Its features like detailed audit and reporting, automated workflows, granulated privileged access controls, automated password rotation, and centralized and secure storage have helped us in developing a secure environment for customers, along with audit and compliance coverage.
Technical Lead at a tech services company with 10,001+ employees
Enterprise Password Vault, Privilege Session Manager & Application Identity Management have been very useful for our client environment.
Pros and Cons
- "Enterprise Password Vault, Privilege Session Manager, and Application Identity Management have been very useful for our client environment."
- "Performance of PIM could be better and intended for usability as well as security."
How has it helped my organization?
What is most valuable?
Enterprise Password Vault, Privilege Session Manager, and Application Identity Management have been very useful for our client environment.
What needs improvement?
Performance of PIM could be better and intended for usability as well as security. Another point is that the free trials should be in place for all components so that PoC could be made easy.
What do I think about the stability of the solution?
No.
Buyer's Guide
CyberArk Privileged Access Manager
November 2024
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.
What do I think about the scalability of the solution?
No.
How are customer service and support?
Technical support is quite efficient and they always provide a timely response.
Which solution did I use previously and why did I switch?
Haven’t use any solution prior to CyberArk.
How was the initial setup?
As this was new product, there were some small challenges in understanding but the setup was straightforward.
What's my experience with pricing, setup cost, and licensing?
As our deployment was not so large, our client was happy with the pricing and licensing.
Which other solutions did I evaluate?
Yes, we did a research and chose CyberArk above all due to its components that were suitable to our environment.
What other advice do I have?
Proper implementation and prior study of product will give you efficient results. Organizations looking for a product that can provide proper paper trail for risk and compliance audits should certainly give it a try because the product's auditing and reporting capabilities are really bliss.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Lead Systems Architect at IT Specialist LLC
Very good security, good scalability and a recently lowered pricing model
Pros and Cons
- "Security is the solution's most valuable feature. As far as I know, this solution is the most secure system of this class on the market today, even considering another management system like Fudo Security, which we also use. The integration capabilities are very good; it helps strengthen our overall security."
- "The solution is too big and complex for any businesses that are small or medium-sized. They should offer a more compact version or make a solution better suited to smaller businesses."
What is our primary use case?
The primary use case of the solution is to gather privileged accounts from different systems and to contain privileged accounts in one secure place.
What is most valuable?
Security is the solution's most valuable feature. As far as I know, this solution is the most secure system of this class on the market today, even considering another management system like Fudo Security, which we also use. The integration capabilities are very good; it helps strengthen our overall security.
What needs improvement?
The interface and user experience could be improved. In comparison, in Fudo Security, items are very searchable and it's very comfortable to work with. CyberArk is not very good at that. It could be improved and it wouldn't be too complicated to do so. The solution is too big and complex for any business that is small or medium-sized. They should offer a more compact version or make a solution better suited to smaller businesses.
For how long have I used the solution?
I've been using the solution for five to ten years.
What do I think about the scalability of the solution?
It's an enterprise-level solution. So long as you can afford it, you can scale.
How are customer service and technical support?
I've never had to reach out to technical support.
Which solution did I use previously and why did I switch?
We didn't really use a different solution. We use Fudo Security, but it's not for password management alone. It's more of an all-in-one solution. We still use it; it's cheap and it's a very simple solution in comparison to CyberArk.
How was the initial setup?
The initial setup is okay; I'd rate it seven out of ten in terms of ease of use compared to other solutions.
Many different things during installation are not straightforward. For example, it would be better to make some kind of pre-installed machine or virtual machine or to make it easy to deploy various ISO files. There are competitors that have just one machine and no infrastructure involved. It would also be better if they embedded the license or offered some free options.
Deployment took about a month.
What's my experience with pricing, setup cost, and licensing?
As far as I know, CyberArk changed its pricing policy for our region. Overall it was very expensive a few years ago, but now, just around a year ago, it became less expensive and it's easier for us to sell it.
What other advice do I have?
We use the on-premises deployment model.
In terms of advice, I'd suggest others follow the implementation carefully.
I'd rate the solution eight out of ten. It's not easy to install and it's got too many components which means it's not really suitable for small or medium-sized businesses.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
CyberArk Privileged Access Manager
November 2024
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.
Director at a tech services company with 11-50 employees
Every aspect of the solution is very well integrated and it is fail-safe
Pros and Cons
- "Every aspect of the solution is very well integrated, and even that gives comfort. It is a fail-safe kind of environment."
- "Having a cloud version would be very helpful. You have to invest a lot of money for the infrastructure hardware so the cloud version would help."
What is our primary use case?
There are threats that get opened because of the vulnerability of privileged access that says to directly put it in a vault.
What is most valuable?
Every aspect of the solution is very well integrated, and that gives comfort. It is a fail-safe kind of environment. I think that's the fail-safe feature makes customers comfortable because there are no non-integrable stuff or cures. For example, a vault would have its own anti-virus, its own application, its own operating system to stay hardened. It is absolutely hardened for it to be protected from the outside world.
What needs improvement?
Having a cloud version would be very helpful. You have to invest a lot of money for the infrastructure hardware so the cloud version would help.
For how long have I used the solution?
My organization has been using this solution for a few years but I joined the company three months back.
What do I think about the stability of the solution?
It is very stable.
What do I think about the scalability of the solution?
Our clients are large enterprises. It is easy to scale.
How are customer service and technical support?
Our customers contact us for any technical support, but we are able to sort out customer issues to a very large extent. We only had to connect with CyberArk at L-3 level or L-4 level. We are able to address most of our customer's issues.
I would rate their support a nine out of ten.
Which solution did I use previously and why did I switch?
We have had customers use a competitive product that CyberArk has replaced but it is not very common. It is not very easy to change your Privileged Access Management framework so easily.
CyberArk is fail-safe, it has a threat intelligence filter, and prevention threat attacks. That sets the product apart from others, and I think the other part is their ability to onboard a maximum number of resources like storage network, security, IoT devices, and RPAs. Its ability to pervasively onboard almost all critical privileges and resources across the organization is where it stands out in a really big way.
How was the initial setup?
I didn't implement it. I don't believe we've had any problems implementing it. I've never heard any issues. I'd say it's neutral.
What's my experience with pricing, setup cost, and licensing?
There are costs in addition to the standard licensing. There is an implementation fee. Those are additional fees and the customer has the annual maintenance, the software, and whole maintenance cost added to that. So there are additional costs besides this standard license.
What other advice do I have?
The most important phase is the discovery phase. Pay the most attention to that. Spend the most amount of time on the discovery phase, which is really the startup planning. The project becomes smoother. Book stricter guidelines on timelines and let there be a senior sponsor part of the project so that you are able to get milestones addressed quickly otherwise, these projects tend to drag longer.
In the next release, I would like to have the cloud option and all of the features that come with it.
I would rate CyberArk a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Pre-sales Engineer at StarLink - Trusted Security Advisor
Storing User Passwords and Credentials, Facilitates auditing by recording activity
Pros and Cons
- "The most valuable feature is the special management. It records the activity and the actions that we use for auditing."
- "The stability depends on the infrastructure it is installed on, which is important because CyberArk does not have the hardware appliance."
What is our primary use case?
The primary use case is for storing user passwords and administration credentials.
I am the engineer for a company that sells this solution mostly to financial institutions.
It is also useful for auditing and securing shared accounts or co-shared accounts.
What is most valuable?
The most valuable feature is the special management. It records the activity and the actions that we use for auditing.
What needs improvement?
The deployment architecture, the ability to locate and change credentials and the stability need to be improved. They need to install or include an appliance-based option, which CyberArk does not have.
The technical support can improve on the time that it takes to get a callback.
The integration is great but needs to be a bit more user-friendly.
Also, a feature with the ability to create password sync.
In the next release, I would like to see the following:
- Availability on the cloud and the appliance.
- More documentation for the setup.
- Simplify the deployment.
- Continuous operation with this solution.
- Simplify the infrastructure for better stability.
- Increase the support for applications.
- Invest in local on the ground staff in various regions.
- The ability to search by the activities, especially for Windows Servers.
- Improve the auditing capabilities for their searches.
For how long have I used the solution?
I have been using this solution for three years.
What do I think about the stability of the solution?
The stability depends on the infrastructure it is installed on, which is important because CyberArk does not have the hardware appliance.
What do I think about the scalability of the solution?
This solution is scalable. It scales very well, there are no issues.
How are customer service and technical support?
The technical support is good, there are no issues.
They know what to do when you call them, they are competent.
Sometimes they can take too long before getting back to you, which is something that can be improved.
Which solution did I use previously and why did I switch?
Previously I was using Centrify and One Identity. We switched because CyberArk has a lot of strength in my region. Some partners do not want to deploy CyberArk to their customers because they feel it will create competition when it comes to renewal. They don't want the price to be affected.
How was the initial setup?
The initial setup is complex. The architecture needs improvement in the documentation for the setup and the manageability.
If you have everything provided for you, it can take three to four hours to deploy this solution.
What's my experience with pricing, setup cost, and licensing?
I think that it might be cheaper than the other competitors in our region.
What other advice do I have?
I have learned that the deployment can be tricky. Always plan your deployment in phases.
Don't unload all of your privilege credentials at once, otherwise, you have an issue with the passwords.
Always, have help available on standby when you are deploying this solution to prevent issues.
This solution is quite efficient. You don't always have to have your applications. If you are encrypting the server, you don't need the applications. You are required to do it on your workstation. The server will deliver that to you from the managing pack when you try to implement the sessions.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Presales Engineer/Network Security Technical Consultant at a tech services company with 51-200 employees
Good integration, excellent session monitoring and very good password protection
Pros and Cons
- "Session monitoring is excellent. It may be the solution's most valuable aspect."
- "The initial setup could be simplified. Right now, in comparison to its nearest competitors, it's quite complex."
What is most valuable?
The solution is very complete. It has the most features on the market.
Session monitoring is excellent. It may be the solution's most valuable aspect.
The solution offers very good password protection.
It offers great integration with many products.
What needs improvement?
The initial setup could be simplified. Right now, in comparison to its nearest competitors, it's quite complex.
For how long have I used the solution?
I've been using the solution for one year.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
The solution is easy to scale.
How are customer service and technical support?
I've never had to reach out to technical support.
How was the initial setup?
The initial setup is complex. You need to install many virtual machines. You must do many configurations. It's not just one machine to another; you'll also have to handle the configuration of independent machines as well.
What's my experience with pricing, setup cost, and licensing?
The price is higher than the competition, but if the customer wants the best product for their company, they won't mind the price.
We have a permanent license. Licensing is based on how man users you have, so the pricing varies according to the size of the company.
What other advice do I have?
We're a partner of CyberArk.
I'd rate the solution nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Security Consultant at a tech services company with 10,001+ employees
It is clientless, and does not require any third-party product for any of its operations.
What is most valuable?
Every feature of this product - Password Management, Session Management and so on has its own value depending on different use cases, but I like:
- It's a clientless product and does not require any third-party product for any of its operations (Password Management, Privileged Session Management).
- For password and session management, it can integrate with any device/script with a password OOB or via a custom plugin.
- Compared to other products, CyberArk is extremely easy to install and configure.
How has it helped my organization?
Due to regular growth of an organization infrastructure, managing passwords within the organization becomes extremely difficult.
In larger organizations with a large user and infrastructure base, it can be very difficult to ensure that the passwords for privileged accounts are changed according to the organization security policy. This can be especially true in case of local admins for Windows and Unix boxes. Unmanaged/neglected local admins accounts lead to a major security threat.
Another major risk is to monitor activities and usages associated with privileged accounts to hold people accountable for their actions.
CyberArk helps organizations to manage all the privileged account passwords (server or workstation) in a centralization location as per organizational security policies. It also helps to hold people accountable by controlling and managing password usage using privileged session management.
Accountability is set up using CyberArk OOB temper-proof reports.
What needs improvement?
CyberArk has evolved a lot in the last 16 years and has nearly all the features required for effective operation. The only area for improvement is using a native client while connecting to the target device instead of the current method of using a web portal (PVWA). CyberArk seems to be working on this area and we expect these features in coming versions.
It would be great if in the future CyberArk considers launching an installer for Unix-based OSs.
For how long have I used the solution?
I have been using this product since 2010.
What do I think about the stability of the solution?
In my seven years of experience with CyberArk products, I have never seen an unstable environment due to product functionality. It's always lack of proper planning, inexperience and faulty configuration that leads to an unstable environment.
What do I think about the scalability of the solution?
CyberArk can be horizontally and vertically scaled, if it is well thought out during panning phase. As an example, if an organization feels that they may need high availability of Vault servers (CyberArk’s centralized storage for passwords and audit data) in the foreseeable future, they should consider installing CyberArk Vault in cluster mode instead of standalone mode. One can't use a standalone vault as a cluster vault or convert a standalone vault to a cluster vault, but in terms of increasing the number of passwords and session recording, underlying hardware can be scale to achieve desired size.
How are customer service and technical support?
Three-year support (unlimited case and call support) is free with license purchase but I would say sometimes it's not sufficient to resolve the issues with this model.
Nonetheless, CyberArk Profession Services is quite impressive, even though it's a costly affair.
Which solution did I use previously and why did I switch?
I was part of the PIM product evaluation team at my previous organization. I stayed with CyberArk because is it's extremely easy to implement, and very stable when implemented with well-thought-out planning and experience. It has all of the required features for a PIM product, it does not have dependencies on third-party products for it to function and it is clientless.
How was the initial setup?
Initial set up is super simple and if planned properly, can be installed within a couple of hours.
What's my experience with pricing, setup cost, and licensing?
I cannot comment much on this because CyberArk has different pricing for its partners or resellers, and might also vary according to size of procurement.
Which other solutions did I evaluate?
Before choosing this product, I also I evaluated NetIQ PIM, Dell TPAM, CA PIM and ARCOS.
What other advice do I have?
Invest as much as possible in the planning and design phase. Consider at least future three-year growth in password and user base such as growth in virtual environments, and size accordingly. Also consider requirements like high availability of vaults, PSM and other components.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Riyas AbdulkhaderSecurity Architect, InfoSec Consultant at Confidential ( Sensitive Industry)
Real User
New version 10.x had made the PAS Solution more graphical for the end users.
Its uses the new gen CPMs and so can overcome the reconcile delays.
Dashboard views also make it a bit enhanced.
Cyber Security Supervisor at a tech company with 1,001-5,000 employees
Sys/DB admins and third parties no longer need to have system credentials.
What is most valuable?
- Password vaulting
- Granular commands profiling with OPM
How has it helped my organization?
- Sys/DB admins no longer need to have system credentials (and the same for third parties)
- Access profiling
- Request demands from domain groups
What needs improvement?
The management console has a lot of functionalities, but is a little bit complex to use.
Customer support and technical support can be better, compared with the level of products.
For how long have I used the solution?
I have used it for one year.
What do I think about the stability of the solution?
I have not encountered any stability issues.
What do I think about the scalability of the solution?
I have not encountered any scalability issues, technically speaking. Issues with the licenses can occur; the pricing model is not easy to understand.
How are customer service and technical support?
Technical support is 7/10.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
How was the initial setup?
Initial setup was very easy. We started integrating systems and providing access to systems within few days.
What's my experience with pricing, setup cost, and licensing?
From my experience, for small environments, the subscription licensing model is very cheap.
Which other solutions did I evaluate?
We also evaluate other solutions in the Magic Quadrant for PAM solutions.
What other advice do I have?
Before defining the solution’s architecture, clearly define your requirements and the kind of systems in scope. Some systems/device can be integrated out-of-the-box, others need customization.
Plus: easy to deploy, highly customizable
Minus: a little bit complex to integrate in large environment, complex rules/customization takes time
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director - Enterprise Security, Fraud and Supplier Risk Management at a financial services firm with 1,001-5,000 employees
Secure and functionally complete
Pros and Cons
- "I haven't really thought about anything that I want to use it for, that I couldn't use it for."
- "I would like to see more integration with more tools, for more APIs."
What is our primary use case?
I used CyberArk for vaulting passwords.
What is most valuable?
I haven't really thought about anything that I want to use it for, that I couldn't use it for.
What needs improvement?
I would like to see more integration with more tools, for more APIs.
For how long have I used the solution?
I have used this solution in the last 12 months.
How was the initial setup?
The initial setup was not overly complex but it wasn't straightforward.
Once it was prepared properly, it was okay.
What other advice do I have?
I would rate CyberArk Enterprise Password Vault an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Privileged Access Management (PAM) User Activity Monitoring Enterprise Password Managers Mainframe Security Operational Technology (OT) SecurityPopular Comparisons
Okta Workforce Identity
Delinea Secret Server
CyberArk Endpoint Privilege Manager
BeyondTrust Endpoint Privilege Management
WALLIX Bastion
One Identity Safeguard
BeyondTrust Privileged Remote Access
BeyondTrust Password Safe
ARCON Privileged Access Management
Delinea Privileged Access Service
ManageEngine PAM360
Symantec Privileged Access Manager
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- CyberArk vs. ManageEngine Password Manager Pro
- How does Sailpoint IdentityIQ compare with CyberArk PAM?
- Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
- What is the difference between Privileged Users and Privileged Accounts
- When evaluating Privileged Identity Management, what aspect do you think is the most important to look for?
- Which is the best Privileged Account Management solution?
- What are the top 5 PAM solutions that can be implemented which cover both hybrid and cloud?
- What are the top 5 PAM solutions?
- How will AI and ML help or work with PIM/PAM?
- Is BeyondTrust Endpoint Privilege Management really expensive compared to other tools or software?
Cool review