IT Central Station is now PeerSpot: Here's why

CyberArk Enterprise Password Vault OverviewUNIXBusinessApplication

CyberArk Enterprise Password Vault is #3 ranked solution in top Enterprise Password Managers. PeerSpot users give CyberArk Enterprise Password Vault an average rating of 8 out of 10. CyberArk Enterprise Password Vault is most commonly compared to Azure Key Vault: CyberArk Enterprise Password Vault vs Azure Key Vault. CyberArk Enterprise Password Vault is popular among the large enterprise segment, accounting for 75% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
CyberArk Enterprise Password Vault Buyer's Guide

Download the CyberArk Enterprise Password Vault Buyer's Guide including reviews and more. Updated: July 2022

What is CyberArk Enterprise Password Vault?

CyberArk Enterprise Password Vault, a vital component of the CyberArk Privileged Access Manager Solution (PAM), is designed to create, secure, rotate, and control access to privileged accounts and credentials used to access systems throughout an enterprise IT ecosystem. CyberArk Enterprise Password Vault enables enterprise organizations to better understand the scope of their privileged account risks and put controls in place to prevent malicious or inappropriate account or credential access.

CyberArk Enterprise Password Vault uses a Central Policy Manager protocol (CPM) to perform the basic password management functions.

  • Verify Password Task - The CPM will pull the password from the vault and use it to log into the application or device to verify that the password is indeed correct and satisfies all the password safety protocols.
  • Change Password Task - The CPM will pull the password from the vault and create a new password that meets all preset protocols. It will send it to the device or application and then begin the process of changing it, using the same method that might be performed manually. The CPM will then update the password in the vault.
  • Reconcile Password Task - This task is utilized when there is a failure in either the Verify Password Task or the Change Password Task. Using a pre-established reconcile account from the vault, the CPM will use the reconcile account credentials to reset or fix problematic password issues due to changed passwords not being updated properly, new accounts being established, or any other failure with the above tasks.

Enterprise organizations can utilize the easily adaptable policies and protocols to enforce granular privileged access controls, automate workflows, and rotate passwords at prescribed regular intervals without requiring any manual IT effort. Additionally, to satisfy compliance regulations, organizations can easily generate reports to prove that passwords are being changed regularly according to guidelines, meet strict password safety protocols, and report on which users accessed what privileged accounts, when, why, and what device they were using. Enterprise organizations can know at all times that data has remained secure at all times. CyberArk Password Vault will have enterprise organizations audit-ready at all times, keeping them safe and secure from risks while maximizing productivity and profitability.

Reviews from Real Users

Irma S., a program manager at a HR/Recruiting firm, said, "I love how easily we could operate within Password Vault and get things done. It was almost effortless."

Another user, who is a security delivery analyst at a computer software company, relates that CyberArk Password Vault offers, “Good policy configuration and tech support.”



CyberArk Enterprise Password Vault Customers

AstraZeneca, Time, DBS, Novartis, Motorola, BT, pwc, Braun, Deloitte, Williams, Revlon, Belgacom, Barclays

CyberArk Enterprise Password Vault Pricing Advice

What users are saying about CyberArk Enterprise Password Vault pricing:
  • "CyberArk is very expensive and there are additional fees for add-ons."
  • "The SaaS version of CyberArk Enterprise Password Vault is very expensive, but the on-premises version is relative, e.g. depending on the size of the environment, it can be a bit pricey, but it's relatively okay compared to the others."
  • "It's per-company, license-based."
  • "It's an affordable platform."
  • "There are no additional costs other than the standard licensing fees."
  • CyberArk Enterprise Password Vault Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    PAM Architect at a tech services company with 11-50 employees
    Real User
    Top 5Leaderboard
    Stable, good support, and secures each password with individual encryption
    Pros and Cons
    • "CyberArk probably has probably the best vault on the market because of the multiple layered security and each password getting its own encryption."
    • "CyberArk has two disadvantages; the first is that it's insanely expensive and the other is it's very complex."

    What is our primary use case?

    I'm an integrator and we identify and provide performance discovery, and we select the best product for our clients. We have users that are administrators in the environment, and we convert them into a shared account model. Many of the organizations have two accounts. One is a regular user account and the other gives them administrative rights. CyberArk allows for a higher degree of segregation of duties, although CyberArk itself doesn't do that. You have to have knowledge of role-based access control and least privilege principles. It supports it, but you have to implement it. There is also service recording, service accounts on Windows Systems, and Linux systems, to rotate their passwords. You will find service accounts with passwords that are 5,000 to 8,000 days old, but not with CyberArk. It creates a very strong service to prevent attacks.  When passwords don't change it makes them very vulnerable and allows attackers significant lateral mobility within an organization. It gives them the necessary time to scout the environment and choose what their attack will be, whether it's going to be a ransomware attack or a data exfiltration attack or if it's going to go in to cause defamation to the company like creating a denial of service to clients. Also, hacking their Facebook page or their Twitter page are common attacks.

    What is most valuable?

    CyberArk probably has probably the best vault on the market because of the multiple layered security and each password getting its own encryption. Each password gets individual encryption. By the time you are able to crack one of the passwords, it's already been changed a dozen times. The attack surface on a CyberArk Vault is very nominal and in addition, CyberArk also has its own on-staff hackers where companies actually hire them to perform penetration testing, but within, inside the environment.

    What needs improvement?

    CyberArk has two disadvantages; the first is that it's insanely expensive and the other is it's very complex.  That's the downside because CyberArk was not built organically. It was built systematically. They're not built into the product. You have to shoehorn things in. You have to create programmatic interfaces to make things work, but that's why I said it's the most complex product. CyberArk is still in the model of managing accounts and passwords. When you're logged in as a domain admin, you're leaving footprints everywhere you go. These footprints can be picked up and replicated. So, I think CyberArk is behind the curve in that area. Customers are already having an issue with the cost of CyberArk and then you have to add another $100,000.00 to the bill for other application accounts. I would like to see a more streamlined and built-in programmatic onboarding and offboarding process. Something a little bit less complex than what they're currently doing. The price is the problem and also the architecture can be daunting because CyberArk really strongly encourages having hardware vaults. Most corporations are totally virtualized. I use virtualized vaults on everything including the high availability configuration.

    For how long have I used the solution?

    I started using Cyber-Ark Enterprise Password Vault when they were on version five or six, they are now on 11.5 or 11.6. I have been using this solution for a total of 15 years.
    Buyer's Guide
    CyberArk Enterprise Password Vault
    July 2022
    Learn what your peers think about CyberArk Enterprise Password Vault. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,229 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    CyberArk is very stable. If there is a problem, or if a problem does occur, unless you know exactly what to do and how to diagnose it, you may not be able to find it because there are so many moving parts. However, a good administrator can usually diagnose a problem fairly rapidly. They determine the root cause by performing a root cause analysis. Also, you should inform CyberArk because sometimes a fix might be required. CyberArk stopped performing single sign-on.

    What do I think about the scalability of the solution?

    CyberArk is very scalable. It's one of the things that I love and it's also one of the things that I hate about CyberArk. For example, it's a standalone vault that is practically uncrackable. If you want to do a password rotation you need to have a central password manager. It's called a CPM. If you want session recordings you have to have a PSM. They can be run on the same server, but eventually, the performance is going to be an extensive task.  A CPM is performing verification on passwords continuously, and to start stacking server roles on top of each other.  If you're a semi-vault in a small environment, with one server running CPM, PSM, and PDWA all on one box, it would be no problem with less than 10 administrators and only 70 servers. With other small or larger organizations that have hundreds of servers rendering that capability or that flexibility, you would have to have a dedicated CPM and dedicated PDWAs, which is the administrator web interface. For a medium-sized company where you want to do a session recording for all the administrator access, it will cause a problem. It will require multiple PSM servers and if you don't have a good administrator who documents the build process well, or they don't update it, then the problem shows when you build a new PSM. If they don't add all the applications to it then you're going to get an intermittent error across the low-balanced PFMs, where eight of the ten work, but two of them don't because they didn't install the SFQL agent. It's a very complex program, albeit very scalable. If you're a multinational corporation, you can have your vault in one location and have PSMs distributed where the systems are in the data centers. Then, the PDWAs and the CPMs would be in the data centers and you would have the PDWAs where the user populations are. Rather than having one single appliance or one single box that does everything, you end up having boxes distributed all over. This means that they have to do synchronization and it works out very well most times. We have small to large company clients. We have clients that have tens of thousands of administrative accounts and 1000 or so servers, to clients as small as having 70 servers with maybe only 750 to 1500 accounts.

    How are customer service and support?

    Technical support is awesome! CyberArk has excellent technical support. They may not be timely. They're not quick, but they're great. I would rate the technical support a ten out of ten. You have to follow the ticket creation process, which is in your benefit because you need screenshots and logs to be able to diagnose the problem. If you do that, then CyberArk comes back with some incredible support help and in most times it's something that I would have never been able to figure out because the product is very complex and it has a lot of moving parts.

    Which solution did I use previously and why did I switch?

    I have not used any other solution previously. CyberArk is what I learned first.

    How was the initial setup?

    The initial setup was very complex. There are a lot of moving parts. The skillsets for some of the advanced features require administrators to know how to program in specific APIs.  The complexity to implement is very high. On a scale of one to 10, it's a 9.5.

    What's my experience with pricing, setup cost, and licensing?

    CyberArk is very expensive and there are additional fees for add-ons.

    What other advice do I have?

    CyberArk Password Vault is probably the top vault on the market and Thycotic would be a close second. CyberArk is not always suited for our clients but it is the best solution. Eight out of 10 organizations don't implement it. Just because you know CyberArk doesn't mean you understand it. The SaaS solution is sound but the on-premises is primarily what I have worked on. I am CyberArk certified. When I started off several years ago, I got my CIS as PE. I was put into a security group in EDS.  Network admins who work for the company have to be administrators, with high skill levels.  Before implementing CyberArk, I would say do a very aggressive use case creation of everything that you're expecting the vault to do. The security architecture should be able to create high-level bulleted use cases. Security administration should be able to take it down to the next level of detail. They will have to add Conjure, which is another license for CyberArk. I would rate this solution a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Information Security Engineer II at a healthcare company with 1,001-5,000 employees
    Real User
    Top 20
    Stable and solid solution for managing passwords, and comes with auto password recycling and PSM features
    Pros and Cons
    • "If properly set up, CyberArk Enterprise Password Vault has good stability, and is a very solid tool. It can run by itself. Its most valuable features are auto password recycling and PSM."
    • "What needs to be improved in CyberArk Enterprise Password Vault is their customer support, particularly in terms of responsiveness, willingness to help, and being more understanding. The initial setup and upgrade process for the solution is complex and can only be done by CyberArk, so this is another area for improvement."

    What is our primary use case?

    Our use case for CyberArk Enterprise Password Vault is managing privileged accounts. These are local accounts, e.g. local desktops, laptops, or servers. They have a built-in administration account, so part of the solution is to ensure that that account's username and password are stored in the vault and managed by CyberArk Enterprise Password Vault.

    What is most valuable?

    The most valuable feature of CyberArk Enterprise Password Vault is the auto password recycling feature, which works this way: previous accounts which are managed by this solution get their password reset every time, based on our given parameters, e.g. every two days, every five days, every week, etc. You give CyberArk Enterprise Password Vault the number of days that you want the passwords to be changed, so users won't need to have their passwords written somewhere. They can just log on to the solution and retrieve the password. They may even be able to remotely connect to the devices that they want to connect to via the PSM function of CyberArk Enterprise Password Vault.

    What needs improvement?

    What needs to be improved in CyberArk Enterprise Password Vault is their customer support, because as administrative engineers, since we're not experts in the solution, we have to rely on customer support.

    Their customer support needs improvement in terms of being responsive and being understanding. They are knowledgeable, but responding and willingness to come and help knowing that it's their tool, rather than relying on the engineers from the customer side, e.g. our side, to do all the technical things.

    The initial setup and upgrade process for CyberArk Enterprise Password Vault is complex and can only be done by CyberArk, so this is another area for improvement.

    For how long have I used the solution?

    My experience with CyberArk Enterprise Password Vault is almost three years.

    What do I think about the stability of the solution?

    CyberArk Enterprise Password Vault stability is good. If it's properly set up, it can just run by itself. It's a very solid tool, but it has to be properly set up because a simple misconfiguration can create a lot of pain. Once set up, it's really good.

    How are customer service and support?

    Customer support for this product still needs some improvement.

    How was the initial setup?

    The initial setup for CyberArk Enterprise Password Vault is another pain point, because the setup, including upgrading the solution, can only be done by CyberArk themselves. They have professional services involved to get an initial setup done, and to even do an upgrade, because of the complexity of the product itself.

    What's my experience with pricing, setup cost, and licensing?

    The SaaS version of CyberArk Enterprise Password Vault is very expensive, but the on-premises version is relative, e.g. depending on the size of the environment, it can be a bit pricey, but it's relatively okay compared to the others. It's their SaaS solution that's expensive.

    What other advice do I have?

    We're using version 11.1 of CyberArk Enterprise Password Vault.

    It's probably not fair to judge CyberArk Enterprise Password Vault based on my overall experience with it, because the tool itself is brilliant, though it's a little bit complex in terms of how it is set up. The customer service could still be improved to meet the standards, but I'm giving CyberArk Enterprise Password Vault a score of seven out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Buyer's Guide
    CyberArk Enterprise Password Vault
    July 2022
    Learn what your peers think about CyberArk Enterprise Password Vault. Get advice and tips from experienced pros sharing their opinions. Updated: July 2022.
    610,229 professionals have used our research since 2012.
    Technical Lead IMSS at a computer software company with 1,001-5,000 employees
    Real User
    Top 20
    Create, request, access and manage privileged passwords
    Pros and Cons
    • "It's highly secure and very flexible. It gives us all types of storage options and it gives us a high level of security."
    • "The only problem involves granting access to people who are authorized to view it."

    What is our primary use case?

    We use it for storing and rotating passwords.

    Within our organization, a lot of people are using this solution for a lot of projects. We have already implemented CyberArk as a SaaS solution. We are not using the core parts, but we are using the software as a service for a project.

    At my previous job, there was a team of seven people who were in charge of maintenance. Mostly analysts, senior analysts, and a technical lead used this solution. 

    What is most valuable?

    It completely depends on the requirement. For some of the RPA robotic types of user identity, we prefer for it to happen in an automatic way, but some of them are highly critical, so we don't do it automatically. As for the end-user experience or expectation, if they want to change it at their end, they can do it.

    What needs improvement?

    I don't see any problems because it's highly secure and very flexible. It gives us all types of storage options and it gives us a high level of security. From my experience, overall, I don't see many problems that need to be rectified.

    The only problem involves granting access to people who are authorized to view it. This user management area is the most critical. We have to constantly check on that area and we have to review and give proper access. Nobody should have more access than they are authorized for.

    For how long have I used the solution?

    I have been using CyberArk Enterprise Password Vault for eight years.

    What do I think about the scalability of the solution?

    It's scalable at the component level. If you want to add some of the latest components, or if you want to implement biometrics or MFA, this solution can handle that — it's very easy to implement.

    How are customer service and technical support?

    The tech support is amazing. If you have any issues that you need help with, the CyberArk support team reaches out very quickly, depending on the criticality of the issue. If it's critical, they will reach out to you within hours.

    The vendor support is really good.

    How was the initial setup?

    The initial setup is quite straightforward. These days they have an automatic script — It is much less time-consuming.

    We used to do it manually which would take almost two to three hours in total.

    What about the implementation team?

    We did it in-house. I'm certified in CyberArk; I've also installed it for clients as well.

    What's my experience with pricing, setup cost, and licensing?

    The licensing plan is either six months or one year — it's not on a monthly basis.

    Every company will have a different license fee, but ultimately, it comes down to how many users you want to manage and how many companies you want to support. If you want three CPMs, then you'll need licensing for three. It's per-company, license-based.

    Which other solutions did I evaluate?

    I am currently evaluating other solutions. A few of them do not support PTA. Some of them don't have DevOps properly managed. Others don't give you the DNE facility, which is free of charge with CyberArk.

    What other advice do I have?

    I would definitely recommend CyberArk Enterprise Password Vault.

    On a scale from one to ten, I would give this solution a rating of eight.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Director at a tech services company with 11-50 employees
    Reseller
    Top 20
    Every aspect of the solution is very well integrated and it is fail-safe
    Pros and Cons
    • "Every aspect of the solution is very well integrated, and even that gives comfort. It is a fail-safe kind of environment."
    • "Having a cloud version would be very helpful. You have to invest a lot of money for the infrastructure hardware so the cloud version would help."

    What is our primary use case?

    There are threats that get opened because of the vulnerability of privileged access that says to directly put it in a vault.

    What is most valuable?

    Every aspect of the solution is very well integrated, and that gives comfort. It is a fail-safe kind of environment. I think that's the fail-safe feature makes customers comfortable because there are no non-integrable stuff or cures. For example, a vault would have its own anti-virus,  its own application, its own operating system to stay hardened. It is absolutely hardened for it to be protected from the outside world.

    What needs improvement?

    Having a cloud version would be very helpful. You have to invest a lot of money for the infrastructure hardware so the cloud version would help.

    For how long have I used the solution?

    My organization has been using this solution for a few years but I joined the company three months back.

    What do I think about the stability of the solution?

    It is very stable.

    What do I think about the scalability of the solution?

    Our clients are large enterprises. It is easy to scale.

    How are customer service and technical support?

    Our customers contact us for any technical support, but we are able to sort out customer issues to a very large extent. We only had to connect with CyberArk at L-3 level or L-4 level. We are able to address most of our customer's issues. 

    I would rate their support a nine out of ten. 

    Which solution did I use previously and why did I switch?

    We have had customers use a competitive product that CyberArk has replaced but it is not very common. It is not very easy to change your Privileged Access Management framework so easily.

    CyberArk is fail-safe, it has a threat intelligence filter, and prevention threat attacks. That sets the product apart from others, and I think the other part is their ability to onboard a maximum number of resources like storage network, security, IoT devices, and RPAs. Its ability to pervasively onboard almost all critical privileges and resources across the organization is where it stands out in a really big way.

    How was the initial setup?

    I didn't implement it. I don't believe we've had any problems implementing it. I've never heard any issues. I'd say it's neutral.

    What's my experience with pricing, setup cost, and licensing?

    There are costs in addition to the standard licensing. There is an implementation fee. Those are additional fees and the customer has the annual maintenance, the software, and whole maintenance cost added to that. So there are additional costs besides this standard license.

    What other advice do I have?

    The most important phase is the discovery phase. Pay the most attention to that. Spend the most amount of time on the discovery phase, which is really the startup planning. The project becomes smoother. Book stricter guidelines on timelines and let there be a senior sponsor part of the project so that you are able to get milestones addressed quickly otherwise, these projects tend to drag longer.

    In the next release, I would like to have the cloud option and all of the features that come with it. 

    I would rate CyberArk a nine out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
    Engineering Manager at a comms service provider with 1,001-5,000 employees
    Real User
    Top 5
    Once you complete the setup, you have everything at the click of a button.
    Pros and Cons
    • "The logs and reporting features are impressive."
    • "CyberArk's license is too expensive. I rate it seven out of 10 for affordability."

    What is our primary use case?

    We Enterprise Password Vault to manage privileged credentials as well as some server and activity logging.

    How has it helped my organization?

    Before we implemented CyberArk, we had no password vault, so it was challenging to keep a record of who made changes and had access. With CyberArk, everything is a click away for us. We don't need to worry about reporting and other things. We can on our server to check who had access and the changes they made. 

    What is most valuable?

    The logs and reporting features are impressive.

    For how long have I used the solution?

    We've been using CyberArk for about five years now.

    What do I think about the stability of the solution?

    CyberArk is stable, and the performance is awesome.

    What do I think about the scalability of the solution?

    CyberArk is highly scalable. You don't need to worry about being dependent on only one server because you can deploy to multiple ones and manage it with all of them. If one fails, you can still use your access, so I think it's scalable.

    We aren't using the solution extensively, but we plan to expand, and we'll definitely we'll continue with the same solution.

    How are customer service and support?

    I rate CyberArk support 10 out of 10. We have contacted tech support a few times for help with some of the cases, and the support was perfect.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    We didn't have a password vault solution before CyberArk. 

    How was the initial setup?

    The initial setup was straightforward for us, but it depends on how you want to use it. It will become a little complex, and you need to gain some knowledge to customize it how you want. That applies to any product. I'll rate CyberArk 10 out of 10 for ease of setup. 

    It took us around five or six months to deploy because we were also testing out some other products at the same time. And after testing for a few months, we decided to go with CyberArk for the final production rollout. Once you complete the setup, you don't need much maintenance, but we have around 40 system administrators managing the CyberArk server. 

    What about the implementation team?

    We did the deployment with our in-house team.

    What's my experience with pricing, setup cost, and licensing?

    CyberArk's license is too expensive. I rate it seven out of 10 for affordability.

    Which other solutions did I evaluate?

    We tried a couple of solutions before selecting CyberArk. Some of them are highly secure, but the reporting functions were tricky. A few were highly scalable, but they required a lot of resources to manage. We preferred CybeArk because it's easy to use and set up. Once you complete the setup, you have everything at the click of a button.

    What other advice do I have?

    I rate CyberArk Enterprise Password Vault nine out of 10. If you're worried about privileged ID management, security, and scalability, you should go with CyberArk.

    Which deployment model are you using for this solution?

    Private Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Senior Presale - BU Information Security at a tech services company with 51-200 employees
    Real User
    Feature-rich, good performance, scalable, and has a user-friendly interface
    Pros and Cons
    • "It's a highly flexible solution that can adapt to each customer's needs."
    • "The initial setup could be simpler but it may not be as effective."

    What is our primary use case?

    We implement this solution for our customers. We are system integrators, not end-users.

    The main use case is for secure access, and monitoring the access by IT administrators.

    What is most valuable?

    I like the performance of CyberArk Enterprise Password Vault.

    Definitely, it's a reliable solution.

    It has a wide range of features. They are probably the widest range of features on the market. It is the main reason customers usually select this product.

    This solution works very well, and the feedback from our customers is very good.

    Integration is one of the strongest capabilities of this solution. There are hundreds of integrations that are ready to use. It is continuously growing, which is one of its strengths.

    The interface is really user-friendly.

    It's a highly flexible solution that can adapt to each customer's needs.

    Another strength, for both performance and the security levels, is the segregation of the different rules of the solution.

    What needs improvement?

    The initial setup could be simpler but it may not be as effective.

    For how long have I used the solution?

    I've been using CyberArk Enterprise Password Vault for three years, and the company began using it in 2003.

    This solution is used mainly on-premises, but the trend is to go with hybrid and cloud deployment for new projects.

    What do I think about the stability of the solution?

    CyberArk Enterprise Password Vault is a stable product.

    What do I think about the scalability of the solution?

    CyberArk Enterprise Password Vault is easy to scale.

    How are customer service and support?

    I have not contacted technical support. I deal in the presales department. I don't manage the technical aspects of delivery and support.

    How was the initial setup?

    We needed to build a specific project that is tailored for each customer. It requires a bit of design with the first part of the project, which is a benefit because the solution has high performance and is built on the needs of the customer. 

    There is a bit of a setup initially, but it provides them with a good result for the project.

    What's my experience with pricing, setup cost, and licensing?

    It's an affordable platform.

    It is not the cheapest solution available on the market, but if you want a good project, you need to have the value of the solution you are selecting. 

    In my opinion, it is a good compromise between the cost and the benefits. I think the price is fair.

    What other advice do I have?

    I would definitely recommend this solution to others who are interested in using it.

    I do not have visibility with other solutions that may be better or more up-to-date.

    I would rate CyberArk Enterprise Password Vault a ten out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    Senior Leader at a financial services firm with 5,001-10,000 employees
    Real User
    Useful password vaulting, reliable, and simple deployment
    Pros and Cons
    • "The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use."
    • "CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve."

    What is our primary use case?

    CyberArk Enterprise Password Vault can be used for password vaulting and purpose session management.

    What is most valuable?

    The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use.

    What needs improvement?

    CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve.

    For how long have I used the solution?

    I have been using CyberArk Enterprise Password Vault for approximately seven years.

    What do I think about the stability of the solution?

    The stability of CyberArk Enterprise Password Vault depends on what you use it for. It is very stable when using a single vault. I had the most problems using the distributive vault. They've worked through some of that, so it's more stable now.

    What do I think about the scalability of the solution?

    The scalability of CyberArk Enterprise Password Vault is okay. The distributive vault is what would affect the scalability and there were some issues with that that I've run into.

    We only have a small number of users in the current company I am working at, and the previous company I was working for had hundreds of users using the solution. 

    We do not plan to increase the usage of this solution.

    How are customer service and support?

    The support from CyberArk Enterprise Password Vault is good.

    I rate the support from CyberArk Enterprise Password Vault a four out of five.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    I did not use a solution similar to CyberArk Enterprise Password Vault.

    How was the initial setup?

    The initial setup of CyberArk Enterprise Password Vault was straightforward. The time it took to implement was two months.

    What about the implementation team?

    We did the implementation of CyberArk Enterprise Password Vault in-house.

    We have approximately nine people for the deployment and maintenance of CyberArk Enterprise Password Vault.

    What was our ROI?

    We have seen a return on investment from using CyberArk Enterprise Password Vault.

    What's my experience with pricing, setup cost, and licensing?

    There are no additional costs other than the standard licensing fees.

    Which other solutions did I evaluate?

    We evaluated other solutions but we decided to choose CyberArk Enterprise Password Vault because they were a key player in the market who invented the space.

    What other advice do I have?

    CyberArk Enterprise Password Vault is great. It excels on-premise. If you were looking at the hybrid or other solutions, there are other solutions that were built in that environment. They're probably a little ahead of CyberArk Enterprise Password Vault at this point.

    I rate CyberArk Enterprise Password Vault an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Security at a tech services company with 201-500 employees
    Real User
    Top 5
    Its privileged session management is valuable for monitoring your inside threats, but it's a lot of work to set up
    Pros and Cons
    • "Password Vault's main advantage is its scalability. We constantly see huge enterprises implementing something like this, and the privileged session management is an excellent piece. You can kind of watch videos of whatever an admin has done."
    • "There are upwards of six components you need to set it up. And you might need anywhere from two to five servers. It takes some work to set that up, especially in a larger environment."

    What is our primary use case?

    Companies often have an enormous amount of admin credentials out there. They want to find out how many they have, start cleaning them up, and ensure they're all kept in an encrypted vault. Password Vault is probably the top product in that space, and it's a monster to implement, but CyberArk is great at what they do.

    What is most valuable?

    Password Vault's main advantage is its scalability. We constantly see huge enterprises implementing something like this, and the privileged session management is an excellent piece. You can kind of watch videos of whatever an admin has done. So, for example, if an admin doesn't check out their password and fires up a session on a machine, you can see playback. Scalability and those particular features are pretty valuable for monitoring your insider threat.

    What do I think about the stability of the solution?

    Our customers haven't complained about any stability issues, and we've set Password Vault up for quite a few customers. However, the stability depends on the equipment unless they do it in the cloud. But if they're setting up on a bunch of VMs, and that VM store goes down, that's not necessarily a CyberArk problem. That's more of a problem with Windows or VMware, etc., or something like that. So I guess the stability's fine.

    How was the initial setup?

    There are upwards of six components you need to set it up. And you might need anywhere from two to five servers. It takes some work to set that up, especially in a larger environment.

    What's my experience with pricing, setup cost, and licensing?

    On-prem CyberArk is pretty expensive. It's pricey and you get what you pay for. It's an incredible product for what it does, but it's significantly cheaper to go to the cloud.

    What other advice do I have?

    I would rate Password Vault seven out of 10. I'd only go that low because of how challenging the installation can be. I advise our customers to consider using CyberArk's cloud option because many people just reflexively lean toward the on-prem solution. The cloud solution is considerably less expensive. It's still complex to set up the different components and make it all work together, so I suggest you make sure you need all those components. Maybe you don't even want to use everything there, but consider the cloud version. It's the same product, but it's more straightforward and cost-effective. You're not losing any functionality.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    Buyer's Guide
    Download our free CyberArk Enterprise Password Vault Report and get advice and tips from experienced pros sharing their opinions.
    Updated: July 2022
    Buyer's Guide
    Download our free CyberArk Enterprise Password Vault Report and get advice and tips from experienced pros sharing their opinions.