Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs HashiCorp Vault vs LastPass Business comparison

CyberArk and HashiCorp are both solutions in the Enterprise Password Managers category. CyberArk is ranked #3 with an average rating of 8.6, while HashiCorp is ranked #5 with an average rating of 8.8. CyberArk holds a 7.7% mindshare in EPM, compared to HashiCorp’s 10.0% mindshare. Additionally, 95% of CyberArk users are willing to recommend the solution, compared to 89% of HashiCorp users who would recommend it.
CyberArk Privileged Access ...
Read 227 CyberArk Privileged Access Manager reviews
  • 15,344 Views
  • 3,989 Comparison Views
95% willing to recommend
HashiCorp Vault
Read 18 HashiCorp Vault reviews
  • 5,644 Views
  • 5,644 Comparison Views
89% willing to recommend
LastPass Business
Read 12 LastPass Business reviews
  • 1,520 Views
  • 1,170 Comparison Views
78% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between CyberArk Privileged Access Manager, HashiCorp Vault, and LastPass Business based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Amazon Web Services (AWS), CyberArk and others in Enterprise Password Managers.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Enterprise Password Managers Report (Updated: October 2025).
Buyer's Guide
Enterprise Password Managers
October 2025
Download the complete report
Helped 869,760 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

As of October 2025, in the Enterprise Password Managers category, the mindshare of CyberArk Privileged Access Manager is 7.7%, down from 7.8% compared to the previous year. The mindshare of HashiCorp Vault is 10.0%, down from 13.2% compared to the previous year. The mindshare of LastPass Business is 3.5%, up from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Enterprise Password Managers Market Share Distribution
ProductMarket Share (%)
CyberArk Privileged Access Manager7.7%
HashiCorp Vault10.0%
LastPass Business3.5%
Other78.8%
Enterprise Password Managers
 

Featured Reviews

Atul-Gujar - PeerSpot reviewer
Secures critical infrastructures with essential user session audit records
A potential area for improvement is enhancing support for cluster environments and distributed Vaults. Clients in multiple countries that need central access have different challenges that require better solutions from CyberArk. For financial services, CyberArk can improve incident response by ensuring fast support for critical priority tickets to meet compliance requirements. Providing more documentation on CyberArk is recommended for new team members to enhance their troubleshooting capabilities. I understand it's up to the client, but 99% fail to change the demo key, so it's crucial for CyberArk to emphasize changing the key and documenting it as part of the installation process.
Read full review
Anand-Awasthi - PeerSpot reviewer
Offers dynamic secrets and certificate management for proactive security measures
The best features in HashiCorp Vault are its dynamic certificate management and dynamic secret management, which are the key features that use data effectively. These are very targeted use cases that cut across multiple solutions. I have utilized Vault's encryption capabilities for securing data in transit and at rest, especially for dynamically consuming database encryption, which covers the requirements of various scenarios where databases do not have encryption capability. HashiCorp Vault provides security by rotating the keys and taking all the burden of securing the data from the database. These are key core features that many users employ in this solution. Vault's audit logs provide insights into access patterns and help ensure compliance. These facilities are configurable, and the logs are encrypted, ensuring that anything recorded in the logs is secure. We could use systems that comply with specific standards for audit logging and scanning, especially when working with them. The benefits from HashiCorp Vault include significant advantages in security lifecycle management itself. The value becomes apparent when security incidents occur. It has substantial value in proactively protecting from adverse situations, providing resilience and appreciation by customers in complete security lifecycle management solutions for core infrastructure applications.
Read full review
MK
Straightforward to set up, good support, intuitive to use, and offers good value for the cost
The most valuable feature is being able to use a single master password to access all of your other passwords. One feature that is really important to us is the ability to create secure notes. In our scenario, these are notes such as how to get some of our devices on the network. They are processes and procedures that we don't want anybody else to see, especially within the IT department. It's a small department and we have very many processes that we use, but not on a daily basis, so we aren't going to remember them. By using LastPass and secure notes, we can go back to those notes in a secure fashion and remind ourselves how to do certain things. For instance, how to create a test database for accounting, which is something that we do once a year. We don't want that to be out in a non-secure fashion, where somebody in the public can see it.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"DVR like video recording and text-based recording for easier audits."
"Service count rotation is probably one of my favorite features... The ability to automatically rotate any password I need to really helps with the entire enterprise strategy that we're pushing right now."
"The PSM is excellent and the ability to write your own connectors and plugins is invaluable as far as flexibility goes."
"The logs and reporting features are impressive."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"The most valuable feature of CyberArk Privileged Access Manager is privileged threat analytics."
"I would recommend CyberArk Privileged Access Manager."
"It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."
More CyberArk Privileged Access Manager pros
"The product is free and easy to use. It is well documented with an easy implementation process."
"For me, the most valuable features include that it's easy to manage and maintain the password API for retrieving passwords and other things."
"It can still be configured by a separate team other than developers. That's why I think it's more secure."
"The most valuable feature of HashiCorp Vault is the management of tickets in the pipeline."
"The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applications, making it easy to set up and implement quickly. This allows you to test it easily and see good results rapidly. When you integrate an internal API or application, it quickly manages that application's secrets."
"The most valuable feature of HashiCorp Vault is version control."
"It is a good product to consider for companies who are looking to build on-premise or hybrid infrastructure."
"The benefits from HashiCorp Vault include significant advantages in security lifecycle management itself."
More HashiCorp Vault pros
"This product helps keep us secure."
"It's always hard to put a value on return on investment. You avoid one breach and it's paid for a million times over. We got a penetration test company internally, just to see how secure our network is, and there happened to be one bit of software that had been overlooked by an external company that managed it. It hadn't been upgraded so that managed to get them into the network. They would've been able to access through the test thing a file that we had previously. If that was a real-life scenario they would have been able to get into our network and get full access to our organization's passwords. If they did get in, they would have gotten access to the cloud. The ROI we see is that we are completely secured compared to what we had previously where there was a vulnerability."
"Reduction in number of sensitive passwords stored insecurely on local systems."
"It is easy to use."
"Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
"The most valuable feature is the liberty of keeping encrypted passwords and elevated information in a sealed vault."
"The initial setup for this process is straightforward and extremely easy. It just works."
"Off-boarding of people is easy without changing shared account passwords."
More LastPass Business pros
 

Cons

"The current interface doesn't scale that well, and has some screens still in the old layout."
"One of our current issues is a publishing issue. If we whitelist Google Chrome, all the events of Google Chrome should be gone. It is not happening."
"The Vault's disaster recovery features need improvement."
"Its pricing is a big challenge here. When it started, the product came in at a very low cost. Now, they are the leaders in the market, so the cost has grown and is quite huge."
"It is very complex and difficult to set up the solution."
"There are upwards of six components you need to set it up. And you might need anywhere from two to five servers. It takes some work to set that up, especially in a larger environment."
"Based on the user experience that I see on a day-to-day basis, some changes could be made to the Privileged Session Manager tool to make it more user-friendly. The user interface of that tool could be more advanced and understandable to laymen, rather than being more of a developer tool."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
More CyberArk Privileged Access Manager cons
"The technical support was hard to get a hold of and lacking in service."
"There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security."
"I would rate the stability a six out of ten. There are some bugs and glitches. We are in touch with the vendor to resolve them."
"The product is complicated to install."
"It would be helpful to have more advanced features."
"We could use more documentation, primarily to do with integrations."
"HashiCorp Vault can be improved from the security perspective, as it focuses on security lifecycle management. It requires other solutions for monitoring as users need to rely on tools that constantly monitor the system, especially database activity."
"An improvement needed is the ability for auto-initialization. There should be an inbuilt option for automatic initialization rather than running it manually."
More HashiCorp Vault cons
"I would like to be able to reduce the log out time of the session."
"One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself."
"The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass."
"It is not super feature laden. It does not stand out versus the competition."
"We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine."
"Its user interface should be better, and there should probably be more information about scalability."
"I struggle a little bit with the mobile app. As a browser extension, it works really well, and we are able to get to what we need to. However, on the phone, it's not quite as easy to navigate."
"I also don't like the add-in for Internet Explorer and Google Chrome, because when you do the add-in, you can actually save that to your credentials in your IE, and the problem is, if I left my screen open, or any of the IT people leave their screen open someone could come up and access all their credentials in LastPass without having to put a password in within your own network. I don't like that functionality. We've banned that from any of our staff adding that as an add-in because we see that as a security risk."
More LastPass Business cons
 

Pricing and Cost Advice

"They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."
"I would rate CyberArk's pricing a nine out of ten, with one being cheap and ten being expensive. It's one of the most expensive solutions in the market, but it's worth it."
"The price of CyberArk Privileged Access Manager is expensive. There are no other fees other than the standard licensing fees."
"If you want a Ferrari, it will cost you. The solution is really nice, so it costs the client, but in the long run, it is very good. If you buy a solution that costs a lot to maintain because it is not stable, and you are frequently asking for consultant support, it costs more."
"Cost efficiency is the number one thing that can be improved in my mind. This would change lots of companies minds on purchasing the product."
"CyberArk is very expensive and there are additional fees for add-ons."
"Its price is high. I have also worked with Delinea. CyberArk is comparatively expensive compared to other PAM solutions, such as Delinea, especially during renewal."
"No, I do not have any advice on the price of the product."
More CyberArk Privileged Access Manager pricing and cost advice
"The product is expensive."
"I am using the open-source version of Vault and I would have to buy a license if I want to get support."
"The AWS version is much cheaper than HashiCorp Vault."
"The solution's cost is reasonable."
"It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud."
"In my case, the open-source version works well. It's advisable for small to medium-scale organizations, but for large-scale organizations, you should go with the enterprise version."
"You do not have to purchase licenses for your entire organization. You can scale as adoption grows."
"The pricing and licensing are okay. Basically, at the last contract negotiation, they attempted to jack the rate up and we just said, "No." We still did negotiations with them, but they bumped everything up quite a bit."
"LastPass was cheap as chips. It was very cheap, hence one of the reasons we went with it. If you're a small organization and you're after something that'll do 90% of your requirements, it's very good. Licensing and all that was really cheap and simple to understand."
"I have been involved with many password managers. Passportal, Secret Server, CyberArk, and BeyondTrust. I chose LastPass for our organization because of the pricing. The organization didn't want to implement something really expensive. LastPass, for what it's offering, for the price that it's offering the service, is unbeatable."
"The previous pricing was of good value. I don't really know, as of now, whether the new pricing is. The Enterprise license is $48 per license per year now. That is a steep increase of $24, which is what it was when we first signed up."
"It would be nice to do a quarterly true-up process with them versus having to buy 50 licenses at a time when we realize we're out, then we have to buy more. So far, they have been nice about letting us exceed our allotment and just letting us true-up on our own, but a more robust quarterly true-up process would be good."
"I was not terribly alarmed with the pricing, and am pleased with the fact that a home license is included with each business license."
"In terms of pricing, my feeling is that they are all roughly the same. LastPass is in line with its competitors, plus or minute a dollar or two per month."
More LastPass Business pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
See recommendations
869,760 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
15%
Manufacturing Company
9%
Government
6%
Financial Services Firm
19%
Computer Software Company
13%
Manufacturing Company
9%
Government
6%
Computer Software Company
12%
Manufacturing Company
10%
University
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business59
Midsize Enterprise41
Large Enterprise171
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise9
By reviewers
Company SizeCount
Small Business8
Large Enterprise7
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to m...
See all answers
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
See all answers
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
Regarding costs, CyberArk Privileged Access Manager is not a cheap product; hence, many companies struggle with its h...
See all answers
Which is better - HashiCorp Vault or AWS Secrets Manager?
HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to w...
See all answers
What do you like most about HashiCorp Vault?
The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applicat...
See all answers
What is your experience regarding pricing and costs for HashiCorp Vault?
If I were to set it up in AWS Secret Management, I would have to manage it, pay, and create secrets without being clo...
See all answers
Ask a question
Earn 20 points
 

Comparisons

Microsoft Entra ID vs CyberArk Privileged Access Manager Logo
Microsoft Entra ID vs CyberArk Privileged Access Manager
Compared 7% of the time
WALLIX Bastion vs CyberArk Privileged Access Manager Logo
WALLIX Bastion vs CyberArk Privileged Access Manager
Compared 6% of the time
Delinea Secret Server vs CyberArk Privileged Access Manager Logo
Delinea Secret Server vs CyberArk Privileged Access Manager
Compared 5% of the time
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager Logo
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager
Compared 5% of the time
More CyberArk Privileged Access Manager Competitors
Bitwarden vs HashiCorp Vault Logo
Bitwarden vs HashiCorp Vault
Compared 28% of the time
Keeper Enterprise Password Manager vs HashiCorp Vault Logo
Keeper Enterprise Password Manager vs HashiCorp Vault
Compared 11% of the time
AWS Secrets Manager vs HashiCorp Vault Logo
AWS Secrets Manager vs HashiCorp Vault
Compared 10% of the time
Delinea Secret Server vs HashiCorp Vault Logo
Delinea Secret Server vs HashiCorp Vault
Compared 10% of the time
BeyondTrust Password Safe vs HashiCorp Vault Logo
BeyondTrust Password Safe vs HashiCorp Vault
Compared 3% of the time
More HashiCorp Vault Competitors
Azure Key Vault vs LastPass Business Logo
Azure Key Vault vs LastPass Business
Compared 11% of the time
OneLogin by One Identity vs LastPass Business Logo
OneLogin by One Identity vs LastPass Business
Compared 10% of the time
Keeper Enterprise Password Manager vs LastPass Business Logo
Keeper Enterprise Password Manager vs LastPass Business
Compared 8% of the time
Dashlane Business Password Management vs LastPass Business Logo
Dashlane Business Password Management vs LastPass Business
Compared 7% of the time
Zoho Vault vs LastPass Business Logo
Zoho Vault vs LastPass Business
Compared 7% of the time
More LastPass Business Competitors
 

Product Reports

Buyer's Guide
CyberArk Privileged Access Manager
October 2025
CyberArk Privileged Access Manager reportDownload CyberArk Privileged Access Manager product report
Buyer's Guide
HashiCorp Vault
October 2025
HashiCorp Vault reportDownload HashiCorp Vault product report
Buyer's Guide
LastPass Business
October 2025
LastPass Business reportDownload LastPass Business product report
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
No data available
LastPass Enterprise, Lastpasss Teams
 

Overview

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

  • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
  • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
  • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

HashiCorp Vault is a cloud-agnostic solution used for security and secret management. Its valuable features include integration with other HashiCorp tools, token sharing, open source nature, cloud agnosticism, and on-the-fly encryption management. 

The solution provides encryption of data at rest, in use, in transit, on the fly, and linked with applications. It is free to use, and the interface is simple to navigate. HashiCorp Vault has helped organizations with its multiple authentication methods and RESTful API.

HashiCorp Vault Features

  • Data encryption: The solution is capable of encrypting and decrypting data, and will not store it. Organizations’ security personnel define their own encryption protocols; developers can store the encrypted data where they choose and are not obligated to design specific encryption processes.

  • Robust secrets: For systems such as AWS or SQL databases, Vault is able to generate secrets automatically. HashiCorp Vault is able to generate AWS keypairs with all the appropriate permissions when necessary, and when the approved time expires, will nullify them.

  • Secure secret storage: Any type of value or key secrets can be stored in the Vault. The Vault automatically encrypts the desired secrets before recording them into persistent storage, keeping them safe and secure. Users can record data using HCP Vault’s Consul service or disk, or choose from other options.

  • Nullification: Vault is able to nullify single secrets or all secrets from a particular group or specific user. This process is integral in securing systems in the event of an attack or inappropriate access.

Reviews from Real Users

The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive. The lifecycle of a key is so easy to manage in terms of rotating, revoking, and issuing. They have different auth methods, and I tried all different auth methods. It is seamless.”- Project Manager at a comms service provider.

“The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud-agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp. “ - Mohamed A., Lead DevOps Engineer at Etisalat.

HashiCorp

LastPass Business enhances enterprise security with features like password sharing, user deactivation, and login control. Integrated with Active Directory, it ensures password management through a security dashboard, multifactor authentication, and YubiKey support.

LastPass Business provides comprehensive password management by supporting secure storage, shared folders, and master passwords for streamlined access. With an enterprise admin console and robust reporting tools, it efficiently manages credentials. It supports secure storage for procedures and notes, crucial for IT departments. Improvement areas include group inheritance, admin capabilities, and automated password rotation. Issues like URL recognition, plugin stability, and user access reporting need addressing. Enhancements in mobile app navigation and technical support are also needed, alongside increased customization and authentication options.

What are the key features of LastPass Business?
  • Password Sharing: Allows secure credential sharing among team members.
  • User Deactivation: Easily manage and deactivate user access.
  • Multifactor Authentication: Enhances security with additional authentication methods.
  • Security Dashboard: Provides insights into password health and security scores.
  • Integration with Active Directory: Facilitates user management and credential syncing.
  • Enterprise Admin Console: Centralizes admin controls for credential management.
What benefits should users expect when evaluating LastPass Business?
  • Enhanced Security: Multifactor authentication and secure storage protect sensitive data.
  • Improved Access Management: Streamlines login processes and improves control.
  • Efficient Credential Management: Simplifies admin tasks with reporting tools.
  • Collaboration Support: Securely shares credentials among employees and contractors.
  • Reduced Security Risks: Encourages complex password adoption and reduces simple password reliance.

In specific industries, LastPass Business is implemented as a vital tool for storing and synchronizing encrypted credentials, supporting robust password policies, and facilitating secure access control management. Organizations benefit from storing shared accounts and managing core enterprise admin passwords, promoting higher security standards across users and applications.

LastPass
 

Sample Customers

Rockwell Automation
Adobe, SAP Ariba, Citadel, Spaceflight, Cruise
Deakin University, Duke University, Code.org, Influitive, PeopleKeys, SMA Technologies, Skynamo
Buyer's Guide
Enterprise Password Managers
October 2025
Download Free Report
Find out what your peers are saying about Microsoft, Amazon Web Services (AWS), CyberArk and others in Enterprise Password Managers. Updated: October 2025.
DOWNLOAD NOW
869,760 professionals have used our research since 2012.