Share your experience using Oracle Entitlements Server

The main use cases for CyberArk Identity help us to strengthen security to protect sensitive data centers and systems. We can store sensitive credentials, user credentials, and privileged accounts inside our CyberArk PAM tool. This helps us rotate passwords for privileged account credentials and monitor sessions. It is very useful for audit purposes. If there are any unsuspected activities happening, we can review the log files and identify where issues are occurring. It is very helpful for monitoring and strengthening security levels.

The best features in CyberArk Identity that I appreciate most are the recent updates that have added features in the cloud privilege environment. In the SAS solutions, they have added connectors. Except for PSM and CPM, they have included SIA, Secure Infrastructure Access, Secure Cloud Access, and Secure Web Sessions. These are additional features I have seen in the recent updates.

For multi-factor authentication, we use CyberArk Identity's multi-factor authentication integrations, LDAP integration and SSO, Azure SSO, LDAP and SIM. These authentication mechanisms we implement. Mostly, we use LDAP and Azure SSO.

Just-in-time access, also called ephemeral access, is especially beneficial, particularly with SIA and SCA features. The recent updates from CyberArk Identity have been impressive. If a requester needs access to a platform, such as Windows, Linux, or any database, the request goes to the approval level for a particular time period. The approver can approve the request within that set time frame, granting just-in-time access to the end user.

Session monitoring is beneficial as it detects if the user is trying to log in and records all activities stored in the vault. It gives us more insights into what activities are happening inside. If there are any breaches or issues arise, I can go back to the log report and check all those activities that are captured, where it failed exactly, and what the issue was. From there, I can find and fix it.

On the identity product side, it is awesome. However, they can improve in the documentation parts. For example, if there is a migration process, I can see the maximum customers are moving from self-hosted to on-premises or from on-premises to the cloud. It would be helpful if they released a generalized document for processes such as migration. A clear overview document would assist us in understanding more about the tool, configurations, and automations to enhance our security.

Regarding the initial setup of CyberArk Identity, I faced some challenges. At some points, I could not find proper documentation for deploying, enhancing, or integrating with other components. I could not find the proper documentation in the community portal.

I have been working with the identity product using CyberArk PAM tool for more than two years.

When it comes to performance and stability, I find it very reliable.

CyberArk Identity is highly scalable as there are many things to learn. There is no limitation. When delving deep into the concepts, there is a lot to address and learn, especially when facing real-time scenarios. It may seem simple at first glance but once you get into the depth of the concepts, you realize how much there is to learn and there are no limitations in that regard.

My experience with technical support has been very good. When I reached out to them, I received prompt responses and support, which I would rate as very good.

Positive

I faced some challenges during the initial setup of CyberArk Identity. At some points, I could not find proper documentation for deploying, enhancing, or integrating with other components. I could not find the proper documentation in the community portal.

If I can share advice or recommendations for other companies considering CyberArk Identity, I would highlight the most powerful features in CyberArk PAM such as password rotation, session recordings, and just-in-time access as the best aspects of this product. On a scale of one to ten, I would rate this solution an eight.

It's not being purchased through AWS, but we're using CyberArk Identity as a SaaS solution. I think it's running on AWS, but we bought it directly from CyberArk.

The straight-through approach of CyberArk Identity is very easy to start with. After you start with it, you can very easily onboard your privileged accounts. From there on, you can advance further and make it more and more secure. I think that the easy way to start with CyberArk Identity is one of the benefits of using it.

The best feature for us is the regeneration of passwords after every use that we have implemented with CyberArk Identity. The two-factor authentication is very important, but the fact that every account is being regenerated every time we use it is the most important security feature for us.

Session monitoring with CyberArk Identity is helping in making us feel secure with our vendors. We're also using the vendor implementation. The fact that we know that we can look back and that we tell that to our vendors gives us a good secure feeling. We haven't really found it necessary to look back, but the fact that we know that we can makes us feel secure.

We do not specifically use the password vaulting feature of CyberArk Identity.

The centralized user dashboard of CyberArk Identity has not been that important for us.

If it would be possible to share accounts between vaults in CyberArk Identity, that would be very beneficial. Account sharing between vaults is one of the most important aspects for us.

It was pretty complex to implement CyberArk Identity. We had some help from a partner, and that helped a lot. But even for the partner, it was really difficult to streamline the process of implementing. We had sometimes an issue that really took days during the implementation to fix. That was something that I did not appreciate about the whole implementation. It should be much more straightforward, specifically because you're doing a SaaS implementation.

I rate it a seven because vendor support is difficult to get. Basically, you have to go through a partner to get support with CyberArk Identity. That's another thing that they could improve.

This is the second time I'm implementing CyberArk Identity. The first time was for a different customer. With the current customer, we're using it for about nine months now.

I rate the stability of CyberArk Identity regarding downtime, bugs, and glitches a 10. We haven't had any downtime or any problems with availability.

I would consider CyberArk Identity to be just as scalable as you want to be. You can scale it out pretty easily, and you can implement it very small. I would rate it a nine.

I'm not an end-user or a partner. I'm just an independent consultant helping with the implementation.

We've compared CyberArk Identity for our other customer and did a real peer review between BeyondTrust and CyberArk Identity. It was very close. In the end, CyberArk Identity had a better offer for us and was a little bit cheaper. That's why we decided to go with CyberArk Identity at the other customer. This customer already decided they wanted CyberArk Identity because it's a government agency and they've got a lot of other governments using CyberArk Identity. There was a lot of trust in CyberArk Identity, and there wasn't very much experience with BeyondTrust. It was a very quick choice to use CyberArk Identity for them.

The feature of just-in-time access in managing privileged accounts and security is going to be important, but not right now because we're only using CyberArk Identity for nine months. We're still in the phase of onboarding all the privileged accounts and making sure that everybody is on board. After that, we're going to decrease the amount of rights that each account has and we're going to use named accounts instead of personal accounts. That's when we're going to implement just-in-time.

I don't think CyberArk Identity is cheap, but if you look at the security advantages that you get, I think it's the right price.

My clients are medium and enterprise, not small.

I would definitely recommend CyberArk Identity to other users because even though the implementation is difficult, the fact that you get so much more security is really a no-brainer for me. I think that everybody with multiple privileged accounts should implement at least a PAM solution CyberArk Identity, and CyberArk Identity is very good.

I would rate CyberArk Identity overall an eight out of ten.