Try our new research platform with insights from 80,000+ expert users

CyberArk Endpoint Privilege Manager Primary Use Case

Sumit Chavan - PeerSpot reviewer
Lead Consultant at a tech vendor with 501-1,000 employees

My use case involves users who have admin rights and who do not have admin rights. We control the activities of users to stop them from downloading certain things from the Internet. We control their activities via CyberArk Endpoint Privilege Manager. There could be some plugins in some of the applications or some files that are not whitelisted in the infrastructure and could be harmful or disruptive for the organization. Only whitelisted applications are allowed on the end user's laptops, as well as the servers, and we control them via CyberArk Endpoint Privilege Manager.

View full review »
GH
Cybersecurity Manager at a consultancy with 10,001+ employees

My organization specializes in IT security solutions for the finance and manufacturing sectors. We use CyberArk Endpoint Privilege Manager as a core component of our endpoint protection strategy, alongside other essential security measures such as network security, security operation center services, vulnerability management, credential management, and identity access management.

View full review »
PH
Manager at a computer software company with 1,001-5,000 employees

For privileges itself, I, as a Windows administrator, can connect to a laptop or desktop, and I need multi-factor authentication. This is what I am using it for - to authenticate identities and access privileges.

View full review »
Buyer's Guide
CyberArk Endpoint Privilege Manager
June 2025
Learn what your peers think about CyberArk Endpoint Privilege Manager. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.
reviewer2600361 - PeerSpot reviewer
Global Security Systems Consultant at a insurance company with 10,001+ employees

Our primary use case for CyberArk Endpoint Privilege Manager is to control privileged access to endpoint machines, specifically managing local administrator access. We also use EPM to rotate local accounts on systems as often as we want, which helps manage what people can elevate into an administrative right through EPM.

View full review »
Marek Neumann - PeerSpot reviewer
Solution Architect at a consultancy with 10,001+ employees

I have been using CyberArk in financial services. The specific use case depends on my customer's needs. Sometimes, it is just about securing some departments, and some customers want to have protection against certain threats.

View full review »
DR
Commercial and Technical Professional Manager at Evolution Technologies Group

I work in the financial industry, currently providing services for Banco Colombia, one of the most important banks in Colombia.

View full review »
Jayasree Sriram - PeerSpot reviewer
Security Delivery Analyst at Accenture

I have worked on multiple projects for our clients. The day-to-day use case involves checking in CyberArk Endpoint Privilege Manager to see if there is any elevation request. I also create incidents for tracking purposes. We create accounts for different types of platforms and onboard the accounts. We check if any user has any issues with reconciling accounts or verifications. We track all that with the tickets.

For a project in the UK, the user raises the request for an application, and we will go and check the application to see whether the user has given a correct justification or not and why and where the user needs to download that application. After doing various checks, we decide whether to add that application to the trusted policy or not. Otherwise, we will require higher approval for whitelisting that application.

Additionally, we manually upgrade computers and handle onboarding, offboarding servers, and account monitoring.

View full review »
reviewer1247523 - PeerSpot reviewer
Head of Sales Services Department at a comms service provider with 51-200 employees

Customers use CyberArk Endpoint Privilege Manager to limit the administrative abilities of user accounts on laptops and endpoints. The big issue with Microsoft Windows operating system is a huge difference between advanced privileges that administrators have and simple user privileges that users have. Customers sometimes need something in the middle of those two positions, and Windows doesn't give a user-friendly interface to configure this from the operating system itself.

View full review »
David Morimanno - PeerSpot reviewer
Principal / President at INTEGRAL PARTNERS LLC

The solution is used for:

Rotating local administrator passwords: EPM can be used to rotate the passwords of local administrator accounts on endpoints, which helps to prevent attackers from gaining unauthorized access to these accounts.

Revoking access to privileged accounts: EPM can be used to revoke access to privileged accounts when users no longer need it, which helps to reduce the risk of unauthorized access.

Monitoring privileged activity: EPM can be used to monitor all privileged activity on endpoints, which helps to identify and investigate suspicious activity.

Auditing privileged access: EPM can be used to audit all privileged access to sensitive systems and data, which helps to comply with security regulations.

View full review »
Anish R - PeerSpot reviewer
Digital Architect - IAM at a manufacturing company with 10,001+ employees

We primarily use the solution on our endpoints. 

We are using pretty much everything there. Basically, what we are trying to do, is when the end user connects to machines, the actual Window servers, Linux servers, et cetera, everything is run through CyberArk. We haven't got into the Application Identity Management part yet, using CyberArk APIs. 

That said, we are using CyberArk whenever somebody wants to access a remote server or any server, for that matter. Our infrastructure is basically set up so that access is given through CyberArk.

View full review »
Anson Mani - PeerSpot reviewer
Cyber Security Consultant at a financial services firm with 1,001-5,000 employees

I use the solution in my company since some users need a certain level of activity in EXE files. The tool is used to block certain issues that we don't want in our environment.

View full review »
Asim-Bhatti - PeerSpot reviewer
Cybersecurity Consultant at Infosec Technologies Ltd

We use the solution to secure direct access to servers. Users could open their browsers and access resources. This applies to different teams, such as DevOps, IT services, and development teams. They can no longer use RDP connections directly to the server for their day-to-day tasks. Instead, they must log in to CyberArk with their account and then use a shared account to access the server. Another advantage is using (Privilege Access Management) PAM accounts, which have high permissions but are limited in their access.

View full review »
S Azeem - PeerSpot reviewer
Senior Technology Manager at a outsourcing company with 501-1,000 employees

We use the solution for cyber security to block unwanted things and ensure endpoint security. We also use the solution to collect user analytics.

View full review »
Karthik Raja - PeerSpot reviewer
Co-Founder at Unique Performance Techsoft Pvt Ltd

Our customers mainly use CyberArk EPM to remove admin privileges from end-user systems, especially for developers and IT people who need admin rights on their desktops. It resolves this issue by only giving admin rights for specific use cases and applications rather than full admin rights for the whole system. This keeps users happy while maintaining security.

Additionally, the tool provides insight into what software users use, has threat detection mechanisms to prevent credential harvesting, and offers proactive monitoring.

The main industries using CyberArk EPM are IT-enabled services and software development companies—mostly technology companies where users typically need full admin rights. The manufacturing and banking industries already tend to have more controlled environments, so they use them less.

View full review »
Ike-Ekweruo - PeerSpot reviewer
CyberArk Consultant at a tech services company with 11-50 employees

The primary use case for CyberArk Endpoint Privilege Manager (EPM) is to control applications on work sessions, particularly in environments where users are not supposed to have open rights. It can be utilized to remove local admin rights from work sessions and protect the local admin group from unauthorized modifications. By deploying policies on these work sessions, organizations can restrict users' privileges and prevent them from adding users to the local admin group, reducing administrative privilege risks on endpoints.

Furthermore, it enables the deployment of policies that allow users to elevate application permissions without granting additional user rights. These application policies benefit specific applications without affecting users' overall rights. For instance, developers may require elevated permissions for certain software applications without needing broader administrative rights. However, EPM does not directly improve an organization's response to endpoint threats. Instead, it depends on other policies, such as those designed to prevent ransomware attacks. These policies focus on different aspects of endpoint security, while application policies specifically address the elevation of application permissions for user tasks, such as development activities.

View full review »
AP
Delivery Manager at Tech Mahindra Limited

Previously, the enterprise EPM was on-premises. Now, it has gone to the SaaS model. So, we have used CyberArk professional services, wherein CyberArk deployed all the agents into our different Unix machines. This deployment is currently underway. The policy changes and the reconfigurations part are pending. In the coming quarter, or by the end of it,  the overall EPM deployment will be completed with this customer.

View full review »
Aparna Solanki - PeerSpot reviewer
Security Consultant at SNSIN

I use the solution in my company since its PAM features are used for privileged accounts.

View full review »
Fabio Facchinetti - PeerSpot reviewer
Solution Achitect at Var Group SpA

I work with CyberArk Endpoint Privilege Manager for my partners. It is mainly for compliance, managing credentials securely, and monitoring what's going on with those credentials. Also, there's this thing about limiting privileges for certain users in production environments. But it seems like it's not just for big setups, it's also used across all kinds of workplaces.

View full review »
Mohammed Talukdar - PeerSpot reviewer
Enterprise Architect - Information Security at EasyJet

I'm using it in my company. It helps us manage our endpoints and keep things secure.

View full review »
Oluwajuwon Olorunlona - PeerSpot reviewer
Cyber Security Engineer at eprocessconsulting

My primary use case for CyberArk Endpoint Privilege Manager is malware prevention. The solution enables malware detonation, which helps you solve ransomware problems. For example, suppose an unknown application comes into your environment, and you have installed a CyberArk Endpoint Privilege Manager agent. In that case, the solution will filter the unknown traffic from an unknown publisher and stop it from infiltrating. The solution dashboard also lets you know that specific software is suspicious. Still, it depends on the category, but malware prevention is one use case of CyberArk Endpoint Privilege Manager.

Classifying a trusted or whitelisted application is also a use case of the solution.

Another use case of CyberArk Endpoint Privilege Manager is stopping credential theft. For example, you have credential stores all around, whether you know it or not. You have credential stores in web browsers like Chrome and Microsoft Edge. The solution protects you against an attacker that has already gained access to your environment, an internal person that leverages your system and wants to go to your web browser, or probably there's a browser path attack where the person has access to your browser. He can check your credential store, but if CyberArk Endpoint Privilege Manager is in place, that situation will be prevented.

Just-In-Time Access is another use case of the solution. For example, there's no administrator privilege on the system, but let's say a database administrator or application administrator wants to use the credential. You can provide that person with Just-In-Time Access so he can use the credential for thirty minutes, then that credential expires once the time is up.

CyberArk Endpoint Privilege Manager also separates the privileges. For example, a team of application managers receives access to specific software that the network team can't access.

View full review »
reviewer1268721 - PeerSpot reviewer
Senior Consultant at a consultancy with 51-200 employees

CyberArk Endpoint Privilege Manager can be deployed across all platforms, such as AWS, GCP, and Ali Baba. 

The solution is used for management, multi-site failover, satellite vaulting, distributed architecture, custom CPM, PSM deployment, custom CCP, and CCP deployment.

View full review »
reviewer2539296 - PeerSpot reviewer
Technical Consultant at a computer software company with 11-50 employees

I have been working with the product for five years. 

View full review »
Omar_Jaimes - PeerSpot reviewer
Cybersecurity Architecture Manager at Data Warden

Inside we have a lot of applications, including three or four critical applications. With this application, remote users cannot run another application if you do not grant access to these applications. For example, if you want users to use Word or PowerPoint, you can allow usage of those and block usage of other things. If you want to run one application and you need to get permission, you send a ticket to ask for authorization to use it. That way, the company can control the access of every user.

View full review »
AI
Technical Manager at Gulf IT

We primarily use the solution on our endpoints. 

View full review »
reviewer1614768 - PeerSpot reviewer
IT Security Service Specialist at a manufacturing company with 10,001+ employees

We use CyberArk Endpoint Privilege Manager mainly for privilege management.

View full review »
PS
Enterprise Architect at a tech services company with 11-50 employees

Because we are dealing with personal health information, we have had to setup up a security broker for admin access in and out of the accounts.

They wanted to have a break-glass solution in case there was a problem with the multi-factor authentication or any other issues.

We chose to use CyberArk for their failover abilities. If the Multi-factor authentication fails then you can still log in and it has a second factor that authenticates.  

It gives them the break glass option that they needed.

View full review »
TB
Professional Services Manager at PT Korelasi Persada Indonesia

CyberArk Endpoint Privilege Manager is used for compliance with password policies.

View full review »
Ebenezer D - PeerSpot reviewer
Network Security & Data Management Admin at Digitaltrack

We are implementing this product to control the Privilege account. For example, from a Cyber Privilege account, we just want to know what the user is doing and how to control it. We use it for security and monitoring.

View full review »
UU
Tech Support at a tech services company with 11-50 employees

Our primary use case for this solution is to manage enterprise passwords and monitor session connections.

View full review »
YT
Channel Sales Manager at Cyber Knight Technologies FZ LLC

We use the solution as a Privilege Access Manager to manage user's passwords. 

View full review »
CK
Product Consultant at M.Tech

There are a lot of companies that have servers that want to monitor their members if they do something that violates their policy.

View full review »
Buyer's Guide
CyberArk Endpoint Privilege Manager
June 2025
Learn what your peers think about CyberArk Endpoint Privilege Manager. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.