The solution is used to provide privileged access management to our datacentre environments, for anyone with admin rights with infrastructure or applications within the datacentres. Authentication to the solution in the PVWA (Password Vault Web Access) with onward connectivity via the PSM for Windows (PSM) as well as the PSM for SSH (PSMP). These provide the session isolation, audit, and session recording capabilities that CyberArk offers. The use of Privileged Threat Analytics (PTA) adds more control functionality to the solution.
Technical Architect at a tech vendor with 10,001+ employees
Great password management and Privileged Threat Analytics with good auditing capabilities
Pros and Cons
- "The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."
- "The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
What is our primary use case?
How has it helped my organization?
The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution.
This includes sessions via the solution and sessions to administer the solution itself. From a user perspective, we no longer need to try and create or remember complex passwords or have to be concerned about when they will change as the solution takes care of this and can and does populate these credentials for you so mistyping a complex password is a thing of the past.
What is most valuable?
Password management is a great feature, as all passwords are changed more frequently. This can be scheduled in line with a specific policy requirement or each time the credentials are returned to the pool for reuse and are always compliant with the password policy however long or complicated the policy states that they need to be.
Another great feature is the Privileged Threat Analytics (PTA) as this can stop a session based on prescribed risk and bring it to an end or pause it pending approval to proceed.
What needs improvement?
The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow. That said, it has been moving in the right direction with features becoming available in the v10 interface and some user features are available in both classic and v10 interfaces. I would love to see all the classic interface features moved into the v10 interface or available in both interfaces within the next version.
Buyer's Guide
CyberArk Privileged Access Manager
March 2025

Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
For how long have I used the solution?
I've used the solution for about eight years.
What do I think about the stability of the solution?
The solution has been very stable.
What do I think about the scalability of the solution?
The solution performs well, however, based on the user base may require a sizable footprint.
How are customer service and support?
Support does vary depending on how critical your issue is and if it needs to be elevated to dev support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Our previous solution was not a PAM solution and these days you can't afford to not use one.
How was the initial setup?
The setup is not complicated when trained staff are used.
What about the implementation team?
We handled the initial setup in-house.
What's my experience with pricing, setup cost, and licensing?
Set-up costs can be minimized by controlling the number of applications that are made available within the solution. The newer licenses are per user and open up access to a suite of products, the best value, and security can be achieved by using more of the products.
Which other solutions did I evaluate?
We looked at other products like Delinia and Wallix.
What other advice do I have?
Take advantage of the vendor's training or use a good partner to provide support and administration.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Feb 25, 2025
Flag as inappropriate
Senior IT Systems Administrator at a financial services firm with 10,001+ employees
Good security, seamless integration, and real time monitoring capabilities
Pros and Cons
- "With PAM in place, we've experienced a significant reduction in potential security breaches."
- "CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights."
What is our primary use case?
In a large financial institution, CyberArk Privileged Access Management (PAM) plays a pivotal role in ensuring the security and integrity of sensitive financial data. With numerous systems, applications, and databases holding critical client information and transaction data, the institution faced the challenge of managing and protecting privileged accounts effectively.
The PAM solution was seamlessly integrated into the existing IT infrastructure. It introduced granular access controls, requiring all employees to log in with standard user accounts, regardless of their role. When a privileged action is required, the PAM system enables the temporary elevation of privileges through just-in-time (JIT) access, granting access only for the necessary time frame. This reduces the window of opportunity for potential cyber threats.
How has it helped my organization?
CyberArk Privileged Access Management (PAM) has been a game-changer for our organization's security landscape. With PAM in place, we've experienced a significant reduction in potential security breaches. The meticulous control it offers over access rights ensures that only authorized personnel can access critical systems and sensitive information. The implementation of just-in-time access has effectively minimized our attack surface, making it incredibly challenging for unauthorized users to exploit vulnerabilities.
What is most valuable?
The most valuable features of CyberArk Privileged Access Management (PAM) are its granular access controls and just-in-time (JIT) access provisioning. These features ensure that only authorized users have elevated privileges and access to critical systems. JIT access reduces the attack surface by granting privileges only when needed, minimizing exposure to potential threats.
Additionally, robust auditing and real-time monitoring capabilities enhance security by tracking privileged activities, aiding in threat detection and compliance. PAM's ability to seamlessly integrate into existing infrastructures and streamline workflows further adds operational efficiency, making it an indispensable tool for modern cybersecurity.
What needs improvement?
CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights.
The user interface lacks intuitiveness; revamping the UX of the web access panel through intuitive navigation, customization, contextual assistance, visual coherence, and accessibility considerations will undoubtedly result in higher user satisfaction, increased engagement, and ultimately, a more competitive offering in the market.
In addition, several tools seem to be outdated, however, you can see that CyberArk is constantly working on them.
For how long have I used the solution?
I've used the solution since 2017.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
CyberArk Privileged Access Manager
March 2025

Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
Consultant at a consultancy with 10,001+ employees
Remote desktop manager can register connections, making it easy to connect to machines through the virtual IP
Pros and Cons
- "All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information."
- "The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments."
What is our primary use case?
There are many possible use cases, but in general, CyberArk permits users to target machines and rotate their passwords, and to record decisions. It is used to create security through PTA and to forward Vault logs and investigate events. It also enables users to access passwords in dev code without actually knowing the passwords. There are a lot of advantages to CyberArk.
As a consultant, I have seen a lot of CyberArk configurations. Sometimes we use the CyberArk Cluster Vaults with one DR. I also worked for a company that used only one vault, without a cluster, but they switched data centers when there was an incident.
How has it helped my organization?
I used to be a Windows and Linux administrator before I used CyberArk. The difference is that now it is simple for me to connect to my target machines. I can add them to my favorites, making access to the servers simple.
CyberArk enables confidentiality. The passwords are stored in a fully secured Vault. If you want, you can access target machines without using PVWA. If you act as a remote desktop manager, you can register your connections and connect your target machines through the virtual IP and easily connect to your machines. Your connections and commands would all be registered to the Vault.
What is most valuable?
All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information.
Another valuable feature is that if you don't have access to a machine, you can see the machine in CyberArk. It's the management capabilities that CyberArk enables for a company that are very useful.
Other useful features are optional, such as recording decisions or rotating passwords.
What needs improvement?
The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments.
CyberArk, as a solution, can easily adapt to a lot of environments, and you can add a lot of components to different zones, and that will work with the Vault. But not all the components, such as the PTA, can do so.
Also, it would be helpful if CyberArk added some features for monitoring machines when we access them. For example, they need to improve the PVWA. In general, when we don't use the PVWA, we don't have a lot of problems. For me, the PVWA is not perfect. I would like to see more features in the PVWA to administer our machines and to improve the transfer of data.
For how long have I used the solution?
I have been using CyberArk Privileged Access Manager for more than three years.
I have implemented and maintained CyberArk solutions for clients, including creating administration functionality, such as platforms and support for users, so that everybody has 24/7 access to the account.
I have also been involved in enhancing the solution by installing useful components and testing them. I would help analyze if a component could be of interest to the client and then implement it in production.
In general, I would help maintain the solutions and make sure that everybody can access the accounts, and that password rotation works.
How are customer service and support?
I would rate WALLIX support at six out of ten, while CyberArk's support is a seven. The reason it's a seven is that we always have to send them the logs. Of course, we do get some response and they work on things, but sometimes we lose time on little tickets.
How would you rate customer service and support?
Neutral
How was the initial setup?
If you have some experience, it is not complex to implement CyberArk. For me, the preparation is more difficult than the installation. Because CyberArk uses binaries, if you add good information, it will work. But if you miss something at the preparation stage, like the opening of the flows that you need, of course, it will be difficult. I know how the solution works, so it's not difficult.
First, you have to install the Vaults, and after installing them you can add PVWA to access the information. After that, you can install the PSM and then the CPM for the rotation, and that's it.
The time it takes to implement depends on the environment. Sometimes we work with complex environments and we have to adapt and collect all the information that we will need. We need to look out how the machines should be set up for the installation. It really depends on the size of CyberArk you want to install, including how many computers will be onboarded to CyberArk. There are technical and functional variables.
What's my experience with pricing, setup cost, and licensing?
CyberArk is one of the best PAM solutions and one of the most expensive, but it works better than the others, so the pricing is fair.
Which other solutions did I evaluate?
I used to work on WALLIX Bastion, but CyberArk works better than WALLIX. WALLIX is a PAM solution, a French version, but when I was at another job I was a consultant on both WALLIX and CyberArk at the same time. That's when I saw that CyberArk is better.
It is simpler to upgrade the CyberArk environment and components than WALLIX. CyberArk has a user interface but WALLIX does not because WALLIX is installed on Linux while CyberArk is installed on Windows, making it user-friendly. Connecting is also simple with CyberArk. When a user connects to the PVWA, there aren't a lot of buttons. When users see the icon, they click "Connect" and connect. It is simple for them.
CyberArk can adapt easily to environments. For example, when we talk about connectors, CyberArk can easily connect to all the target machines these days. CyberArk can onboard network machines, Windows Servers, Linux servers, and Oracle Databases.
Web application passwords can be rotated. With its PSM and Selenium features, it enables the connection of a web application to CyberArk and rotation of passwords, so that it's not system accounts all the time. We can manage the web application accounts as well. CyberArk can also connect to the cloud.
What other advice do I have?
When you work on CyberArk, you have to have more than one skill set. You are not just a PAM consultant because you manage passwords for all kinds of systems. You have to have skills in Windows, Linux, databases, and security because you manage those kinds of accounts. If you don't have those kinds of prerequisites, you can't work with CyberArk.
I started working on CyberArk when it was version 10.x and at this moment it is at 12 and more. The interface has changed and a lot of features have been added over that time. It's a good solution.
Which deployment model are you using for this solution?
On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Program Manager at a recruiting/HR firm with 5,001-10,000 employees
It did what was promised, and we never had to call support
Pros and Cons
- "I love how easily we could operate within Password Vault and get things done. It was almost effortless."
- "There was a situation when one of our presidents had an issue, but I can't recall the specifics."
What is our primary use case?
I've deployed Password Vault for various use cases across different industries from finance to healthcare and manufacturing.
What is most valuable?
I love how easily we could operate within Password Vault and get things done. It was almost effortless. After we went through the implementation phase, it did what was promised, and we did not have to call support. It was a flawless install. All of us had experience as well because we got our certifications. We'd worked with it for at least a year.
What needs improvement?
There was a situation when one of our presidents had an issue, but I can't recall the specifics.
For how long have I used the solution?
I've been using Password Vault for three years now.
What do I think about the scalability of the solution?
For scalability, I'd give it a 13 on a scale of one to 10.
How was the initial setup?
The installation was very smooth.
What's my experience with pricing, setup cost, and licensing?
At my previous company, my budget amount was $15,000, and we didn't spend all of that. It was a larger company than the one I'm with now. It was global. We didn't spend that or come anywhere near it. They're still adding on, and I know that CyberArk will be the solution that they're going to stick with. They were hybrid, and now they're all cloud.
What other advice do I have?
I rate Password Vault 10 out of 10. If you're planning to implement Password Vault, my advice is to just let it work. Do all your use cases up front, and make sure you throw everything at them that you think will happen in your environment. Make sure that that's all addressed, so when you go to deployment, it's just easy.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cybersecurity Engineer at a healthcare company with 10,001+ employees
Provides better security and control over our accounts and saves time in onboarding new employees
Pros and Cons
- "The automatic rotation of credentials is probably the most useful feature."
- "It should be easy to use for non-technical people. Its interface can be a bit difficult. Some parts of its interface are not very intuitive. Some of the controls are hidden, and instead of having a screen with all the controls for that account on it, you have to use menus and other similar things."
What is our primary use case?
We are mostly rotating passwords and using PSM for remote connections.
How has it helped my organization?
It provides us with better security and control over our accounts.
It provides an automated and unified approach for securing access for all types of identities. This approach is important for us. The more things we have that can be automated, the easier it is to get things done.
It gives a single pane of glass to manage and secure human and machine identities across environments, which is important for us.
It saves time when it comes to onboarding new employees and providing them secure access to SaaS apps and IT systems. It probably saves a couple of hours.
What is most valuable?
The automatic rotation of credentials is probably the most useful feature.
What needs improvement?
It should be easy to use for non-technical people. Its interface can be a bit difficult. Some parts of its interface are not very intuitive. Some of the controls are hidden, and instead of having a screen with all the controls for that account on it, you have to use menus and other similar things.
Its documentation could be better. Some of the documentation lacks details for people who aren't super technical.
For how long have I used the solution?
I have been using this solution for about six years.
What do I think about the stability of the solution?
It is stable. We never had any hiccups that were caused by CyberArk.
What do I think about the scalability of the solution?
It is easily scalable. In terms of usage, it is being used by all of IT. We have over 500 users utilizing the solution. We're always adding new people and features, so its usage is increasing every day. We plan to implement more types of accounts.
How are customer service and support?
Their technical support is good, but some of their documentation lacks details for people who aren't super technical. I would rate them an eight out of 10.
Which solution did I use previously and why did I switch?
Other than the regular Password Manager, they didn't have any real solution. They chose to look into CyberArk because it is a good security practice to have accounts automatically rotate and secure remote connections.
How was the initial setup?
It is pretty complex, but they have professional services to help with that. It is complex because of all the security around it, all the hardening, and getting everything set up to communicate with each other. I am not sure about the duration of the initial deployment because I wasn't on the team then.
In terms of maintenance, it doesn't require a lot of people. Maintenance is just keeping up with patches. It is pretty stable and doesn't require a lot.
What about the implementation team?
We used CyberArk's professional services. They were good, and they helped get everything set up. They also helped do upgrades.
What's my experience with pricing, setup cost, and licensing?
It is in line with its competitors, but all such solutions cost too much money.
What other advice do I have?
It is a good choice. I'm not sure if they're the market leader or not, but they seem to have the biggest footprint. I know there are a couple of competitors, but I've never used them. The other two that I know about are not as widely used, so there is a bigger community for support for CyberArk, and there is also CyberArk's support.
CyberArk is good as a technology partner for ensuring that we maintain a strong security posture throughout our digital transformation. It is a needed platform to have.
Given my experience with CyberArk PAM, to a colleague at another company who says, “We want to solve cloud security challenges with born-in-the-cloud security solutions as opposed to legacy solutions that have been adapted to the cloud," I would say that CyberArk is a good option for the cloud. That's because you don't have to worry about maintenance, and all the integrations are already in place. The different accounts that CyberArk can integrate with are already in place.
It doesn't really give a single pane of glass to manage and secure identities across multiple environments. It only gives visibility into CyberArk and how the accounts are working there. If something is wrong with an account, sometimes, you have to check other tools, such as Active Directory, or permissions.
We don't use CyberArk’s Cloud Entitlements Manager and Secrets Manager. We use CyberArk PAM to implement least privilege entitlements, and it is neither easy nor difficult to implement them. It is somewhere in the middle. The adoption of least privilege entitlements by using CyberArk PAM is also somewhere in the middle. If users aren't really technical, they would have problems with it.
It provides consistent controls to enable secure access, manage secrets, and implement least privilege at scale across our environment. It is somewhat user-friendly for people to just rotate passwords. Its interface can be a bit difficult.
I would rate it an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Security Engineer at ITAM
Helps to store password and do authentication
Pros and Cons
- "We have the identity provider for all the authentication processes. However, sometimes, we need access to different applications for customers or clients that are not integrated into the identity provider. For these, we need to store a password to gain access. For example, we use the CyberArk Password Vault for third-party services. This vault needs to be shared with many people in our company."
- "The main challenge was integrating with in-house IT and business applications, which are not standard. We needed to create special updates for that kind of integration."
What is our primary use case?
We have the identity provider for all the authentication processes. However, sometimes, we need access to different applications for customers or clients that are not integrated into the identity provider. For these, we need to store a password to gain access. For example, we use the CyberArk Password Vault for third-party services. This vault needs to be shared with many people in our company.
This allows us to store passwords and create privileged access for some users without them needing to know the password. The system inputs the password into the endpoint URLs they use for authentication, but the users never see the password. This is crucial because people may leave the company, posing a high risk. If we had integrated it into the identity provider, we would have policies for active directory users but not for users outside the company.
For example, our development teams need to connect to databases, systems, and cloud services during development. The developers don’t get access to third-party services. We use the solution to manage this access. The application being developed and deployed integrates with CyberArk Password Vault services.
What needs improvement?
The main challenge was integrating with in-house IT and business applications, which are not standard. We needed to create special updates for that kind of integration.
For how long have I used the solution?
I have been working with the product for three to four years.
What do I think about the scalability of the solution?
The solution is 99 percent scalable.
How are customer service and support?
Sometimes, support is not easy because you need to share the company's architecture. Maybe they are on time, but they don't understand the specifics we're talking about. Communication can be an issue, especially when speaking with people whose first language isn't English. There can be difficulties with understanding and making sense of conversations. So, outsourcing support can sometimes be challenging.
How would you rate customer service and support?
Neutral
How was the initial setup?
CyberArk Enterprise Password Vault's deployment is complex.
What other advice do I have?
I have been working with the new services and don't see any additional issues at this hour. The key requirement is to have people who understand not only the tool but also the concepts and how to view it from an architectural perspective.
One problem is that people may not know how to work with the tool, and another is that they don't understand the concepts. So, I think focusing on proof of concepts is good. For example, what I do at first is request information for identity providers and key management services.
I rate the overall solution a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jul 4, 2024
Flag as inappropriateHR Director at Kooperativa pojistovna, a.s., Vienna Insurance Group
Provides good control and analytics features and helps remediate security issues
Pros and Cons
- "The most valuable features of the solution are control and analytics."
What is our primary use case?
We use the solution to provide elevated access for developers. We also use it for controlling access between departments and teams.
What is most valuable?
The most valuable features of the solution are control and analytics.
For how long have I used the solution?
I have been using CyberArk Privileged Access Manager for two years.
What do I think about the stability of the solution?
I rate the solution a seven out of ten for stability.
What do I think about the scalability of the solution?
We have 7,000 users and 200 developers working with the solution.
I rate the solution’s scalability an eight out of ten.
Which solution did I use previously and why did I switch?
We use Splunk for certain use cases and CyberArk Privileged Access Manager for others.
How was the initial setup?
The solution’s initial setup is straightforward.
What about the implementation team?
For the deployment, we sought an external consultant to help us with the design, and then we had to create an operational team.
What other advice do I have?
Six people from the OPS team and three from the engineering team are needed to deploy and maintain the solution. Regarding enterprise, the solution is scalable and has a good feature set. The solution helps us stay compliant with regulations and be proactive in remediating security issues.
Overall, I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Technology Specialist (Contract role) at a tech services company with 10,001+ employees
Good password rotation with helpful reporting and auditing functions
Pros and Cons
- "I appreciate the ease of use for support analysts."
- "Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package."
What is our primary use case?
We use the solution for privileged access to internal systems and multiple customer environments.
We have distributed PSM and CPM components throughout multiple sites and customer domains access over the VPN, with PSM load balancing handled via third-party hardware load balancers.
Environment segregation and security are high on the criteria for the implemented solution, however, not at the overall expense of performance.
We tend towards providing access to privileged admin applications direct from the PSM servers wherever suitable, yet offload additional workloads to siloed RDS collections if the need arises.
How has it helped my organization?
I appreciate the ease of use for support analysts. We provide a single pane of glass access to our analysts where segregated admin access is provided via safe access groups. The overall goal is to provide the analysts with just enough access to function without being totally impaired by security constraints. With the piece of mind that the auditing and recording capabilities allow. We provide access to fully managed systems via distributed PSMs, or where the need arises we can provide access to online third-party access points via a central pool of web-enabled PSMs.
What is most valuable?
The most important feature is the password rotation and recording to align with customer security requirements.
The reporting and auditing functions allow us to provide evidence-based accounting to customers or security personnel when or if required. Being able to prove that "it does what it says on the tin" is a very key selling point or point scorer in project and planning sessions.
The marketplace default connectors are constantly evolving and simplifying administration. In the case of one not being available then the majority of additional requests can be catered for with some clever AutoIT scripting.
What needs improvement?
Remediation of some of the platform settings in the master policies section would be handy.
Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package, that could be installed/branded alongside the PVWA service, and build out API integration so that third party calls could draw valuable data directly out of the management backend with very little amount of additional admin overhead.
For how long have I used the solution?
I've used the solution for eight years.
What do I think about the stability of the solution?
The solution is very stable; if instability is ever experienced it is likely to be as a result or symptom of a problem elsewhere, such as external factors (updates, network etc.).
What do I think about the scalability of the solution?
The solution is fairly scalable, although depending on how far and wide you stretch your footprint, you may be better suited to multiple smaller vaults and component environments, than one large pot.
How are customer service and support?
Initial call logging can be tedious at times. If you clearly articulate an issue yet are then required to collate entirely irrelevant logging information or jump through a default set of "have you tried this" questions it can cause frustration. Call escalation via account management has improved and when needed we have then progressed with support at a faster pace.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have not worked with a solution with a focus explicitly for PAM.
How was the initial setup?
The initial setup was both straightforward and complex in equal measure.
What about the implementation team?
The majority of the setup was in-house. On occasion, we have engaged the vendor team and always had a positive outcome.
What was our ROI?
I'm not in the loop to be able to answer to ROI.
What's my experience with pricing, setup cost, and licensing?
Engage with Cyberark account management and professional services to fully understand your current, expected, and future requirements.
Some default settings applied early on may be very time-consuming to amend at a later date (for example, set a default attribute in a platform, extrapolate that platform out to 300 other platforms and a single change may then have to be retrofitted 300 times). So the more scope you can define at deployment the better.
Which other solutions did I evaluate?
I believe other vendors were evaluated prior to selecting CyberArk.
What other advice do I have?
I'd advise other users to take their time, measure twice, and cut once.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Privileged Access Management (PAM) User Activity Monitoring Enterprise Password Managers Mainframe Security Operational Technology (OT) SecurityPopular Comparisons
Okta Workforce Identity
Delinea Secret Server
CyberArk Endpoint Privilege Manager
BeyondTrust Endpoint Privilege Management
WALLIX Bastion
One Identity Safeguard
BeyondTrust Privileged Remote Access
BeyondTrust Password Safe
ARCON Privileged Access Management
Delinea Privileged Access Service
ManageEngine PAM360
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- CyberArk vs. ManageEngine Password Manager Pro
- How does Sailpoint IdentityIQ compare with CyberArk PAM?
- Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
- What is the difference between Privileged Users and Privileged Accounts
- When evaluating Privileged Identity Management, what aspect do you think is the most important to look for?
- How was the 2020 Twitter Hack carried out? How could it have been prevented?
- Which is the best Privileged Account Management solution?
- What are the top 5 PAM solutions that can be implemented which cover both hybrid and cloud?
- What are the top 5 PAM solutions?
- How will AI and ML help or work with PIM/PAM?