Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs Microsoft Entra ID comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.0
CyberArk Privileged Access Manager enhances security, saves costs, and automates processes for improved control over privileged accounts.
Sentiment score
7.5
Microsoft Entra ID improves efficiency by consolidating identities, reducing costs, enhancing security, and supporting cloud transitions for businesses.
The return on investment lies in improved security infrastructure, addressing over-privileged access, and reducing the risk of credential compromise, which is a major source of data breaches.
The end users have the authority to reconcile the password or verify it before using session isolation, which is one of the unique features that can be enabled through Privileged Session Manager, preventing any attacks from happening within the organization when connected with sessions through CyberArk Privileged Access Manager.
During our quantitative analysis, we estimated potential savings of one to ten million dollars a year by using a PAM solution.
We leverage existing licensing, like Windows Server or SQL, and hybrid benefits, and our sales and marketing teams benefit from co-selling and partnership advantages.
We get a return from not needing to pay other vendors to do what we already had from Microsoft, which was better than the competition.
The return on investment comes from not needing as many IT staff to manage and verify user identity and ensuring seamless device connection without needing to administer device compliance manually.
 

Customer Service

Sentiment score
6.5
CyberArk's support is improving, with overall quality appreciated but needing faster response times and better initial case handling.
Sentiment score
6.7
Microsoft Entra ID's support receives praise for expertise but faces criticism for inconsistency, delays, and repetitive explanations.
CyberArk has been exceptional in coming back to us with immediate responses.
It could be forever until you talk to someone who knows what they are doing.
They are helpful, but complex issues can take a long time to resolve, which can delay solutions for urgent customer issues.
The actual support when you get to that level is a ten out of ten.
There are immediate answers to any issues that arise with great knowledge and a deep understanding of the product and business needs.
They usually try to deflect, buy time, and often do not address the problem immediately.
 

Scalability Issues

Sentiment score
7.7
CyberArk Privileged Access Manager is praised for its scalability, though some users face licensing and initial planning difficulties.
Sentiment score
7.9
Microsoft Entra ID efficiently scales for all organization sizes, supporting global deployment and enhancing user management through robust cloud infrastructure.
The CPM can reportedly handle up to 50,000 accounts independently without issue.
I would rate it a ten out of ten for scalability.
They had 40,000 passwords in this one safe, and it was saving the last ten iterations of each password object. That means they had 400,000 password objects in this safe. They exceeded the limit.
We experienced no scalability issues with Microsoft Entra ID.
Its scalability is impressive, aided by Microsoft's efforts to expand its data centers.
When dealing with tens of thousands of objects, it requires proper management and best practices to retrieve only necessary data.
 

Stability Issues

Sentiment score
7.8
CyberArk Privileged Access Manager is praised for stability and reliability, with most issues arising from configuration or user errors.
Sentiment score
7.9
Microsoft Entra ID boasts high stability and reliability, with quick resolutions to occasional outages and strong user satisfaction commitment.
Proper fine-tuning and expertise ensure the product performs well.
Overall, the stability of the solution is high.
It has a large customer base and positive feedback within my network.
It's a critical solution that we can't do without.
The stability of the solution is very high at 99.999%.
We rarely had significant problems or crashes.
 

Room For Improvement

CyberArk Privileged Access Manager requires UI improvements, expanded features, better integration, and accessible pricing for enhanced user experience.
Microsoft Entra ID needs better UI, integration, and support while improving onboarding, management, and third-party compatibility.
They want everything to be on the cloud, but even in the SaaS version of CyberArk Privileged Access Manager, they need to deploy some servers on-premises.
We cannot generate a plug-in for web-based applications.
If they want clients to move to the cloud, they need to support them in real-time.
A recent incident we dealt with took four months to resolve with a seven-day deadline, which was quite frustrating.
Synchronization issues occasionally occur, making it challenging to analyze logs and pinpoint the exact problem.
There is a need for better transformation support from on-premises Active Directory policies to the cloud, as Entra ID doesn't cover this sufficiently yet.
 

Setup Cost

Enterprise buyers find CyberArk costly but justify it with its top-notch capabilities and comprehensive security features.
Enterprise users praise Microsoft Entra ID for cost-effective, flexible per-user pricing, especially when bundled with Office 365 packages.
CyberArk is expensive compared to other products I know.
CyberArk is comparatively expensive compared to other PAM solutions, such as Delinea, especially during renewal.
CyberArk's SaaS solution is particularly expensive.
We are getting our money's worth.
Microsoft sets pricing based on customer demand, adjusting to find the optimal balance between sales volume and profit per unit, similar to how Costco manages product prices.
Most features of Entra ID are part of Microsoft's ecosystem and included in Microsoft 365 bundles, which means there are no additional costs associated with pricing and licensing.
 

Valuable Features

CyberArk Privileged Access Manager excels in security with credential management, AI-enhanced threat detection, and extensive integration capabilities.
Microsoft Entra ID offers seamless app integration, enhanced security, centralized management, and scalable user management for optimized organizational efficiency.
CyberArk Privileged Access Manager helps ensure data privacy because we now know who is using which credentials and at what time.
It keeps a record of activities, allowing me to easily fetch screen recordings to detect any misuse and see who did what and what happened.
It can integrate with Splunk, SNMP, and other solutions and technologies.
We can secure the applications that we are building and make sure that if the application were to be compromised, there is no full access to a customer's environment causing issues and other security concerns.
It's integrated with Microsoft technologies like Authenticator, SSO, and MFA, streamlining operations and creating a seamless environment.
The granular control, such as preventing logins from specific locations, enhances security significantly.
 

Categories and Ranking

CyberArk Privileged Access ...
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
221
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
Microsoft Entra ID
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
233
Ranking in other categories
Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Identity and Access Management as a Service (IDaaS) (IAMaaS) (1st), Access Management (1st), Microsoft Security Suite (2nd)
 

Featured Reviews

Lasantha Wijesinghe - PeerSpot reviewer
We have visibility and control through real-time user behavior analytics
It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.
Aaron Liang - PeerSpot reviewer
Has significantly improved secure access to applications and resources in our environment
Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment. The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users. Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
850,671 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
33%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
Educational Organization
28%
Computer Software Company
11%
Financial Services Firm
9%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
With the current model of licensing, for my use cases, sometimes it's hard to convince the management and get budget approvals for it. It's expensive and you're not getting anything new. It's just ...
How does Duo Security compare with Microsoft Authenticator?
We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...
What do you like most about Azure Active Directory?
It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
What is your experience regarding pricing and costs for Azure Active Directory?
Regarding pricing, for the services we receive, it seems within the market range and about average.
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Rockwell Automation
Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
Find out what your peers are saying about CyberArk Privileged Access Manager vs. Microsoft Entra ID and other solutions. Updated: April 2025.
850,671 professionals have used our research since 2012.