a Secrets Management workflow available that is PaaS/CaaS/KaaS Platform agnostic."
"The most valuable feature of HashiCorp Vault is version control."
"It is user-friendly and easy to implement from any application point."
"This solution is easy to use and to integrate."
"It's stable. I would rate the stability a nine out of ten."
"It can still be configured by a separate team other than developers. That's why I think it's more secure."
 

Cons

"More additional features as far as the REST is concerned, because we have something which was the predecessor to REST. A lot of the features which were in the predecessor have not necessarily been ported over to REST yet."
"There is room for improvement in the pricing model."
"The solution is too big and complex for any businesses that are small or medium-sized. They should offer a more compact version or make a solution better suited to smaller businesses."
"CyberArk Enterprise Password Vault's GUI has certain shortcomings that need improvement."
"CyberArk Privileged Access Manager is more expensive than its competitors, such as BeyondTrust, Delinea, and ManageEngine PAM360."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"CyberArk could enhance its usability by simplifying its architecture and design."
"CyberArk PAM is a very broad product as everyone's requirements for implementation are different. In our particular case, the initial implementation was planned and developed by people who didn't know our specific network requirements, so the initial implementation needed to be tweaked over time. While this is normal, at the time all these "major" changes required CyberArk professional services to come in-plant and "assist" with the changes."
"An improvement needed is the ability for auto-initialization."
"I would like to see better integration of HashiCorp Vault with SAP products."
"We could use more documentation, primarily to do with integrations."
"In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through API calls. I think CyberArk has a better approach because it provides a UI that integrates features across all its components, making it easier, especially for new users or those from organizations with strict licensing policies."
"It would be helpful to have more advanced features."
"In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it."
"The documentation is very general; it should have more examples and more use cases."
"There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security."
 

Pricing and Cost Advice

"The price of the solution is reasonable."
"Pricing is a problem. CyberArk is expensive compared to other products I know. It is similar to buying a German car. It comes with all the bells and whistles, but some companies may find it too expensive."
"CyberArk Privileged Access Manager is perceived to be somewhat overpriced compared to similar market products. It is a little bit overvalued. It could come down a little bit for my liking. However, the industry-leading reputation and the quality of service justify the high price point to some extent."
"CyberArk Privileged Access Manager is more expensive than its competitors, such as BeyondTrust, Delinea, and ManageEngine PAM360."
"Its price is high. I have also worked with Delinea. CyberArk is comparatively expensive compared to other PAM solutions, such as Delinea, especially during renewal."
"Its price can be reduced."
"Compared to other solutions, it is costly."
"They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."
"The AWS version is much cheaper than HashiCorp Vault."
"I am using the open-source version of Vault and I would have to buy a license if I want to get support."
"The solution's cost is reasonable."
"It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud."
"In my case, the open-source version works well. It's advisable for small to medium-scale organizations, but for large-scale organizations, you should go with the enterprise version."
"The product is expensive."
report
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
845,564 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
34%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
Financial Services Firm
20%
Computer Software Company
15%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
Which is better - HashiCorp Vault or AWS Secrets Manager?
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic sol...
What do you like most about HashiCorp Vault?
The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applications, making it easy to set up and implement quickly. This allows you to test it...
What is your experience regarding pricing and costs for HashiCorp Vault?
If I were to set it up in AWS Secret Management, I would have to manage it, pay, and create secrets without being cloud agnostic. The advantage with Vault is that it is cloud agnostic. I can deploy...
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
No data available
 

Overview

 

Sample Customers

Rockwell Automation
Adobe, SAP Ariba, Citadel, Spaceflight, Cruise
Find out what your peers are saying about CyberArk Privileged Access Manager vs. HashiCorp Vault and other solutions. Updated: March 2025.
845,564 professionals have used our research since 2012.