Try our new research platform with insights from 80,000+ expert users
reviewer1455795 - PeerSpot reviewer
Technical Lead IMSS at a computer software company with 1,001-5,000 employees
Real User
Create, request, access and manage privileged passwords
Pros and Cons
  • "It's highly secure and very flexible. It gives us all types of storage options and it gives us a high level of security."
  • "The only problem involves granting access to people who are authorized to view it."

What is our primary use case?

We use it for storing and rotating passwords.

Within our organization, a lot of people are using this solution for a lot of projects. We have already implemented CyberArk as a SaaS solution. We are not using the core parts, but we are using the software as a service for a project.

At my previous job, there was a team of seven people who were in charge of maintenance. Mostly analysts, senior analysts, and a technical lead used this solution. 

What is most valuable?

It completely depends on the requirement. For some of the RPA robotic types of user identity, we prefer for it to happen in an automatic way, but some of them are highly critical, so we don't do it automatically. As for the end-user experience or expectation, if they want to change it at their end, they can do it.

What needs improvement?

I don't see any problems because it's highly secure and very flexible. It gives us all types of storage options and it gives us a high level of security. From my experience, overall, I don't see many problems that need to be rectified.

The only problem involves granting access to people who are authorized to view it. This user management area is the most critical. We have to constantly check on that area and we have to review and give proper access. Nobody should have more access than they are authorized for.

For how long have I used the solution?

I have been using CyberArk Enterprise Password Vault for eight years.

Buyer's Guide
CyberArk Privileged Access Manager
April 2025
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.

What do I think about the scalability of the solution?

It's scalable at the component level. If you want to add some of the latest components, or if you want to implement biometrics or MFA, this solution can handle that — it's very easy to implement.

How are customer service and support?

The tech support is amazing. If you have any issues that you need help with, the CyberArk support team reaches out very quickly, depending on the criticality of the issue. If it's critical, they will reach out to you within hours.

The vendor support is really good.

How was the initial setup?

The initial setup is quite straightforward. These days they have an automatic script — It is much less time-consuming.

We used to do it manually which would take almost two to three hours in total.

What about the implementation team?

We did it in-house. I'm certified in CyberArk; I've also installed it for clients as well.

What's my experience with pricing, setup cost, and licensing?

The licensing plan is either six months or one year — it's not on a monthly basis.

Every company will have a different license fee, but ultimately, it comes down to how many users you want to manage and how many companies you want to support. If you want three CPMs, then you'll need licensing for three. It's per-company, license-based.

Which other solutions did I evaluate?

I am currently evaluating other solutions. A few of them do not support PTA. Some of them don't have DevOps properly managed. Others don't give you the DNE facility, which is free of charge with CyberArk.

What other advice do I have?

I would definitely recommend CyberArk Enterprise Password Vault.

On a scale from one to ten, I would give this solution a rating of eight.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
reviewer990912 - PeerSpot reviewer
Senior Manager - Privileged Access Management at a tech services company with 10,001+ employees
Real User
Has the ability to standardize our PAM across a diverse estate

What is our primary use case?

  • PAM interface for staff to support customers which may include CyberArk solutions of their own.
  • Managing large environments with varied and diverse environments.

How has it helped my organization?

Improved our user access and tracking, thereby safeguarding the organization and its customers. Being a user makes us a better reseller.

What is most valuable?

Shared-service accounts reducing the number of potential entry points as well as the ability to standardise our PAM across a diverse estate.

What needs improvement?

Multi-tenancy vaults should really have the same release cycle as single tenancy vaults; this will enable us to meet even more customer demand. We are striving to be at least on the latest release minus 1 (n-1) and for us to run both Single and Multi-Tenant core systems the difference in release cycles will result in a wide gap. Considering the considerable changes including user interface we have seen recently, the one concern is that we may end up with users having different interfaces to deal with different customers. 

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Very stable with no own goals in three years.

What do I think about the scalability of the solution?

Scalability is very good.

How are customer service and technical support?

We get excellent feedback from customer service, irrespective of the level of issues raised.

Which solution did I use previously and why did I switch?

Yes, we decided to change to CyberArk in line with our strategic intent to provide as safe a central and customer environment as possible.

How was the initial setup?

Initial setup was complex and time-consuming but the later versions are a lot faster to implement.

What about the implementation team?

We implemented through in-house specialists.

What's my experience with pricing, setup cost, and licensing?

Standardised offerings that allow for customer-specific flexibility.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
CyberArk Privileged Access Manager
April 2025
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.
Senior Security Manager at SMU
Real User
Reliable, scalable, and easy to install but the pricing could be better as it's expensive
Pros and Cons
  • "Its' quite stable."
  • "They need to provide better training for the System Integrator."

What is our primary use case?

We use this solution for ID purposes. When we remove a user from the server, we need a privileged ID password.

We are a University. It's a large organization.

What is most valuable?

It's not very different when compared with other products.

What needs improvement?

From what I can see, the Systems Integrator is useless. When I ask for the information, nothing is given to me. They need to provide better training for the System Integrator.

For how long have I used the solution?

I have been working with this solution for two years.

What do I think about the stability of the solution?

Its' quite stable.

What do I think about the scalability of the solution?

It's a scalable solution but could be improved. On a scale of one to five, I would rate it a four.

How are customer service and technical support?

I have not used technical support.

How was the initial setup?

The initial setup is pretty easy. It is not complex.

What about the implementation team?

We used a reseller, integrators, but they were useless to me.

What's my experience with pricing, setup cost, and licensing?

Pricing is quite high and it could be improved.

What other advice do I have?

I would rate CyberArk Privileged Access Security a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1226001 - PeerSpot reviewer
Consultant at a financial services firm with 5,001-10,000 employees
Real User
Stable, secured access solution with good flexibility
Pros and Cons
  • "The most valuable feature is that it is flexible. It has many connectors. that have done well, the EPV and SSH sessions are all being recorded and everything works fine."
  • "In the next release, they could simplify the setup and I would like some tasks added like file sharing. When a client connects to CyberArk and wants to put a file on the server, they cannot."

What is our primary use case?

The primary use case of this solution is for third-party developers that come into our infrastructure from VPN to connect. They are organizations that are outside of our organization.

How has it helped my organization?

Before CyberArk, our developers would connect from the VPN directly to the jump servers to get all of their access. We have removed the jump servers to connect to CyberArk.

The security has improved. We know who is accessing and what they are doing. The access is secure. 

CyberArk has increased our security.

What is most valuable?

The most valuable feature is that it is flexible. It has many connectors. that have done well, the EPV and SSH sessions are all being recorded and everything works fine.

What needs improvement?

This solution does not support the SQL Developer. We have to purchase separately from CyberArk and we have to ask them to develop it.

This solution is a bit complex compared to other solutions. The installation and administration are complex.

Some things can be done through the interface, but the whole installation process and upgrade process can be done with the installation script but it's complex.

This is too complex for some organizations that do not have a large scale.

In the next release, they could simplify the setup and I would like some tasks added like file sharing. When a client connects to CyberArk and wants to put a file on the server, they cannot.

I thought that the client would be able to drop a file onto the server and the file would be visible on the server.

I have to disable the connection to provide a copy and this is a security issue, and I closed this file to the client then he can't upload and files to us.

They need to come up with a way for the client to file share with CyberArk.

For how long have I used the solution?

I have been using this solution for six months.

What do I think about the stability of the solution?

This solution is stable. We have not had any issues.

What do I think about the scalability of the solution?

This solution is scalable but pricey.

There are fifty users and they are developers.

How are customer service and technical support?

I have not contacted technical support. I am not an engineer, I work for the bank and I have implemented this solution.

Which solution did I use previously and why did I switch?

Previously we used Fudo and jump servers with OTP. It is not the same, but from a security perspective, it is also quite good and less expensive.

How was the initial setup?

The initial setup is complex.

You need at least one engineer to manage the software. I must have dedicated people to administer it.

What about the implementation team?

We worked with integrators for the installation. The first step was the installation process and the hardening. This process took two weeks to implement.

The migration process was more complex and more time-consuming.

What's my experience with pricing, setup cost, and licensing?

This solution is expensive.

What other advice do I have?

My advice would be to compare with other products and if they don't want such a large solution they could try Fudo or a similar solution that is easier and can scale like CyberArk.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user514779 - PeerSpot reviewer
Project Manager at a tech services company with 10,001+ employees
Real User
It is secure and simple to use
Pros and Cons
  • "The voice technology is very good."
  • "It is very simple to use."
  • "The initial setup was somewhat complex."

What is our primary use case?

We are using it for privileged access management.

What is most valuable?

  • It is very secure. 
  • The voice technology is very good.
  • It is very simple to use.

For how long have I used the solution?

More than five years.

What do I think about the scalability of the solution?

We haven't had issues with scalability.

How are customer service and technical support?

We have good support from support. They are very helpful.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

How was the initial setup?

The initial setup was somewhat complex, but we received help from the product support team with the installation.

What's my experience with pricing, setup cost, and licensing?

The product is costly due to its active management features.

What other advice do I have?

The product is the best in the market at the moment.

I would recommend the product for sales learning. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Princ. Info Security Analyst at a insurance company with 10,001+ employees
Real User
Ensures accounts are managed according to corporate policies
Pros and Cons
  • "Ensures accounts are managed according to corporate policies."
  • "It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
  • "It is easily customized, and that customization makes it very easy to start trying to shoehorn the solution into roles it was never intended to fill."

What is our primary use case?

We use it all.

  • Privileged account access and management
  • Credential rotation
  • Access control
  • Privileged session recording

How has it helped my organization?

CyberArk PAS helps ensure accounts are managed according to corporate policies. In short, it takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent.

What is most valuable?

All of the features we use have helped our security posture in some way. All of these have their place in defining and supporting the security posture:

  • Password management
  • Session management
  • Recording
  • Access control.

What needs improvement?

Overall, I think it is a fantastic product, when used as designed and intended.

One of its biggest downfalls is also one of its biggest strengths. It is easily customized, and that customization makes it very easy to start trying to shoehorn the solution into roles it was never intended to fill.

For how long have I used the solution?

More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user512265 - PeerSpot reviewer
Consultant at a tech company with 1,001-5,000 employees
Vendor
It is modular, and each module can extend its operational area with plug-ins.

What is most valuable?

I think that one of the advantages of the CyberArk PAS suite is that it is modular. On top of the basics, you can implement modules to:

  • Manage (verify, change and reset) privileged passwords and SSH keys
  • Manage (isolate and monitor) privileged session to the different types of devices
  • Control Applications (e.g., malware)
  • Detect, e.g., backdoor use, unusual behavior, and Kerberos hacks of privileged accounts
  • Avoid/remove hardcoded passwords in applications/scripts
  • Implement the principle of least privilege

Even those components can extend their operational area by use of, e.g., plug-ins, making it possible to manage about any kind of privileged account or session.

How has it helped my organization?

I see companies that already have thought about their privileged accounts, while others have not (to that extent). Implementing the CyberArk solution, it helps (and sometimes forces) these companies to think about their privileged accounts. Are they really needed? Who needs access to them? What kind of privileges do these accounts need (service accounts/log on accounts/etc.)? And so on. Thinking about these things helps customers to organize their data/privilege accounts in the CyberArk solution. It then helps the organizations to get control of their privileged accounts and to safely store and manage these, knowing that only the correct persons can access these accounts and that the different devices can only be managed via one central entry point to the datacenter.

What needs improvement?

With every version, I can see that the product wins on functionality and user experience. On the latter though, I hear from customers that on the UI level, things could be better. CyberArk continuously asks for feedback on the product (e.g., via support, yearly summits) from customers and partners, and hence, with version 10, they are addressing these remarks already.

The web portal (and hence the user interface) has some legacy behavior:

  • Some pages are created for past-generation monitors. With current resolutions, filling the pages and resizing some elements on the pages could be handled better.
  • They are not consistent with the layout of different pages. Some have, let’s say, a Windows 7 look and feel, while others have the Windows 8 look and feel.

Nevertheless, even with those remarks, it does what it is supposed to do.

For how long have I used the solution?

I’m working as a partner of CyberArk for about four years now. I started on version v7.1 (currently on v9.7) and I have served about 20 happy customers.

What do I think about the stability of the solution?

As no software is perfect, I don’t think it is any different with CyberArk. Their support, however, is able to tackle most of the problems. Sometimes patches are distributed. The CyberArk solution highly integrates with different platforms (Windows/Linux) and applications (AD, SIEM, email, etc.). So, not configuring it well can result in unexpected behavior. You need to consider the limitations of the platforms it is installed on, as well.

What do I think about the scalability of the solution?

As mentioned, one of the advantages of the CyberArk PAS suite is the modular build up; not only on covering the functional area, but also on size of your network/datacenter. If you, e.g., notice that the number of privileged accounts to manage increases, you can simply add an additional module/component that manages those passwords.

How are customer service and technical support?

Their support is good. It is split up into different areas (technical, implementation, etc.) and I always have a quick answer. And they go all the way for their customers.

Which solution did I use previously and why did I switch?

I saw customers using another product for their privileged accounts. Due to its limitations (e.g., on password and session management) and stability, they decided to switch to CyberArk.

How was the initial setup?

This question goes both ways; initial setup can be straightforward and it can become complex. The architecture in the network and installation of the software itself is pretty straightforward. Most of the modules/components are agentless. This makes it possible to install the solution in the datacenter without impacting any existing devices (no impact on running systems, and simplifying change and release management). Integrating the systems (privileged accounts) in the CyberArk solution can happen gradually.

The flexibility of the product, on the other hand, has as a consequence that there is a lot to configure. Depending on the existing infrastructure and functional demands at the different organizations, care has to be taken to have a correct implementation.

What's my experience with pricing, setup cost, and licensing?

As far as pricing, personally, I’m not involved in the sales part. So, I cannot elaborate on this topic. For licensing, I can advise the same thing as mentioned elsewhere: Start small and gradually grow.

Which other solutions did I evaluate?

Before choosing this product, I did not evaluate other options (being a partner, not customer).

What other advice do I have?

The Privileged Account Security product is a suite. That means that the product consists of different components/modules that cover a particular functional area (check their website) on privileged accounts. Plugging in more of those components in the environment results in covering a greater part of that area. Of course, there is a common layer that is used by all components. This is the security layer that holds and protects the privileged accounts.

Start small. Use first the basic components that, e.g., include password management. Gradually grow the number of components/modules/functional area to include, e.g., other types of accounts, session management, intrusion detection, end-point protection, etc. Having a project scope that is too large will make the step of using the solution too big. Make sure every stakeholder in the project is aware and let them gradually ‘grow’ with the product.

Disclosure: My company has a business relationship with this vendor other than being a customer: My company has a partnership with CyberArk.
PeerSpot user
it_user326337 - PeerSpot reviewer
it_user326337Customer Success Manager at PeerSpot
Real User

Which improvements are you waiting to see in the product's UI?

PeerSpot user
Technical Manager, System Division at a tech services company with 501-1,000 employees
Consultant
We can monitor sessions in real time. If there's any unnecessary activity, we can terminate the session.

What is most valuable?

With the Privileged Session Manager, we can monitor sessions in real time and terminate the session if there's any unnecessary activity found. For example: We give access to user to access the server only to update patches, but if we find any activity not related to patch updates, we can terminate the session.

How has it helped my organization?

Actually my company/previous company does not use this product, but we sold it to our customer. This product helped our customer manage their privileged accounts. It’s easier to them to manage and control the privileged accounts.

What needs improvement?

It needs more plugin connectors for all devices. CyberArk currently can manage or make it easier to manage about 80% of our total devices. The rest still need R&D to develop the plugin. If CyberArk had more plugin connectors, the customer would not need to raise plugin development requests for several devices and CyberArk could easily connect to these devices.

What I mean with CyberArk needing to improve plugin connector is that currently CyberArk is able to manage almost all devices (server, network devices, security devices etc.) which are more than 80% of all devices. In my experience device such as IBM OS/390 and Cisco TACACS still need custom plugin connectors developed by CyberArk R&D.

If CyberArk IS able manage more than 95% from total devices it would help the customer to using it without raising a support ticket to create a plugin connector. CyberArk will more easier to manage all devices with no compromise

For how long have I used the solution?

I used this solution from mid-2013 until mid-2015.

What do I think about the stability of the solution?

So far, it is stable.

What do I think about the scalability of the solution?

This product is scales easily.

How are customer service and technical support?

Technical support is good. They have good technical teams around the world including southeast Asia.

Which solution did I use previously and why did I switch?

Most customers using a different solution switch to CyberArk because CyberArk is more user-friendly than its competitors and have more plugins compared to the others.

How was the initial setup?

Initial setup was actually easier.

What's my experience with pricing, setup cost, and licensing?

Start small.

Which other solutions did I evaluate?

Yes, we evaluate other options. The issue was about price, stability, scalability and the development of this product to ensure support.

What other advice do I have?

Contact the local distributor for help.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.