Try our new research platform with insights from 80,000+ expert users
SeniorSeca1c - PeerSpot reviewer
Senior server administrator at a financial services firm with 1,001-5,000 employees
Real User
Significantly decreases the amount of time our teams spend mitigating security issues
Pros and Cons
  • "Because we now have the ability to grant access to management utilities like DNS Manager, Sequel Studio, and MMC, in a secure fashion, without system admins being required to continually reenter various passwords that are stored who knows where, it has really made the system admin's job much easier. It has made the PSM's job much easier. It has made the auditor's job and the security team's job and the access manager's job significantly easier, because we're able to move much more quickly toward a role-based access management system, and that is really streamlining the whole onboarding/offboarding management process."
  • "I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides."

What is our primary use case?

We use CyberArk to assist with implementing security solutions that our auditors require. It also assists us in giving secure, monitored, audited access to non-technical people who, because of their jobs, or because of the application, require direct access to servers.

We are utilizing CyberArk's secure application credentials and endpoints.

It is performing very well.

We're not planning to utilize CyberArk's secure infrastructure or applications running in the cloud because our industry is, for the present, barred from using cloud resources. We don't yet have experience using the Plugin Generator Utility and we are not using any of the other integrations available through CyberArk marketplace.

How has it helped my organization?

Because we now have the ability to grant access to management utilities like DNS Manager, Sequel Studio, and MMC, in a secure fashion, without system admins being required to continually reenter various passwords that are stored who knows where, it has really made the system admin's job much easier. It has made the PSM's job much easier. It has made the auditor's job and the security team's job and the access manager's job significantly easier, because we're able to move much more quickly toward a role-based access management system, and that is really streamlining the whole onboarding/offboarding management process.

CyberArk is the key technology around which we have built our security management solution. We chose it four years ago to assist with password management, and it has grown to where it is managing the entire security posture of the company at this point.

What is most valuable?

Number one would be the company, CyberArk, itself. The support, the ongoing assistance that is there, the ongoing ideas that are out there from champions, and from the other community forums that are out there, is just phenomenal.

What needs improvement?

My list of enhancement requests on the portal is quite extensive.

My goal as a system administrator is to enable people to do their jobs more easily, more efficiently. So, I'm looking for ways to enable people to leverage the security posture in CyberArk, and still be able to do their jobs. Better yet, to be able to do their jobs more easily, and that's exactly what I've been finding. There are a lot of ways that CyberArk is able to be used to give people access to things that they normally wouldn't be able to access, in a secure fashion, but there are still some roadblocks in the way there. I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides.

Buyer's Guide
CyberArk Privileged Access Manager
March 2025
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,690 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It is very stable. We started off on version 7, moved to 8, to 9, and now we're moving to 10, and each revision has brought about an increase in confidence and stability.

What do I think about the scalability of the solution?

It is very scalable for an organization of our size, and I have talked with other CyberArk administrators running worldwide enterprises with CyberArk.

How are customer service and support?

The tech support for CyberArk is definitely one of the best I've used, and I've been in IT for 35 years.

How was the initial setup?

I wasn't involved in the initial setup but I am involved in upgrade processing. Now, it is very straightforward. When we did the first major upgrade, it was very complex and required Professional Services for two weeks. Since we made it to version 9, the upgrades have been as simple as you could possibly hope for.

What was our ROI?

The amount of time that the security team spends mitigating risk has gone down. The amount of time that the server team spends managing security issues, mitigating security issues, has gone down tremendously.

What other advice do I have?

My advice to a colleague would be: First, don't allow the security team to be the driving force. It has to be the server team that implements it, that is the driving force behind it, and the for that reason is there is always animosity between the people who are there to enforce security and the people who are there to get a job done.

When you are on the enforcement team, you are dictating to the people who are trying to get a job done, "Here is something that I'm going to put in your way to make it harder for you to get your job done." Regardless of what happens, that's the way it comes across. Going to the server team saying, 'I've got a solution that's going to make our lives easier, and oh, by the way, it's also going to be more secure," you have a much easier time selling it, much lower push-back, because you're one of them.

Second, you've got to have buy-in before you pull the trigger. You can't just force it on them: "Oh, we just took away all your admin rights." You have to give them a new solution, let them prove to themselves that this solution works, that it does exactly what they need, and that it really is easier. Now, when you revoke the rights that they've had for probably decades, there is much less push-back.

In terms of selecting or working with a vendor, our most important criterion is the ability to connect with a vendor that not only gives us the solution we need but can also work with us to customize exactly what we need.

I would rate CyberArk a nine out of 10 for two reasons: 

  1. there is always room for growth
  2. there are still gaps in what the solution provides.

It's not complete across the board. If it were, it would be a 10. But I do see its potential to eventually reach that.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1797750 - PeerSpot reviewer
Information Security Engineer II at a healthcare company with 1,001-5,000 employees
Real User
Stable and solid solution for managing passwords, and comes with auto password recycling and PSM features
Pros and Cons
  • "If properly set up, CyberArk Enterprise Password Vault has good stability, and is a very solid tool. It can run by itself. Its most valuable features are auto password recycling and PSM."
  • "What needs to be improved in CyberArk Enterprise Password Vault is their customer support, particularly in terms of responsiveness, willingness to help, and being more understanding. The initial setup and upgrade process for the solution is complex and can only be done by CyberArk, so this is another area for improvement."

What is our primary use case?

Our use case for CyberArk Enterprise Password Vault is managing privileged accounts. These are local accounts, e.g. local desktops, laptops, or servers. They have a built-in administration account, so part of the solution is to ensure that that account's username and password are stored in the vault and managed by CyberArk Enterprise Password Vault.

What is most valuable?

The most valuable feature of CyberArk Enterprise Password Vault is the auto password recycling feature, which works this way: previous accounts which are managed by this solution get their password reset every time, based on our given parameters, e.g. every two days, every five days, every week, etc. You give CyberArk Enterprise Password Vault the number of days that you want the passwords to be changed, so users won't need to have their passwords written somewhere. They can just log on to the solution and retrieve the password. They may even be able to remotely connect to the devices that they want to connect to via the PSM function of CyberArk Enterprise Password Vault.

What needs improvement?

What needs to be improved in CyberArk Enterprise Password Vault is their customer support, because as administrative engineers, since we're not experts in the solution, we have to rely on customer support.

Their customer support needs improvement in terms of being responsive and being understanding. They are knowledgeable, but responding and willingness to come and help knowing that it's their tool, rather than relying on the engineers from the customer side, e.g. our side, to do all the technical things.

The initial setup and upgrade process for CyberArk Enterprise Password Vault is complex and can only be done by CyberArk, so this is another area for improvement.

For how long have I used the solution?

My experience with CyberArk Enterprise Password Vault is almost three years.

What do I think about the stability of the solution?

CyberArk Enterprise Password Vault stability is good. If it's properly set up, it can just run by itself. It's a very solid tool, but it has to be properly set up because a simple misconfiguration can create a lot of pain. Once set up, it's really good.

How are customer service and support?

Customer support for this product still needs some improvement.

How was the initial setup?

The initial setup for CyberArk Enterprise Password Vault is another pain point, because the setup, including upgrading the solution, can only be done by CyberArk themselves. They have professional services involved to get an initial setup done, and to even do an upgrade, because of the complexity of the product itself.

What's my experience with pricing, setup cost, and licensing?

The SaaS version of CyberArk Enterprise Password Vault is very expensive, but the on-premises version is relative, e.g. depending on the size of the environment, it can be a bit pricey, but it's relatively okay compared to the others. It's their SaaS solution that's expensive.

What other advice do I have?

We're using version 11.1 of CyberArk Enterprise Password Vault.

It's probably not fair to judge CyberArk Enterprise Password Vault based on my overall experience with it, because the tool itself is brilliant, though it's a little bit complex in terms of how it is set up. The customer service could still be improved to meet the standards, but I'm giving CyberArk Enterprise Password Vault a score of seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
CyberArk Privileged Access Manager
March 2025
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,690 professionals have used our research since 2012.
reviewer1745286 - PeerSpot reviewer
Information Security Administrator at a insurance company with 501-1,000 employees
Real User
It has a centralized page where you can manage everything
Pros and Cons
  • "It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities."
  • "The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."

What is our primary use case?

I have been working with CyberArk for the past five years. I do installations, support, and presales.

We have installed the CyberArk solution and have been using it as a PAM solution.

The main reason for having the solution in place is to isolate and monitor all previous activities that have taken place within the organization. The second thing is to make sure all the previous accounts have been onboarded to the solution and accurately monitored as well as passwords have been managed as per the policies defined. The third thing is to make sure users are unaware of their previous account passwords. Those should be centrally stored and located in one of the solutions where we can manage them per our policy or ask users to raise a request for internal workflows on the solution, in case of any emergencies. The last thing is for managing the service account passwords.

How has it helped my organization?

Initially, the IT team and other teams used to access the servers manually. Now, because of this solution, everyone is onboarded on the PAM and we can direct all sessions to the PAM. Also, we have control of all decisions and activities being performed. Along with that, we are satisfying audit requirements with this because we are getting reports to track what we need to comply with any regulated requirements. 

We have an option for protecting various kinds of identities. It also provides you with a medium for authenticating your systems, not only with passwords, but also with the PKI certificates and RSA Tokens. There is also Azure MFA. So, there are many options for doing this. It has a wide range for managing all security identities. 

What is most valuable?

The most valuable feature is CyberArk DNA, which is an open-source tool used for scanning all servers, like Linux or Unix. We can get a very broad idea of the scope and picture of the servers as well as their predefined vulnerabilities, the service accounts running on them, and the dependent accounts running on those services. We get a very wide scope for all our servers and environments. 

There are some other options like Privileged Threat Analytics (PTA), which is a threat analytics tool of CyberArk that detects violations or any abnormal activities done by users in the privileged solution. This tool is very unique, since other PAM program solutions don't have this. This makes CyberArk the unique provider of this feature in the market.

It is very easy to maintain passwords in the solution, instead of changing them manually or using other tools. So, it is a centralized location where we have accounts and passwords in a database based on our defined policies. 

Product-wise, CyberArk is continuously improving. For the last two years, it has brought on new modules, like Alero and Cloud Entitlements Manager. Alero gives VPN-less access to the environment. So, there are many new things coming into the market from CyberArk. This shows us that it is improving its modules and technology.

We can integrate the solution with any other technologies. This is straightforward and mostly out-of-the-box.

For DevOps, we are using Conjur with a Dynamic Access Provider. We use those modules to make sure identities on other environments have been secured. For Azure and other cloud environments, we have out-of-box options where we can do some little configuration changes to get those identities secured. We have a process of managing these identities for RPA as well.

It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities.

We have a module called Endpoint Privilege Manager (EPM) that is used for the endpoint, managing the least privilege concept on Windows and Mac devices. We also have On-Demand Privilege Manager (OPM), which is used on UNIX and AIX machines. Using these modules, we can achieve the least privilege management on endpoints as well deploying on servers, if required. 

What needs improvement?

The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful. 

For least privilege management, we need a different level of certification from privileged management. Least privilege management comes under endpoint management. It takes time to get used to it, as it is not straightforward.

For how long have I used the solution?

I have been well-versed with the CyberArk product for the last five years of my career.

What do I think about the stability of the solution?

The solution is very stable. 

Once the project installation was done, we put this product into the environment based on the policies that we defined, but it had initial hiccups. The policies that we defined might have hampered and raised issues, but the product is very stable.

What do I think about the scalability of the solution?

The solution is very scalable. The landscape gets improved every day. It is scalable because it integrates with Azure, AWS, and other cloud solutions. Also, we have modules that work for DevOps, Secrets Manager, and Endpoint Privilege Manager. So, CyberArk is not just a PAM. It covers most of the products in the threat landscape. We do not worry about scalability in terms of CyberArk.

How are customer service and support?

Our primary support is partners with whom we are interacting throughout the project. Then, if an issue is not yet resolved, we will raise a case with CyberArk support. They have certain SLAs that they are following based on the seriousness of an issue. The response will be according to that. 

The support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We didn't use another solution before we bought this one.

How was the initial setup?

The initial setup is straightforward. They have done major reforms on the installation process, so now we have automatic installations. We just have to run a particular script, and that does the installation for us. We also have a manual installation and that is our legacy process. So, we have both options. It is up to the customer how to move forward, but it is pretty straightforward. 

What about the implementation team?

RNS did the installation for us. Our experience with them was pretty good. They followed all the processes per project management standard. They tracked all the activities, making sure the project was delivered on time, which was good.

One dedicated person is enough for the solution's maintenance.

What's my experience with pricing, setup cost, and licensing?

CyberArk DNA is free if you purchase the CyberArk solution. There is no additional charge for CyberArk DNA, which is great.

Which other solutions did I evaluate?

Before, I used to work as a system integrator. I looked into other PAM solutions, like ARCON and BeyondTrust.

What other advice do I have?

Make sure your use cases are covered. Go for a small PoC, if possible, to make sure that all your use cases are covered and delivered per your expectations. Check whether the solution is on-prem or Azure and the resource utilization needed for implementation. For your IT expansions in future, check whether you will need any additional modules in future or if the existing ones will meet your future requirements.

With Secure Web Solutions, we could access any web applications from a PC. It was like a native tool where you could browse from your Chrome or any web applications, and the applications would be routed to the CyberArk where it was securing the web applications and access. However, this product was deprecated last year so it is no longer supported from CyberArk's point of view.

I would rate CyberArk PAM as nine out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Meo Ist - PeerSpot reviewer
Senior Product Manager and Technology Consultant at Barikat
Reseller
Top 20
A robust, stable, and scalable solution for protecting passwords
Pros and Cons
  • "It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password."
  • "It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler."

What is most valuable?

It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password.

What needs improvement?

It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler. 

What do I think about the stability of the solution?

Its stability is very good. It is a very robust and stable product if you have the correct installation and configuration. Otherwise, you would have problems.

What do I think about the scalability of the solution?

It is scalable. Our customers are enterprises with a minimum of 2,000 users and maybe 100 admin users.

How are customer service and technical support?

We are satisfied with their support. Our customers need local support, and CyberArk provides that. Their documentation is also good.

How was the initial setup?

It is a little complex as compared to its competitors. Its deployment took a long time.

What about the implementation team?

We had a consultant, and we were satisfied with the service. You need someone with one or two years of experience.

What's my experience with pricing, setup cost, and licensing?

They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc.

What other advice do I have?

I would rate CyberArk Privileged Access Security an eight out of ten. It is a good product.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Managing Director at FOX DATA
Reseller
Top 10
A perfect solution with good integration with the ecosystem, excellent stability, and fair pricing
Pros and Cons
  • "Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
  • "Their post-sale support area requires a big improvement. Customers cannot automate tickets directly with CyberArk. They have to come through the distributor or bring in partners who have access to the support portal. Basically, the support for post-sales implementation is there, but the role of CyberArk is very minimal. Customers have to rely on partners, which sometimes creates issues. Some of the vendors help you during the implementation process, but the CyberArk support team does not do that. They have 24/7 support for our region, but they help only if there is an emergency or there is a problem with their system. If the password vault is down or the system is down, they provide immediate attention. For almost everything else, they take more time to respond. They give low priority to service-related or migration-related questions."

What is our primary use case?

We are a system integrator. We are selling its latest version to customers who are new to PAM or are coming from an older PAM. 

How has it helped my organization?

The respected partnership and portfolio with CyberArk are highly valuable to our organisation, as it helps to open doors with Enterprises and Financial organisations, on serious discussions on Identity and PAM projects. CyberArk PAS solutions bring good services revenue and long terms relationships with customers.

What is most valuable?

Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong.

In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows, LINUX Server, DOMAIN CONTROLLER protection etc. They have also further advanced it with the security on the cloud and DevOps environment.

They have a bundle licensing model, which really helps, unlike competitions complex licensing. Even though in our market, few customers have the perception that CyberArk is expensive as compared to some of the other new PAM providers, but in terms of overall value and as a bundling solution, it is affordable and also CyberArk is highly scalable platform.

What needs improvement?

Their post-sale support area requires a little more attention to our region ( ME/UAE. The current support model does not allow the end customers to open a ticket directly with CyberArk. Customers have to inform the distributor or bring in partners who have access to the support portal to open support cases. The support teams liability is limited to product issues and they usually do not get into configurations and integrations, unless estimated and paid for PS services.  This indirectly helps Service providers like us to make extra revenue. The default 24/7 support to our region, is effective when there is an emergency like a serious software issue, or if password vault is down etc, for such cases they provide immediate attention. For the rest of the low priority like migrations, upgradations, backups etc ( in some site it shall be considered high ), they take more time to respond.

Looking forward to new features line API security 

For how long have I used the solution?

I have been engaged with CyberArk solutions for about five years.

What do I think about the stability of the solution?

A very stable platform for small to extremely large and complex organisations and distributed networks.

In one of the projects for global MNC, we had successfully executed projects with distributed Vault in 16 countries spread across 5 continents. This is done with a centralized primary vault( on HA )- HQ Datacenter, which connected distributed local vault and PSM, along with DR in the cloud. 

All these years in none of our projects haven't come across product stability or system crash isuses due to cyberark software

What do I think about the scalability of the solution?

For customer and service provides (like us ), PAM is a journey with continues improvement and hygiene practices to protect the critical system. CyberArk offers many solutions for endpoint privilege management, Domain Controller protection, DevOps security which helps in upselling and expanding the security measures. Also, the solution is capable of handling a distributed and heterogeneous environment 

How was the initial setup?

CyberArk PAS setup needs expertise and experience. Based on my experience, a small deployment of 10 or 20 PAM users takes one week to set up the PAM infrastructure and another one week to go live with basic modules and standard out of box integrations. The rest of the rollout has customer dependencies.  Ideally, the PAM system needs 3-6 months to get mature in an organisation.

What about the implementation team?

We do inhouse.

What's my experience with pricing, setup cost, and licensing?

Overall, bundle pricing and sales team support are really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules required in PAS, except the add-on advance technologies like agent-based endpoint, Win/Linus server protection, domain controller protection etc. When it comes to agent-based advanced technologies the overall cost is not cheap. However, the values it brings is highly critical to customers who are paranoid about targeted attacks.

Vendor PS BOQ are expensive like usual OEMs rates, but they do the Scope effectively within less time, which help the large customers ( like banks ) to run without any downtime 

What other advice do I have?

I would recommend CyberArk solution even for small customers, who have critical application and internet presence in their business. The licensing model support to start with even 5 privilege users, this really helps. We haven't experience Idaptive ( Identity Saas ) solution yet, however, it looks promising

I would rate CyberArk PAS a ten out of ten. They are sharp focused on privilege access security for more than 21 years. This highly remarkable.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Security Analyst at a insurance company with 1,001-5,000 employees
Real User
We are able to centrally manage credentials, touch applications, and rotate passwords
Pros and Cons
  • "It has the ability to scale out. We have scaled out quite a bit with our product and use of it to get to multiple locations and businesses, so it has the breadth to do that."
  • "We are able to centrally manage credentials, touch applications, and rotate passwords."
  • "We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
  • "As they grow, the technical support is having growing pains. One of the things is just being able to get somebody on the phone sometimes."

What is our primary use case?

We use it for all of our privileged accounts, local admin, domain admin, and application accounts. We use several of the product suites. We are using the EPV suite along with AIM, and we are looking into using Conjur right now. Overall, it has been a great product and helped out a lot with being able to manage privileged accounts.

We don't have a lot of stuff in the cloud right now, but as we move forward, this is why we are looking at Conjur. We would definitely use it for that and DevOps.

We have owned the product since version 6.5.

How has it helped my organization?

We are utilizing CyberArk to secure application credentials and endpoints using AIM. We have a big project this year to try to secure a lot of application accounts using AIM.

It is helping to centralize control over credentials. It gets a lot of privileged accounts off endpoints and rotates them, so they are not out in the open.

What is most valuable?

  • Scalability
  • Stability
  • Usability

We are able to centrally manage credentials, touch applications, and rotate passwords.

I have some experience with the generator utility plugin. Although, we did plugins prior to the generator, manually installing them working with support. I do like the interface with the generator utility plugin, as it is very handy.

What needs improvement?

We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is very stable. We have not had any issues. There is a lot of redundancy that you can build into the product, so it's a very solid product.

What do I think about the scalability of the solution?

It has the ability to scale out. We have scaled out quite a bit with our product and use of it to get to multiple locations and businesses, so it has the breadth to do that.

How are customer service and technical support?

The technical support does a good job. Sometimes, it takes you a little bit to get to the right person. As they grow, they are having growing pains. One of the things is just being able to get somebody on the phone sometimes. Besides that, usually if you put in a ticket, you get a response back quickly. However, overall, they have a good, solid group. 

Which solution did I use previously and why did I switch?

We were not using a different solution before CyberArk.

What other advice do I have?

One of the biggest factors when dealing with this field/area in privileged accounts is you have to have executive support from the top down. Push for this, because trying to get different business units or groups to implement this product is very hard if you don't have upper level management support.

Most important criteria when selecting a vendor: 

  • Stability of the product.
  • The customer service interface: Someone who can work with you on the product and understand what your needs are.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1398690 - PeerSpot reviewer
Information Security Consultant at a tech vendor with 10,001+ employees
Real User
Top 20
Reduces organizational risk with password vaulting, password rotation, session management, and secret management
Pros and Cons
  • "We use the solution for password vaulting, password rotation, session management, and secret management."
  • "CyberArk Enterprise Password Vault must incorporate connectors for password and session managers in the marketplace."

What is our primary use case?

We use the solution for password vaulting, password rotation, session management, and secret management. 

What needs improvement?

CyberArk Enterprise Password Vault must incorporate connectors for password and session managers in the marketplace.

For how long have I used the solution?

I have been working with the product for seven years. 

What do I think about the stability of the solution?

The product is highly stable. 

What do I think about the scalability of the solution?

CyberArk Enterprise Password Vault is highly scalable. My company has over 3000 users. We use it regularly. 

How are customer service and support?

CyberArk Enterprise Password Vault's support quality is good, but there are delays. 

How would you rate customer service and support?

Neutral

How was the initial setup?

I rate the tool's deployment an eight out of ten. Experienced engineers can complete the deployment in a few days. We need three to four resources to complete the deployment. 

What was our ROI?

CyberArk Enterprise Password Vault reduces risks. 

What's my experience with pricing, setup cost, and licensing?

I rate the tool's pricing an eight out of ten. 

What other advice do I have?

I rate CyberArk Enterprise Password Vault a nine out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Lead Automation Developer at COUNTRY Financial
Real User
CyberArk's Password Vault is a must have for Privileged Account & Identity management
Pros and Cons
  • "AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."

    What is our primary use case?

    To securely manage privileged accounts within the enterprise and automate password compliance where possible. Bringing multiple account types all into a single central repository with an intuitive user interface has greatly improved our security standing. Instead of managing each account in its disparate location like Database, Active Directory, LDAP, and Mainframe, we can now do it from a single solution. This has enabled great strides in standardizations across account types for password and access management.

    How has it helped my organization?

    CyberArk has enabled my organization to monitor and manage privileged accounts in a secure manner while also giving the ability to adhere to password compliance automatically. CyberArk has helped us to remove hard-coded credentials in applications and scripts. Traditional password policies often fall short of providing adequate protection, but CyberArk's PAM has allowed my organization to set robust password policies that require a combination of uppercase and lowercase letters, numbers, and special characters.

    What is most valuable?

    AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials. Hard-coded credentials are a risk to organizations as they are easy for attackers to target. Therefore less hard-coded credentials increase the security stance of the enterprise. We have greatly utilized the out-of-the-box usage automation like Windows Scheduled tasks and password config files. The reconcile feature is another must-have to give users the ability to not only change their password but to unlock it as well where needed. 

    What needs improvement?

    CyberArk's Privileged Access Management (PAM) stands out as an industry leader, and it is often considered at the top of its class. This comprehensive solution has consistently delivered robust features and innovative security measures that make it an essential component of any organization's cybersecurity strategy. While no system is without room for advancement, CyberArk has continuously demonstrated its commitment to innovation and improvement, and many of the potential areas of improvement are already being actively addressed.

    For how long have I used the solution?

    I have been using this solution for 13 years.

    What do I think about the stability of the solution?

    This solution is very stable with the ability of satellite vaults and HA.

    What do I think about the scalability of the solution?

    CyberArk is incredibly scalable. Make sure to check out the unlimited option.

    How are customer service and support?

    Excellent service and quick responses with engineers who understand the product.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We started out with CyberArk. When we started to look into using a PAM solution they were the leader in the space (and still are).

    What was our ROI?

    For the time saved and security added, the benefit far outweighs the cost.

    What's my experience with pricing, setup cost, and licensing?

    Check out the unlimited model as it can save money and make for a more scalable solution depending on the size and needs of your organization.

    Which other solutions did I evaluate?

    My company evaluated other options, but I was not with the company when this occurred.

    What other advice do I have?

    Contact the professional help for a demo, and you will not be disappointed. Even if you do not choose CyberArk, they can help identify current security gaps.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.
    Updated: March 2025
    Buyer's Guide
    Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.