Try our new research platform with insights from 80,000+ expert users
PeerSpot user
Senior Consultant - Information Security Engineering at a financial services firm with 10,001+ employees
Real User
Can provide transparent connection to targeted systems and record activities
Pros and Cons
  • "Rather than multiple tools for maintaining regulatory compliance around passwords and privileged accounts, we have centralized as much as possible with CyberArk. This is now a one stop shop for end users to access their elevated credentials."
  • "You can gradually implement CyberArk, starting with more easily attainable goals."

    What is our primary use case?

    We proactively vault and manage all elevated accounts across multiple platforms. 

    For especially sensitive business units, we additionally leverage Privilege Session Manager to provide transparent connection to targeted systems and record activities.

    How has it helped my organization?

    Rather than multiple tools for maintaining regulatory compliance around passwords and privileged accounts, we have centralized as much as possible with CyberArk. This is now a one stop shop for end users to access their elevated credentials.

    What is most valuable?

    You can gradually implement CyberArk, starting with more easily attainable goals, such as basic vaulting and password rotation and build on that with additional modules, such as Privileged Session Manager and Application Identity Manager.

    What needs improvement?

    While in the past, administration required several tools and multiple screens/options in those products, v10 is moving towards a single pane of glass with common functions easily found and information regarding privileged accounts given to users in plain, easy to understand terms, now enhanced with graphics.

    Buyer's Guide
    CyberArk Privileged Access Manager
    March 2025
    Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
    842,767 professionals have used our research since 2012.

    For how long have I used the solution?

    Three to five years.
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    PeerSpot user
    CyberArk PAS Solution Professional | Project Manager at a tech services company with 10,001+ employees
    Real User
    Top 20
    Provides automatic password management. We can monitor, record, and control sessions.

    What is most valuable?

    All features of the CyberArk PAS solution are valuable.

    The Digital Vault is one of the key components of the solution along with many other great benefits. The highly secured vault stores the privileged account passwords and data files using encryption. In version v9.7, CyberArk has introduced the Cluster Vault feature, which enhances high availability of the Vault server.

    Other important features:

    • Automatic password management
    • Monitor, record, and control privileged sessions
    • Flexible architecture
    • Clientless product
    • Custom plug-ins for managing privileged accounts and sessions

    How has it helped my organization?

    Unmanaged, highly privileged accounts increase risks that can be exploited by attackers. The security controls defined by the organization require protection of the privileged account passwords. CyberArk helps organizations to identify, store, protect, and monitor the usage of privileged accounts.

    What needs improvement?

    An immediate improvement was the implementation of security controls to protect, control and monitor privileged accounts through CyberArk solution.

    For how long have I used the solution?

    I have used CyberArk for over two and a half years.

    What do I think about the stability of the solution?

    It’s a very stable product. I haven’t encountered any stability issues.

    What do I think about the scalability of the solution?

    I haven’t encountered any scalability issues. All the components are scalable.

    How are customer service and technical support?

    I would give technical support a rating of 4.5/5.

    Which solution did I use previously and why did I switch?

    This is the first PAM product that I have used.

    How was the initial setup?

    The initial installation was straightforward. The configuration or integration can be complex depending on the requirements, design, and infrastructure of the organization.

    What's my experience with pricing, setup cost, and licensing?

    The pricing and licensing depend on many factors and on the components considered for implementation.

    What other advice do I have?

    The PAM solution brings cultural change and adds a layer to the way IT administrators access the privileged accounts before implementing the PAM tool. A great, valuable product like CyberArk requires good planning and time to implement all the features.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    CyberArk Privileged Access Manager
    March 2025
    Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
    842,767 professionals have used our research since 2012.
    BRUNO REYNAUD - PeerSpot reviewer
    Information Security Engineer - Pre-sales at a tech services company with 11-50 employees
    Real User
    Top 5Leaderboard
    Beneficial privileged threat analytics, high availability, and priced well
    Pros and Cons
    • "The most valuable feature of CyberArk Privileged Access Manager is privileged threat analytics."
    • "The issue of technical support is crucial, as there are not many specialized partners available in Brazil to provide this service. While English language support is of good quality, there is a significant shortage of partners capable of meeting the demand locally."

    What is our primary use case?

    We currently employ CyberArk Privileged Access Management, which involves extremely complex processes for ensuring the secure management, verification, and guarantee of credentials. Implementing the professional installation tool represents another challenging aspect of this task.

    What is most valuable?

    The most valuable feature of CyberArk Privileged Access Manager is privileged threat analytics.

    What needs improvement?

    The support could improve for CyberArk Privileged Access Manager.

    For how long have I used the solution?

    I have been using CyberArk Privileged Access Manager for approximately three years.

    What do I think about the stability of the solution?

    The solution has high availability.

    What do I think about the scalability of the solution?

    CyberArk Privileged Access Manager is highly scalable. When compared to other solutions it scales well.

    I plan to use the solution more in the future.

    How are customer service and support?

    The issue of technical support is crucial, as there are not many specialized partners available in Brazil to provide this service. While English language support is of good quality, there is a significant shortage of partners capable of meeting the demand locally.

    How was the initial setup?

    The initial setup of CyberArk Privileged Access Manager is easy.

    What was our ROI?

    We have received a high ROI using CyberArk Privileged Access Manager.

    What's my experience with pricing, setup cost, and licensing?

    The price of the solution is reasonable.

    I rate the price CyberArk Privileged Access Manager a seven out of ten.

    What other advice do I have?

    Individuals who wish to utilize CyberArk should be cautious when selecting a partner to implement the solution, as proper architecture design is essential to ensure a streamlined and effective implementation.

    I rate CyberArk Privileged Access Manager a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Technica06b9 - PeerSpot reviewer
    Technical consultant at a healthcare company with 1,001-5,000 employees
    Consultant
    Gives us the flexibility to integrate with other technologies and applications
    Pros and Cons
    • "The flexibility of integrating with other technologies is important because of a lot of applications - a lot of COTS products - are not supported when we are bringing the application IDs. The CyberArk platform provides a lot of opportunities to do customization."
    • "CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."

    What is our primary use case?

    We use it for all application IDs to onboard into CyberArk. So far, the performance is good because we have onboarded more than 40,000 accounts, and it's growing every day.

    We plan to utilize CyberArk's secure infrastructure application running in the cloud. We are conducting workshops with CyberArk on this. So it is planned but not yet confirmed. We are not using CyberArk's secure application credentials and endpoints.

    How has it helped my organization?

    Previously, we didn't have any password rotation policy for application IDs. Once we implemented CyberArk, we created a policy. It's good to rotate the passwords every two weeks. That is the biggest value for us.

    It gives us one place to store the keys to the kingdom, so if there is any breach we know where it is and what to do.

    What is most valuable?

    The flexibility of integrating with other technologies is important because of a lot of applications - a lot of COTS products - are not supported when we are bringing the application IDs. The CyberArk platform provides a lot of opportunities to do customization.

    What needs improvement?

    CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well.

    For how long have I used the solution?

    More than five years.

    What do I think about the stability of the solution?

    So far, we haven't seen any major hurdles. We haven't had any downtime because of CyberArk.

    What do I think about the scalability of the solution?

    I would rate scalability at seven or eight out of 10. There is a need to improve the usage on for the consumer side. I hope in the upcoming product, the version may fulfill this.

    How are customer service and technical support?

    Technical support is good but the problem is when we are using the application side. The support people have a security background, so they may not know the application technology, so it's a challenge right now. Once they understand, then they make progress but, until then, we have to educate them.

    Which solution did I use previously and why did I switch?

    Before CyberArk we had a number of solutions, CA and IBM products, but CyberArk meets our requirements regarding application password management.

    How was the initial setup?

    I was involved in the initial setup and I actually used CyberArk's Professional Services. It was straightforward. We didn't have any hurdles during the setup.

    What was our ROI?

    It's very hard to quantify because previously we didn't have anything like this. You can imagine, there was a policy not to rotate the passwords, but now after implementing CyberArk, every two weeks we are rotating the password without business impact, so that is the biggest ROI, even though we cannot quantify it.

    Which other solutions did I evaluate?

    We evaluated Thycotic and one other.

    What other advice do I have?

    If you want to use it as an application password management cloud solution, think about it not as a security person but as an application person. If CyberArk does not meet your requirements, it has a way to meet them through customization.

    Our most important criteria when selecting a vendor include scalability and stability as well meeting our security requirements for applications

    From the application perspective, I would rate it at eight out of 10 because it's very easy to use and stable.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user
    Principad996 - PeerSpot reviewer
    Principal entity management engineer at a retailer with 10,001+ employees
    Real User
    The ability to record sessions through PSM makes people more careful about what they do

    What is our primary use case?

    We are using this product for our privileged identities and account management. We have some accounts that we consider privileged, the ones that have access to systems, software, tools, and our database and files and folders, etc. We try to maintain these accounts safely and try to grant access to these systems securely. We try and manage other non-human accounts that are DBAs, DB accounts, etc., through CyberArk.

    Another initiative for this was the PCA compliance that we wanted to meet.

    We don't have many applications in the cloud, we are getting one or two now. So in the future, we plan to utilize CyberArk's secure infrastructure applications running in the cloud. It's on the roadmap. We are utilizing CyberArk's secure application credentials but not endpoints. I have only just learned about the Plugin Generator Utility, so I don't have experience with it yet. It's pretty cool. We intend to use it now.

    How has it helped my organization?

    One way it has improved the organization is we now have restricted access for all users to go through CyberArk. It has also enforced firewall restrictions across other places so they don't go through other means, they go through CyberArk. That brings in compliance and their account is now two-factored, so that is more compliant with PCI regulations.

    The way it manages privileged accounts and managed access to privileged systems such that, right now, we are recording every session through PSM and people are more aware that the session is recorded, and they're more careful with what they do.

    What is most valuable?

    We are using the VSM proxy solution. That's what we are mainly using. We will try to use the PTA and AIM in the future.

    What needs improvement?

    I think it pretty much covers a lot of the privileged identity space, things that other vendors are not thinking about. I think they are doing a very good job. I don't have any suggestions.

    For how long have I used the solution?

    Three to five years.

    What do I think about the stability of the solution?

    We have not had any stability issues so far. We have not had any serious downtime. We do see performance issues with PSM which gets very busy, and we just keep scaling the number of PSMs. When many people log in at the same time, we have some issues with connecting through PSM. We doubled our PSM software and it's better now.

    What do I think about the scalability of the solution?

    It's pretty scalable. Like I said, we just doubled our servers. If there are more users logging in, we'll probably go for a greater number of servers again.

    How is customer service and technical support?

    Technical support is pretty responsive and knowledgeable. We do get the right person.

    What other advice do I have?

    Others have spoken a lot about security hygiene and I believe that's where you should start.

    l would rate CyberArk at nine out of 10. The way for it to get to a 10 is with a lot of features, the amount of cost involved in buying the product, and the PSM proxy issue that we've been facing.

    In terms of important criteria when working with a vendor one thing is, as we said, getting to the right person. We go to support only if there is a critical situation where we are not able to solve it. Getting to the right person at the right time, and getting the issues resolved in a timely fashion is what we are looking for.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user
    it_user796542 - PeerSpot reviewer
    Works at a financial services firm with 10,001+ employees
    Real User
    Securely protects our TAP/NUID and privileged access accounts within the company
    Pros and Cons
    • "The regulation of accounts is by far the most needed and valuable part of the application."
    • "Helped us meet our standards and requirements to help us comply with industry standards and banking regulations."
    • "Securely protects our TAP/NUID and privileged access accounts within the company."

      What is our primary use case?

      Our main use is for CyberArk to hold, maintain, and securely protect our TAP/NUID and "privileged access" accounts within the company.

      How has it helped my organization?

      For audit and risk purposes, CyberArk EPV has helped us meet our standards and requirements to help us comply with industry standards and banking regulations. Reports and other quick audit checks make this possible.

      What is most valuable?

      EPV, as a whole, is very valuable to the company. However, the regulation of accounts is by far the most needed and valuable part of the application.

      What needs improvement?

      Cost efficiency is the number one thing that can be improved in my mind. This would change lots of companies minds on purchasing the product.

      For how long have I used the solution?

      Less than one year.
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      PeerSpot user
      Identity and Access Management System Administrator Sr. at a financial services firm with 1,001-5,000 employees
      Real User
      Increased our insight into how privileged accounts are being used and distributed within our footprint
      Pros and Cons
      • "Our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage."
      • "Increased our insight into how privileged accounts are being used and distributed within our footprint."
      • "Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."

      What is our primary use case?

      CyberArk PAS is our go-to solution for securing against the pass the hash attack vector and auditing privileged account usage.

      How has it helped my organization?

      The CyberArk PAS has greatly increased our insight into how privileged accounts are being used and distributed within our footprint.

      What is most valuable?

      • Ease of use
      • The auditing capabilities
      • The great support of their customer success teams

      What needs improvement?

      Areas the product could be improved are in some of the reporting capabilities and how the reports are configured.

      For how long have I used the solution?

      One to three years.
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      it_user497118 - PeerSpot reviewer
      Senior Executive Information Security at a manufacturing company with 10,001+ employees
      Vendor
      It helps us proactively protect, detect and respond to in-progress cyberattacks before they strike vital systems and compromise sensitive data.

      Valuable Features

      • Password management and accountability for Privileged accounts
      • Identify, protect and monitor the usage of Privileged accounts
      • Record and control privileged sessions on critical systems i.e. Windows, Unix, DBs
      • Application credentials including SSH keys and hard-coded embedded passwords can be managed
      • Control and monitor the commands super-users can run based on their role
      • PTA is a security intelligence system that allows organizations to detect, alert, and respond to cyberattacks on privileged accounts.

      Improvements to My Organization

      Privileged accounts represent the largest security vulnerability an organization faces today. Most organisations are not aware of the total number of privilege accounts.

      Compromising privilege accounts leads to various breaches. With this growing threat, organisations need controls put in place to proactively protect, detect and respond to in-progress cyberattacks before they strike vital systems and compromise sensitive data.

      On implementing the CyberArk PIM solution, we are able to achieve this goal. Now, we are aware of the total privileged accounts in our enterprise. These are securely stored and managed by the Vault. The end users need not remember passwords for these accounts to use them.

      E.g.: A Unix Admin who has to login to a Unix server using the "root" account needs to log in to CyberArk and search for the root account, click Connect and he can perform all of his activities. We can enforce a command list on this account, monitor his activities and also get to know who has used this root account. The access to this account can also be restricted. The user does not have to remember any credentials.

      Room for Improvement

      Integration of this tool with SAML is a problem, as there is a bug. We’d like to be able to integrate AWS accounts in CyberArk.

      Use of Solution

      I have been using this solution for the past three years. I have implemented this solution for various clients from banking and pharmaceutical companies.

      Stability Issues

      I have not really encountered any issues with stability.

      Scalability Issues

      I have not encountered any scalability issues.

      Customer Service and Technical Support

      I rate technical support 9/10, very good.

      Initial Setup

      Straightforward, easy-to-install setup.

      Pricing, Setup Cost and Licensing

      It is expensive.

      Other Solutions Considered

      Before we chose CyberArk, we evaluated ARCOS.

      Other Advice

      Go ahead and use CyberArk. Request a demo.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Buyer's Guide
      Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.
      Updated: March 2025
      Buyer's Guide
      Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.