CyberArk Enterprise Password Vault Valuable Features
CyberArk is a good and adaptive solution. It is easy to adopt and install. It is easy for every use case.
View full review »The password rotation and cyber gateway have been quite useful. It's a solution that allows you to search for passwords for your servers and accounts. This is the most feature power.
The solution is quite stable.
It is scalable on the cloud.
IS
IrmaShattuck
Program Manager at a recruiting/HR firm with 5,001-10,000 employees
I love how easily we could operate within Password Vault and get things done. It was almost effortless. After we went through the implementation phase, it did what was promised, and we did not have to call support. It was a flawless install. All of us had experience as well because we got our certifications. We'd worked with it for at least a year.
View full review »Buyer's Guide
CyberArk Enterprise Password Vault
April 2024
Learn what your peers think about CyberArk Enterprise Password Vault. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,995 professionals have used our research since 2012.
CyberArk has a lot of modules, such as Enterprise Password Vault, which is the heart of the solution and needs to be up and running at any time. Privileged accounts and session recordings get stored inside the vault itself.
Likewise, we can configure high availability for the vault, like an active/passive or an active/active configuration. Replication disaster recovery is also supported.
CyberArk is also capable of rotating the credentials for a lot of endpoints. It has the CPM plugins by default for password management, Windows and Linux, as well as databases like Oracle and MS SQL, and can also rotate to some network devices like Cisco 9000.
We have Privileged Access Management, a general server between the user's and the target's machine. All of the sessions go from that server to the target endpoints. Once the end user disconnects the session, the session recordings and live monitoring will be uploaded to the vault. That recording will be stored for 180 days for auditing.
Another component is Privileged Threat Analytics. It detects any threats on target machines. For example, an end user might connect to a Linux endpoint and try to run privileged commands. Those commands are customizable and can be defined in the PTA as well. Whenever those users run those particular commands on the target, the PTA will report suspicious activity and report to security admins in the organization via mail or even on the web portal. We have a separate tab for security.
Within security events, these particular suspicious activities will be detected as threats and attain a risk score, "This is the user who connected to this particular target and ran these particular commands or applications."
CyberArk has a remote access solution called CyberArk Remote Access Alero. CyberArk also supports HTML gateways so that users can connect from outside the network without a VPN connection.
The solution has many advantages, such as the user interfaces and remote app features when using local applications when sessions are getting established over RDP, SSH, database, and web browsers. It is easy for administration as well.
View full review »TM
Tasfamichael Mijena
Manager at OIB
The most valuable feature of the solution is session recording.
View full review »The most valuable feature of the solution stems from the fact that it's the best in the market. I haven't seen any other PAM solutions better than CyberArk Enterprise Password Vault.
The most valuable features of CyberArk Enterprise Password Vault are password rotations and password encryptions.
CyberArk Enterprise Password Vault has a lot of enterprise-level features compared to other PAM products. It's a well-known product, and its implementation is very easy. The solution has good documentation compared to other products. CyberArk Enterprise Password Vault is legitimate software that releases patches as per vulnerability.
The tool has safe vaults. We keep our passwords in the Vault. The tool’s recording feature is also valuable for us.
View full review »AD
Alexander Djuraev
Sales Engineer at Softprom by ERC
The solution's most valuable features are one-time password and exclusive access.
View full review »CyberArk's best aspect is it lets you store the password, and it allows you to connect to those connected systems' passwords. For example, there is an AD in your organization, and you have stored the AD password. Say you want to change the AD password; you just have to change it in CyberArk. CyberArk itself will change the password in the connected system. That's one nice feature they have introduced in the latest features.
View full review »CD
reviewer1702128
Senior Leader at a financial services firm with 5,001-10,000 employees
The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use.
View full review »SS
reviewer1386330
Manager Engineering at a comms service provider with 1,001-5,000 employees
The logs and reporting features are impressive.
View full review »DS
Deepak Sahani
Manager II, Cyber Operations at OPTIV
Previously, we used to share passwords for service and normal admin accounts among team members. However, since we started managing it through the product, we've transitioned to individual admin accounts or implemented dual control for shared accounts. With dual control, exclusive checking and checkout options are available, and passwords are not stored in clear text anywhere in the credentials.
The solution's most valuable features are automatic password rotation, privilege manager, and secret manager. Previously, IT personnel had admin rights on their regular accounts, allowing them to log in to domain controllers. However, this posed a security risk as compromised accounts could grant unauthorized access to domain controllers. To mitigate this risk, we implemented separate DA accounts for IT staff. These DA accounts were restricted from logging in to domain controllers and did not have associated email addresses. They were dedicated AD accounts solely for accessing domain controllers, and the solution handled their management.
Previously, manually rotating admin credentials was a time-consuming task. However, implementing the tool's automatic password management feature has made this process easier. We've configured defined policies within the solution to dictate when these credentials should be changed.
View full review »- Session recording
- Password rotation
DH
DanHines
Technologist - Specialty in Identity and Access Management at Sears Technology Services Incorporated
- Reporting and PSM I feel are the two biggest points for us. We provide our audit team with failed password reporting, safe membership, and privileged account inventory reporting.
- The DNA scan is very helpful and provides a security baseline for your environment. I highly recommend running a DNA scan on your environment.
EPV (Enterprise Password Vault) is the most valuable feature of the product to me. It is the core of the product, where it stores the passwords it needs to protect. It protects privileged IDs within a secure digital vault.
View full review »We have found the core features of the product most valuable, such as password management, session recording and vaulting.
View full review »DK
reviewer1797750
Information Security Engineer II at a healthcare company with 1,001-5,000 employees
The most valuable feature of CyberArk Enterprise Password Vault is the auto password recycling feature, which works this way: previous accounts which are managed by this solution get their password reset every time, based on our given parameters, e.g. every two days, every five days, every week, etc. You give CyberArk Enterprise Password Vault the number of days that you want the passwords to be changed, so users won't need to have their passwords written somewhere. They can just log on to the solution and retrieve the password. They may even be able to remotely connect to the devices that they want to connect to via the PSM function of CyberArk Enterprise Password Vault.
View full review »MN
reviewer1643352
Manager at a consultancy with 10,001+ employees
The most valuable feature is privileged session management.
View full review »FP
FabioPericoli
Director / Engineer at Provincia
Our most valuable features would probably be password/key rotation, the SSH key manager, account discovery and quality of video recordings.
GJ
reviewer1324719
PAM Architect at a tech services company with 11-50 employees
CyberArk probably has probably the best vault on the market because of the multiple layered security and each password getting its own encryption. Each password gets individual encryption. By the time you are able to crack one of the passwords, it's already been changed a dozen times.
The attack surface on a CyberArk Vault is very nominal and in addition, CyberArk also has its own on-staff hackers where companies actually hire them to perform penetration testing, but within, inside the environment.
View full review »CS
reviewer1737573
Manager at a financial services firm with 5,001-10,000 employees
The feature I find most valuable is the password credential rotation.
View full review »FF
reviewer1584756
Senior Presale - BU Information Security at a tech services company with 51-200 employees
I like the performance of CyberArk Enterprise Password Vault.
Definitely, it's a reliable solution.
It has a wide range of features. They are probably the widest range of features on the market. It is the main reason customers usually select this product.
This solution works very well, and the feedback from our customers is very good.
Integration is one of the strongest capabilities of this solution. There are hundreds of integrations that are ready to use. It is continuously growing, which is one of its strengths.
The interface is really user-friendly.
It's a highly flexible solution that can adapt to each customer's needs.
Another strength, for both performance and the security levels, is the segregation of the different rules of the solution.
View full review »BZ
BrettZych
Identity and Access Management Advisor at a energy/utilities company with 5,001-10,000 employees
Service count rotation is probably one of my favorite features. Even though we're not using it right now, we're going to be using it in the future. The ability to automatically rotate any password I need to really helps with the entire enterprise strategy that we're pushing right now.
The solution's ability to manage all our access requirements at scale is interesting, actually. It does everything we need it to, and it's not a tool that I expected we would be using at this scale, as an enterprise-wide client. A little bit of history on that being that when we first started using it, it was a glorified password vault. It was a store. It was KeePass. So we really scaled it up and it's been a really interesting journey.
View full review »JB
reviewer1513359
Technical Consultant at a outsourcing company with 51-200 employees
The accounts are maintained automatically. Hence, resource and administration costs are less.
View full review »RS
Renato Santos
Cyber security architect at a financial services firm with 10,001+ employees
The privileged support manager is the most valuable feature of CyberArk Enterprise Password Vault.
View full review »Auditing and control are the most valuable. You can control password management almost to the max, giving you, your users and your auditors great flexibility without compromising security.
The auditing and control is more valuable to the enterprise than to myself. Apparently one of the overseas offices was able to track and identify misuse of a privileged account. In addition, it is heavily used during the periodic user/account recertification process.
View full review »PG
reviewer1455795
Technical Lead IMSS at a computer software company with 1,001-5,000 employees
It completely depends on the requirement. For some of the RPA robotic types of user identity, we prefer for it to happen in an automatic way, but some of them are highly critical, so we don't do it automatically. As for the end-user experience or expectation, if they want to change it at their end, they can do it.
View full review »SS
reviewer1386330
Manager Engineering at a comms service provider with 1,001-5,000 employees
The interface is very simple to use.
Security-wise, CyberyberArk is better than the other products.
View full review »The PSM is excellent and the ability to write your own connectors and plugins is invaluable as far as flexibility goes.
View full review »AK
Ashish Khanal
Identity and Access Management Consultant at a tech services company with 10,001+ employees
The features that I value most are the PSM connect option, where an authorized user doesn't even require a password to open a session to perform their role. Another feature that I think is really valuable is being able to monitor a user's activity; there is always a log recording activities performed by the privileged accounts in CyberArk.
View full review »KK
Kishore Kumar
SAP CRM /C4C /SAP Hybris at ATOS
CPM, which helps keep the password policy up to date. which eventually helps to maintain the GDPR data security requirements for almost every client in Europe and elsewhere.
View full review »DW
reviewer1329747
Security at a tech services company with 201-500 employees
Password Vault's main advantage is its scalability. We constantly see huge enterprises implementing something like this, and the privileged session management is an excellent piece. You can kind of watch videos of whatever an admin has done. So, for example, if an admin doesn't check out their password and fires up a session on a machine, you can see playback. Scalability and those particular features are pretty valuable for monitoring your insider threat.
View full review »GK
reviewer1226001
Consultant at a financial services firm with 5,001-10,000 employees
The most valuable feature is that it is flexible. It has many connectors. that have done well, the EPV and SSH sessions are all being recorded and everything works fine.
View full review »JF
reviewer1337610
Security Architect at a financial services firm with 10,001+ employees
The most valuable feature is the ability to delegate access to admins when they need it. It allows us to have some kind of proof on the approval process, rather than give people standing access on a full-time basis.
View full review »GB
reviewer1749054
Security Delivery Analyst at a computer software company with 10,001+ employees
Password Vault's policy configuration is very good - when you receive an attack, you can segment the structure of the project in order to isolate parts or users.
View full review »PR
reviewer1426374
Director - Enterprise Security, Fraud and Supplier Risk Management at a financial services firm with 1,001-5,000 employees
I haven't really thought about anything that I want to use it for, that I couldn't use it for.
View full review »MH
reviewer794646
Information Security Analyst at a financial services firm with 1,001-5,000 employees
CyberArk's GUI is user friendly.
View full review »OZ
Oleksiy Zaionchkovskyy
Lead Systems Architect at IT Specialist LLC
Security is the solution's most valuable feature. As far as I know, this solution is the most secure system of this class on the market today, even considering another management system like Fudo Security, which we also use. The integration capabilities are very good; it helps strengthen our overall security.
View full review »Every aspect of the solution is very well integrated, and that gives comfort. It is a fail-safe kind of environment. I think that's the fail-safe feature makes customers comfortable because there are no non-integrable stuff or cures. For example, a vault would have its own anti-virus, its own application, its own operating system to stay hardened. It is absolutely hardened for it to be protected from the outside world.
View full review »The most valuable feature is the special management. It records the activity and the actions that we use for auditing.
View full review »MW
MariuszWalo
Presales Engineer/Network Security Technical Consultant at a tech services company with 51-200 employees
The solution is very complete. It has the most features on the market.
Session monitoring is excellent. It may be the solution's most valuable aspect.
The solution offers very good password protection.
It offers great integration with many products.
View full review »The secured vault storage offers great capabilities for structuring and accessing data.
Central Password Manager is useful for agentless automated password management on endpoints.
Privileged Session Manager is good for provisioning, securing, and recording sessions to the endpoints.
View full review »- Session recording
- Password and access management
Buyer's Guide
CyberArk Enterprise Password Vault
April 2024
Learn what your peers think about CyberArk Enterprise Password Vault. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
767,995 professionals have used our research since 2012.