What is our primary use case?
I have used Carahsoft Services for CyberArk for at least three years, deploying it across two clients, primarily at banking companies.
I have used Carahsoft Services for CyberArk mostly for PAM solutions and for environments that require account management.
I cannot provide a quick, specific example of how I or my clients use Carahsoft Services for CyberArk in a real-world scenario.
I want to continue using Carahsoft Services for CyberArk going forward.
How has it helped my organization?
Carahsoft Services for CyberArk has positively impacted my organization, particularly from an operational architecture perspective, providing a massive advantage when examining scalability, rapid deployment, and alignment with strained security compliance frameworks. It reduces procurement cycles from months to days, allowing security engineering teams to rapidly deploy necessary CyberArk licenses into production and close critical security gaps before they can be exploited.
In the Zero Trust architecture that we deployed in the banking environment, we achieved a 70% reduction in audit preparation time, with 20% to 25% time reclamation by IT administrators through automating password generation, complex rotations, and onboarding that eliminates manual ticketing resets. This results in a 10-month average payback period, as we typically recover the initial investment within less than a year due to rapid automated deployment models and minimized operational friction.
What is most valuable?
The best features that Carahsoft Services for CyberArk offers include PAM, credential vaulting rotation, privileged session monitoring, just-in-time access, endpoint privilege manager, DevSecOps and security, and machine identity security, as well as workforce and customer access features such as adaptive MFA, SSO, and identity lifecycle automation.
The credential vaulting and rotation feature of Carahsoft Services for CyberArk has made the biggest impact in my work by automatically managing administrative and service passwords to prevent credential theft. Using this management eliminates reliance on human memory, post-it notes, or static spreadsheets to manage critical administrative passwords at the bank. I have introduced an automated, highly secure lifecycle for the keys of their digital environment. My main objective involves isolation, encryption, and access control, with CyberArk utilizing a great component called the Central Policy Manager. Passwords are automatically changed based on predefined organization policies, for example, every 30, 60, or 90 days, immediately after an administrator checks a password back into the system after using it.
What needs improvement?
Carahsoft Services for CyberArk can be improved by using the architecture blueprint as an effective master aggregator for bringing CyberArk to the massive sector by shifting from generalist sales, especially for identity engineers. CyberArk is not a plug-and-play tool; it involves deeply intricate infrastructure integrations. Carahsoft should deploy dedicated identity security engineering desks with pre-sales architecture that deeply understands the difference between standard workforce PAM, machine identity secret management, and endpoint security. Additionally, Carahsoft could pre-package Zero Trust blueprint bundles since organizations rarely buy just CyberArk; they need to integrate CyberArk's privileged logs into SIEM/SOAR platforms or tie it directly to cloud-native identity structures. Currently, customers or system integrators must design this bridge from scratch, so creating a plug-and-play environment before deploying CyberArk would greatly simplify the process.
For how long have I used the solution?
I have been working in my current field for about 15 years.
What do I think about the stability of the solution?
Carahsoft Services for CyberArk is very stable.
What do I think about the scalability of the solution?
The scalability of Carahsoft Services for CyberArk is robust, as I have deployed it for 5,000 users. The scalability profile is highly robust, though it requires specific architecture planning as we scale up.
How are customer service and support?
The customer support for Carahsoft Services for CyberArk is very good, with professional services available.
Which solution did I use previously and why did I switch?
I did not previously use a different solution; Carahsoft Services for CyberArk is the first solution I have used.
How was the initial setup?
Carahsoft Services for CyberArk is deployed in my organization on a private cloud.
What about the implementation team?
I managed the pricing, setup costs, and licensing for Carahsoft Services for CyberArk.
What was our ROI?
I have seen a return on investment from Carahsoft Services for CyberArk. For implementation, it requires a specialized consulting engineer with the standard professional service daily rate typically between two and 2000 dollars. Over a five-year TCO between SaaS and self-hosted models, the estimated cost for 5,000 users is $5,100. The professional services cost is $5,400,000, premium support and storage is $1,228,000, and internal overhead is $500,000, leading to a total year one cost of $8,200,000. However, ongoing operational efficiency offsets these costs over a three-year cycle, and we have numbers showing a payback time of 10 months.
Which other solutions did I evaluate?
I evaluated other options before choosing Carahsoft Services for CyberArk, particularly the Okta solution.
What other advice do I have?
My advice to others considering Carahsoft Services for CyberArk is to maximize Carahsoft for the contract, not the architecture, shift the culture before forcing the technology, think cloud-native from day one, and aggressively budget for post-procurement training. These items include procurement sizing, integration, and adoption.
The governance and security of Carahsoft Services for CyberArk's AI capabilities are highly mature as they treat AI exactly for what it is—the ultimate expansion of the non-human identity attack surface. They utilize Core AI to automate the heavy lifting of compliance reviews while simultaneously using Core PAM secret hub architecture to lock down credentials used by corporate AI engines, successfully bridging the gap between rapid AI adoption and rigid Zero Trust constraints.
The accuracy and reliability of output regarding Carahsoft Services for CyberArk dictate that if an AI agent executes a transaction of access, we need to evaluate and discuss enterprise identity security. Domain hallucination is not just an annoying typo; it can lead to improper privilege escalation and overlook lateral threats.
I would rate this product an overall 8 out of 10.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Google