Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs LastPass comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

CyberArk Privileged Access ...
Ranking in Enterprise Password Managers
2nd
Average Rating
8.6
Number of Reviews
193
Ranking in other categories
User Activity Monitoring (1st), Privileged Access Management (PAM) (1st), Mainframe Security (3rd), Operational Technology (OT) Security (3rd)
LastPass
Ranking in Enterprise Password Managers
16th
Average Rating
7.4
Number of Reviews
12
Ranking in other categories
Single Sign-On (SSO) (21st), AIOps (24th)
 

Featured Reviews

SatishIyer - PeerSpot reviewer
Jun 21, 2022
Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK
When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time. PTA is essentially the monitoring interface of the broker (e.g. Privileged Access Management, the Vault, CPM, PSM, etc.), and it's where you can capture your broker bypass and perform related actions. For this reason, we thought that this kind of mapping would be required, but CyberArk informed us that they did not have the capability we had in mind with regard to MITRE ATT&CK. I am not sure what the situation is now, but it would definitely help to have that kind of alignment with one of the more well-known frameworks like MITRE. For CyberArk as a vendor, it would also help them to clearly spell out in which areas they have full functionality and in which ares they have partial or none. Of course, it also greatly benefits the customers when they're evaluating the product.
MK
Oct 21, 2021
Straightforward to set up, good support, intuitive to use, and offers good value for the cost
The most valuable feature is being able to use a single master password to access all of your other passwords. One feature that is really important to us is the ability to create secure notes. In our scenario, these are notes such as how to get some of our devices on the network. They are processes and procedures that we don't want anybody else to see, especially within the IT department. It's a small department and we have very many processes that we use, but not on a daily basis, so we aren't going to remember them. By using LastPass and secure notes, we can go back to those notes in a secure fashion and remind ourselves how to do certain things. For instance, how to create a test database for accounting, which is something that we do once a year. We don't want that to be out in a non-secure fashion, where somebody in the public can see it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The logs and reporting features are impressive."
"The fact that I can put my vault here in a central location on one net for example, and I'll have a CPM in California, a CPM in Texas, a CPM in New York, a CPM in Florida, and actually be able to grow with my company and not necessarily have to continue to grow my vault until I get to a certain number accounts - yet I can still manage everything across the country, if not the world - I love that. I love the flexibility and the capability of being able to pull those components out."
"We have been able to manage application credentials in CyberArk, whether they come as a custom plugin or straight out-of-the-box."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"Enterprise Password Vault, Privilege Session Manager, and Application Identity Management have been very useful for our client environment."
"The most valuable feature is that it is flexible. It has many connectors. that have done well, the EPV and SSH sessions are all being recorded and everything works fine."
"The solution helps our developers access internal systems. It also helps us in Privilege Access Management."
"CyberArk has allowed us to get the credentials and passwords out of hard-coded property files."
"Scalability is fine, no issues with that, especially now that they have added different user-level permissions. That has made it a lot easier to delegate out certain features to have other people do."
"The most valuable feature for me is being able to pair applications and user permissions."
"It is easy to use."
"Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
"The initial setup for this process is straightforward and extremely easy. It just works."
"This product helps keep us secure."
"Reduction in number of sensitive passwords stored insecurely on local systems."
"Tech support has been good. We haven't needed it much, because it is not a complex application. There is not that much you have to do with it."
 

Cons

"There is a learning curve when it comes to planning out the deployment strategy, but once it is defined, it runs itself."
"There is a little bit of confusion in the implementation part, especially when one tries to understand the actual working of the product."
"The turnaround time for technical support is lengthy."
"CyberArk's license is too expensive. I rate it seven out of 10 for affordability."
"As a customer, I might need a plugin for a specific product, or an application, and CyberArk might have already worked with some other client on it. There has to be some platform where it is available for everybody else to go and grab it, instead of my having to reinvent the wheel."
"CyberArk has two disadvantages; the first is that it's insanely expensive and the other is it's very complex."
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"The usual workload is sometimes delayed by the solution."
"The management through the plugin is poor. It consumes tons of client resources especially as an administrator."
"The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass."
"We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine."
"It is not super feature laden. It does not stand out versus the competition."
"I also don't like the add-in for Internet Explorer and Google Chrome, because when you do the add-in, you can actually save that to your credentials in your IE, and the problem is, if I left my screen open, or any of the IT people leave their screen open someone could come up and access all their credentials in LastPass without having to put a password in within your own network. I don't like that functionality. We've banned that from any of our staff adding that as an add-in because we see that as a security risk."
"I would like to be able to reduce the log out time of the session."
"I struggle a little bit with the mobile app. As a browser extension, it works really well, and we are able to get to what we need to. However, on the phone, it's not quite as easy to navigate."
"Our biggest issue over the years was around the stability of the LDAP sync to AD."
 

Pricing and Cost Advice

"The SaaS version of CyberArk Enterprise Password Vault is very expensive, but the on-premises version is relative, e.g. depending on the size of the environment, it can be a bit pricey, but it's relatively okay compared to the others."
"Compared to other solutions, it is costly."
"I would rate CyberArk's pricing a nine out of ten, with one being cheap and ten being expensive. It's one of the most expensive solutions in the market, but it's worth it."
"Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
"The license CyberArk Privileged Access Manager is on an annual basis."
"The price of CyberArk Privileged Access Manager could be less expensive."
"It costs us around $200 per user."
"The main problem for the tool is its licensing. I work for a really big company. When you try to develop this as a service, usually you work with leverage teams who are formed with dozens of members. You might dedicate one FTE, or less, for something, e.g., an antivirus administrator. You might have half an FTE's effort dedicated to administering the antivirus, but then you have a team of about 30 users who might access that ticket. The problem is that CyberArk eliminated the possibility of concurrent users years ago. This is a big problem for companies who work with leverage teams. You need to pay for everyone. 40 licenses are used by 20 or 30 people. This is a big problem because licenses are not precisely cheap."
"The previous pricing was of good value. I don't really know, as of now, whether the new pricing is. The Enterprise license is $48 per license per year now. That is a steep increase of $24, which is what it was when we first signed up."
"I was not terribly alarmed with the pricing, and am pleased with the fact that a home license is included with each business license."
"The subscription model is rated at a fair price."
"LastPass was cheap as chips. It was very cheap, hence one of the reasons we went with it. If you're a small organization and you're after something that'll do 90% of your requirements, it's very good. Licensing and all that was really cheap and simple to understand."
"It would be nice to do a quarterly true-up process with them versus having to buy 50 licenses at a time when we realize we're out, then we have to buy more. So far, they have been nice about letting us exceed our allotment and just letting us true-up on our own, but a more robust quarterly true-up process would be good."
"You do not have to purchase licenses for your entire organization. You can scale as adoption grows."
"If you import from sources like XML, keepass, CSV files be sure to clean the import files, this reduces the adjustments in the slow tool itself."
"In terms of pricing, my feeling is that they are all roughly the same. LastPass is in line with its competitors, plus or minute a dollar or two per month."
report
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
814,325 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
30%
Financial Services Firm
13%
Computer Software Company
12%
Manufacturing Company
6%
Computer Software Company
14%
Insurance Company
12%
Financial Services Firm
10%
Retailer
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
CyberArk Privileged Access Manager comes at a high cost. But the solution is worth its price.
Ask a question
Earn 20 points
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
LastPass Business, LastPass Enterprise, Lastpasss
 

Learn More

 

Overview

 

Sample Customers

Rockwell Automation
Deakin University, Duke University, Code.org, Influitive, PeopleKeys, SMA Technologies, Skynamo
Find out what your peers are saying about CyberArk Privileged Access Manager vs. LastPass and other solutions. Updated: October 2024.
814,325 professionals have used our research since 2012.