Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs HashiCorp Vault comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CyberArk Privileged Access ...
Ranking in Enterprise Password Managers
2nd
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
217
Ranking in other categories
User Activity Monitoring (1st), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
HashiCorp Vault
Ranking in Enterprise Password Managers
4th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Enterprise Password Managers category, the mindshare of CyberArk Privileged Access Manager is 7.5%, down from 9.4% compared to the previous year. The mindshare of HashiCorp Vault is 12.8%, down from 14.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Enterprise Password Managers
 

Featured Reviews

Lasantha Wijesinghe - PeerSpot reviewer
We have visibility and control through real-time user behavior analytics
It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.
AKASHGUPTA3 - PeerSpot reviewer
Easy to manage and maintain the password API but stability could be improved
I would advise doing a Proof of Concept first and then deciding accordingly because your use case might be simple. You can try out AWS Key Management or Azure Key Vault. They are different products. Do the POC and then decide what you need. Overall, I would rate the solution a six out of ten. No solution is a ten in my opinion.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"With PAM in place, we've experienced a significant reduction in potential security breaches."
"We are utilizing CyberArk to secure applications, credentials, and endpoints."
"Session recordings and timestamps are valuable features. They allow me to specifically select the time a particular command was executed, so I do not have to review the entire recording. I can click on events to determine where and when they happened."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"I'm no longer the product owner for PAM, but I can say that the most useful feature is the vault functionality, which keeps all your passwords secure in a digital vault."
"The logs and reporting features are impressive."
"All of the features of CyberArk Privileged Access Manager are valuable."
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization."
"We use the solution for secret management."
"For me, the most valuable features include that it's easy to manage and maintain the password API for retrieving passwords and other things."
"We were using it because we have compliance requirements around secret management. Having a secure vault and encrypting data was an additional requirement. When we looked at it first, we were just looking for a vault, like a lockbox. The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive."
"The most valuable feature of HashiCorp Vault is the management of tickets in the pipeline."
"The most valuable feature of HashiCorp Vault is version control."
"It is an added value for our customers to have a Secrets Management workflow available that is PaaS/CaaS/KaaS Platform agnostic."
"The interface is very simple to navigate."
"The solution is stable. It has been working perfectly without any problem."
 

Cons

"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights."
"The scalability, sometimes, is lacking. It works really well for more static environments... But for an environment where you're constantly spinning up new infrastructure or new endpoints, sometimes it has a hard time keeping up."
"I sometimes require learning resources when there is a new solution for CyberArk."
"The tool needs to improve its usage and interface. They need to have a modern and useful interface. I want the product to improve its integration capabilities as well since some of the integration features do not work always."
"I would like to see a simplification of the product."
"New functionalities and discovered bugs take longer to patch. We would greatly appreciate quicker development of security patches and bug corrections."
"The price is high compared to Azure Key Vault. It's the most expensive solution."
"The product needs to improve its customization. It should be also more like easy to plug and play."
"The product is complicated to install."
"The solution could be much easier to implement."
"I would like to see better integration of HashiCorp Vault with SAP products."
"It would be helpful to have more advanced features."
"The onboarding is a challenge. It should be more self-service, but it involves reviews and approvals."
"The solution's initial setup process is complicated."
"A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution."
 

Pricing and Cost Advice

"I'm aware that the organization had purchased licensing for almost all of CyberArk's solutions including licensing for PTA, EPM, and the Application Identity Manager. But when it comes to PSM, this is one of the components where there's an additional charge for any extra PSMs that you want to deploy. I believe that there's some rider where the vendor has a bit of leeway to, at times, charge a premium on whatever additional services you may require above the board."
"If you want a Ferrari, it will cost you. The solution is really nice, so it costs the client, but in the long run, it is very good. If you buy a solution that costs a lot to maintain because it is not stable, and you are frequently asking for consultant support, it costs more."
"I focus more on the technical side, but I hear customers say that if CyberArk was more affordable, they might have acquired more licenses. Some clients consider alternative solutions due to pricing concerns."
"Our risk is definitely significantly lower. Also, our resources are low."
"I do not have any opinions to add about the pricing of the product."
"I would rate CyberArk's pricing a nine out of ten, with one being cheap and ten being expensive. It's one of the most expensive solutions in the market, but it's worth it."
"CyberArk Enterprise Password Vault's pricing is reasonable."
"Generally, I don't get involved in the licensing or the purchasing side of it, but I do know that the licenses are expensive."
"It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud."
"The solution's cost is reasonable."
"The AWS version is much cheaper than HashiCorp Vault."
"In my case, the open-source version works well. It's advisable for small to medium-scale organizations, but for large-scale organizations, you should go with the enterprise version."
"I am using the open-source version of Vault and I would have to buy a license if I want to get support."
"The product is expensive."
report
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
34%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
Financial Services Firm
20%
Computer Software Company
15%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
Which is better - HashiCorp Vault or AWS Secrets Manager?
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic sol...
What do you like most about HashiCorp Vault?
The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applications, making it easy to set up and implement quickly. This allows you to test it...
What is your experience regarding pricing and costs for HashiCorp Vault?
If I were to set it up in AWS Secret Management, I would have to manage it, pay, and create secrets without being cloud agnostic. The advantage with Vault is that it is cloud agnostic. I can deploy...
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
No data available
 

Overview

 

Sample Customers

Rockwell Automation
Adobe, SAP Ariba, Citadel, Spaceflight, Cruise
Find out what your peers are saying about CyberArk Privileged Access Manager vs. HashiCorp Vault and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.