Try our new research platform with insights from 80,000+ expert users

AWS Secrets Manager vs CyberArk Privileged Access Manager comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Secrets Manager
Ranking in Enterprise Password Managers
3rd
Average Rating
8.8
Reviews Sentiment
7.1
Number of Reviews
15
Ranking in other categories
No ranking in other categories
CyberArk Privileged Access ...
Ranking in Enterprise Password Managers
2nd
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
224
Ranking in other categories
User Activity Monitoring (1st), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
 

Mindshare comparison

As of July 2025, in the Enterprise Password Managers category, the mindshare of AWS Secrets Manager is 17.3%, down from 21.0% compared to the previous year. The mindshare of CyberArk Privileged Access Manager is 8.0%, down from 8.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Enterprise Password Managers
 

Featured Reviews

Mahadev Metre - PeerSpot reviewer
Consistent security and efficiency improvements optimize IT infrastructure with effective management
When creating AWS Secrets Manager, it should be automated using tools such as Terraform, Puppet, or Ansible. With Terraform code, you specify the encryption key, secret name, rotation policy, and secret replication. Human error occurs when feeding secret values manually, especially with large amounts of secrets to input. Secrets should never be protected only by IAM. They should be protected by multiple layers, such as IAM and one or two KMS keys. Additional security measures could be beneficial if necessary. The rotation policy is crucial because some secrets may become obsolete, require updates, or get compromised. With a weekly rotation policy, if unauthorized access occurs, the exposure is limited to seven days. The rotation policy can be customized according to needs.
Abdul Durrani - PeerSpot reviewer
Enables granular and secure access with just-in-time access and Zero Trust model
CyberArk provides a good amount of control over access types. However, as a future enhancement, having additional features for cross-platform integration would be beneficial. It would be good to have integrations with other tools and firewalls, such as Zscaler and CrowdStrike. Although I am not fully aware of recent updates, more cross-platform integration would be valuable. A SOC analyst would like to have centralized access in terms of information flowing in even for privileged access management. They would like to have control over everything instead of opening four to five tabs for different sorts of information. Cross-platform integration would help with that. Customers also want CyberArk's pricing to be better so that they can implement it further and have more licenses. Implementing a privileged access management solution can be challenging. It would be great if CyberArk could provide recommendations based on the compliance standards of an organization. It would help system admins ensure that all the required ports are closed and the systems are being managed properly. If any system is not being used anymore, any ports opened for that system need to be closed. Having such recommendations would be helpful.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product is easy to use and is inexpensive."
"It's highly scalable, so I'd rate it a ten out of ten."
"I would highly recommend AWS Secrets Manager for secret management in AWS."
"The most valuable feature of AWS Secrets Manager is its seamless integration with various AWS services."
"The most valuable feature is the management of credentials."
"All our workloads are running on AWS, so integration with our workload is much easier on AWS Secrets Manager than going with another solution such as Thycotic."
"Secrets Manager helps in retrieving the enrollment variables used by the code."
"Integrating with other services was straightforward, especially within the AWS environment."
"Session monitoring is excellent. It may be the solution's most valuable aspect."
"It provides an accountability to the individuals who are using it, knowing that it is audited and tracked."
"CyberArk is a good and adaptive solution. It is easy to adopt and install. It is easy for every use case."
"Ensures accounts are managed according to corporate policies."
"The solution is stable."
"The most valuable feature is privileged session management."
"All of the features of CyberArk Privileged Access Manager are valuable."
"The users have the ability to rotate passwords on a daily basis with a Reconcile Account. Or, if they want to do one-time password checkouts, we can manage those, check in, check out. I like the flexibility of the changing of the password, specifically."
 

Cons

"There is a need for better environmental implementation, such as having a security fund as a solution."
"The sidecar feature has room for improvement."
"AWS Secrets Manager could support hybrid infrastructure."
"The solution's initial setup process is complicated."
"We occasionally have problems with rate limits, although that is a problem more generally with AWS."
"If you don't have enterprise support, then you will not be able to get through to them to get the help. It is not only applicable to AWS Secrets Manager. It is also applicable to any service on AWS."
"It would be good if the AWS Secrets Manager were more customizable."
"There is a potential improvement in connecting AWS Secrets Manager to Jenkins CI/CD pipeline to automatically reflect changes in production."
"CyberArk Privileged Access Manager could improve the integration with other solutions and ease of use. Additionally, there should be a feature to have remote connections without a VPN."
"If you are an administrator or architect, then the solution is kind of complicated, as it is mostly focused on the end user. So, they need to also focus on the people who are implementing it."
"They are taking two to three days for resolution are too slow. Customers, including myself, do not want to wait this long for solutions."
"The major pain point that we have is the capacity of CyberArk due to the sheer volume of NPAs that we are managing. We are a large organization and we have hundreds of thousands of non-personal accounts to manage. We have already found out that there are certain capacity limitations within CyberArk that might introduce performance issues. From my perspective, something that would be valuable would be if the vault could hold more passwords and be more scalable."
"If CyberArk wants people to pay for cloud services, they need to make the cloud services much more real-time."
"There is room for improvement in the pricing model."
"I would like easier integrations for creating an online dashboard that executives would look at or are able to run reports from the tool."
"There is a lot of complexity if we are installing the solution on-premises."
 

Pricing and Cost Advice

"We purchase a monthly license for the product."
"We've observed that AWS Secrets Manager pricing is based on a per-secret-per-month model. As a result, we prefer to divide our secrets into individual pieces to increase security and grant specific access permissions to certain secrets, systems, or individuals. However, this approach results in higher costs. Therefore, we have been exploring ways to combine our secrets into groups to reduce expenses and simplify management. Nonetheless, we acknowledge that this issue may not be related to the secret manager's functionality."
"The solution is expensive."
"I don't believe there is a license cost for the solution."
"The cost is somewhat high."
"It can be an expensive product."
"Licensing fees are paid on a yearly basis."
"Compared to other solutions, it is costly."
"The SaaS version of CyberArk Enterprise Password Vault is very expensive, but the on-premises version is relative, e.g. depending on the size of the environment, it can be a bit pricey, but it's relatively okay compared to the others."
"The solution is cost-effective for the features."
"I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year. You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features."
"Pricing is a problem. CyberArk is expensive compared to other products I know. It is similar to buying a German car. It comes with all the bells and whistles, but some companies may find it too expensive."
"I have heard from my leaders that CyberArk is costlier in terms of licensing. The support and maintenance are also costly. We use their premium support, but for the price we pay, we do not get the value."
report
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
861,803 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Financial Services Firm
13%
Manufacturing Company
9%
Insurance Company
6%
Computer Software Company
15%
Financial Services Firm
15%
Educational Organization
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Azure Key Vault or AWS Secrets Manager?
Azure Key Vault is a SaaS solution. You can easily store passwords and secrets securely and encrypt them. Azure Key Vault is a great solution to ensure you are compliant with security and governanc...
Which is better - HashiCorp Vault or AWS Secrets Manager?
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic sol...
What do you like most about AWS Secrets Manager?
The most valuable feature of AWS Secrets Manager is its seamless integration with various AWS services.
How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
 

Also Known As

No data available
CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
 

Overview

 

Sample Customers

Autodesk, Clevy, Stackery
Rockwell Automation
Find out what your peers are saying about AWS Secrets Manager vs. CyberArk Privileged Access Manager and other solutions. Updated: June 2025.
861,803 professionals have used our research since 2012.