Presales Engineer at a tech services company with 51-200 employees
Reseller
2021-02-19T09:15:00Z
Feb 19, 2021
The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers.
Their post-sale support area requires a little more attention to our region ( ME/UAE. The current support model does not allow the end customers to open a ticket directly with CyberArk. Customers have to inform the distributor or bring in partners who have access to the support portal to open support cases. The support teams liability is limited to product issues and they usually do not get into configurations and integrations, unless estimated and paid for PS services. This indirectly helps Service providers like us to make extra revenue. The default 24/7 support to our region, is effective when there is an emergency like a serious software issue, or if password vault is down etc, for such cases they provide immediate attention. For the rest of the low priority like migrations, upgradations, backups etc ( in some site it shall be considered high ), they take more time to respond. Looking forward to new features line API security
Junior Product Consultant at a tech services company with 501-1,000 employees
Real User
2020-12-08T05:35:26Z
Dec 8, 2020
We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process. The solution could be more stable. It should have more specific configurations. There are lots of types of servers and devices. The product should have a more detailed, specific configuration and integration with other products.
Threat Protection Architect at a consumer goods company with 10,001+ employees
Real User
2020-07-08T14:17:00Z
Jul 8, 2020
CyberArk lacks the following functions for a better IAM like solution: - Provision accounts for systems and directories. - Create access to the systems. - Monitor if any new account has been created into the system. - Better GUI for the end-user and also for administrators. The learning curve is quite long and requires lots of training for good usage. - More automated process for account provisioning into CyberArk. For example when a new DB is created. - Better documentation with more examples for the configuration files and API/REST integration.
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
CyberArk has captured the individual privileged access space well. They've captured the application-to-application and DEVOPS space quite well.. They should continue to invest in optimizing the services, and help companies drive down risk associated with application based passwords, as this is an industry that is being closely watched by external regulators. CyberArk continues to stay close to the industry and are always looking for ways to improve their products and service offerings accordingly. There are 3 areas that I would call out, that CyberArk should continue to focus on: 1) Continue to help organizations understand how they align their strategies and roadmaps to industry trends and the overall cybersecurity threat landscape. 2) Continue to help the industry innovate on talent , and position customers to be more successful in supporting their CyberArk implementations. 3) Continue to help customers understand the Risk reduction capabilities and scorecards associated with their deployments. Initiatives like the CyberArk Blueprint will help enable enable informed customers.
Corporate Vice President at a insurance company with 10,001+ employees
Real User
2019-12-15T09:11:00Z
Dec 15, 2019
We work with CyberArk's customer success team and we work with its engineering team back in Israel. We've been doing things on CyberArk which a lot of its customers, we know, have not been doing. The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing SaaS products, SaaS vendors, and SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming, but these are the major places where CyberArk definitely needs to invest some more time. Because this is what the future is. You're not going to have a lot of on-prem applications. Most stuff is going to the cloud.
We're pretty excited about Alero, the third-party access management. As a small company we lean on vendors quite a bit and we do that in multiple areas. That's going to be a big one for us. It's just gone from beta to production. It's one of those things that's on our roadmap, but being so new to the toolset, we're just growing into the tool. We're not quite there yet.
Privileged Threat Analytics (PTA) that can function in more that one AD domain at a time. The recent enhancement that allows resilience in PTA is great, but operation in more than one domain is required as many organizations have multiple AD domains. Even if it’s just prod and test or PPE split, you still want to know what’s going on in it.
I would like to see a product enhancement with the Secure Connect feature. Today, there is no functionality to create "Accounts" using Secure Connect to permanently store a user's working tab. It is a tedious manual process of entering host IP information and user credentials to a privileged target system. Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use. It’s a manual process of entering information all the time. Unless, you are working with accounts already stored in “Safes”.
CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.
CyberArk Privileged Access Manager possesses...
There are always improvements that can be made, but nothing really stands out. It's hard for me to say as I am not a direct user.
The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers.
Their post-sale support area requires a little more attention to our region ( ME/UAE. The current support model does not allow the end customers to open a ticket directly with CyberArk. Customers have to inform the distributor or bring in partners who have access to the support portal to open support cases. The support teams liability is limited to product issues and they usually do not get into configurations and integrations, unless estimated and paid for PS services. This indirectly helps Service providers like us to make extra revenue. The default 24/7 support to our region, is effective when there is an emergency like a serious software issue, or if password vault is down etc, for such cases they provide immediate attention. For the rest of the low priority like migrations, upgradations, backups etc ( in some site it shall be considered high ), they take more time to respond. Looking forward to new features line API security
The authentication port is available in CyberArk Alero but not Fortinet products.
We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process. The solution could be more stable. It should have more specific configurations. There are lots of types of servers and devices. The product should have a more detailed, specific configuration and integration with other products.
CyberArk lacks the following functions for a better IAM like solution: - Provision accounts for systems and directories. - Create access to the systems. - Monitor if any new account has been created into the system. - Better GUI for the end-user and also for administrators. The learning curve is quite long and requires lots of training for good usage. - More automated process for account provisioning into CyberArk. For example when a new DB is created. - Better documentation with more examples for the configuration files and API/REST integration.
CyberArk has captured the individual privileged access space well. They've captured the application-to-application and DEVOPS space quite well.. They should continue to invest in optimizing the services, and help companies drive down risk associated with application based passwords, as this is an industry that is being closely watched by external regulators. CyberArk continues to stay close to the industry and are always looking for ways to improve their products and service offerings accordingly. There are 3 areas that I would call out, that CyberArk should continue to focus on: 1) Continue to help organizations understand how they align their strategies and roadmaps to industry trends and the overall cybersecurity threat landscape. 2) Continue to help the industry innovate on talent , and position customers to be more successful in supporting their CyberArk implementations. 3) Continue to help customers understand the Risk reduction capabilities and scorecards associated with their deployments. Initiatives like the CyberArk Blueprint will help enable enable informed customers.
The user interface was a previous problem that has been overcome.
We work with CyberArk's customer success team and we work with its engineering team back in Israel. We've been doing things on CyberArk which a lot of its customers, we know, have not been doing. The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing SaaS products, SaaS vendors, and SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming, but these are the major places where CyberArk definitely needs to invest some more time. Because this is what the future is. You're not going to have a lot of on-prem applications. Most stuff is going to the cloud.
We're pretty excited about Alero, the third-party access management. As a small company we lean on vendors quite a bit and we do that in multiple areas. That's going to be a big one for us. It's just gone from beta to production. It's one of those things that's on our roadmap, but being so new to the toolset, we're just growing into the tool. We're not quite there yet.
Privileged Threat Analytics (PTA) that can function in more that one AD domain at a time. The recent enhancement that allows resilience in PTA is great, but operation in more than one domain is required as many organizations have multiple AD domains. Even if it’s just prod and test or PPE split, you still want to know what’s going on in it.
I would like to see a product enhancement with the Secure Connect feature. Today, there is no functionality to create "Accounts" using Secure Connect to permanently store a user's working tab. It is a tedious manual process of entering host IP information and user credentials to a privileged target system. Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use. It’s a manual process of entering information all the time. Unless, you are working with accounts already stored in “Safes”.