CyberArk Privileged Access Manager Reviews

We primarily use the product as part of the growing security posture of the company.

The solution provided password management and API password retrieval functionality. 

The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials. 

The solution needs better features for end users to manage their own whitelisting for API retrieval. 

I've used the solution for over a decade. 

CyberArk vouches for access to domain controllers in Unix and Windows Server. 

CyberArk makes our environment more secure and prevents possible attacks by compromised accounts.

The price is high compared to Azure Key Vault. It's the most expensive solution. 

I have used CyberArk for about three months.

We have 98 percent uptime. 

CyberArk is scalable. We have around 4,000 users. 

We previously used Telos. We switched to CyberArk because it has features to deal with a large company that has a complex structure and many partners. 

Deploying CyberArk was moderately difficult. It isn't too hard, but it isn't easy. One person is enough to install it. It took about one month to select the product and deploy it.

CyberArk is more expensive than other solutions, but it's necessary when the company has contacts with other branches and partners. 

I rate CyberArk Enterprise Password Vault eight out of 10. It's more expensive than Azure Key Vault, but Key Vault doesn't have CyberArk's analytics and user tracking. I recommend CyberArk if you need those features. However, it's costly in the Brazilian market because of the conversion fro reals to dollars. 

CyberArk Privileged Access Manager is used for identity and privilege access management.

The integrations are the most valuable aspect of CyberArk Privileged Access Manager. The software offers pre-built integrations, and our team can also create custom connectors. This flexibility allows us to integrate with systems that we previously didn't consider integrating with, making it a significant advantage for us.

There is room for improvement in the availability of custom connectors on the marketplace for this solution. Additionally, their services for the CICD pipeline and ease of integration could be improved.

I have been using CyberArk Privileged Access Manager for approximately three years.

Once the implementation is completed and the solution is hardened, I consider it to be stable. 

CyberArk Privileged Access Manager is scalable on-premise but not on the cloud.

I rate the scalability of CyberArk Privileged Access Manager a seven out of ten.

The time it took for the deployment was approximately two years. It was not a simple process for the vendor. It should have been completed in one year, it took too long.

Our process steps for deployment involve specific stages, starting with onboarding Windows and Linux devices, and concluding with the onboarding of application service accounts and related components.

I rate the initial setup of CyberArk Privileged Access Manager an eight out of ten. 

The solution's deployment was completed by the vendor. 

A team of two to three people was required for the deployment of our solution. One of them had a high level of expertise in architecture and a thorough understanding of the solution. The remaining team members were junior-level personnel in charge of activities including connection development, data collection, and deployment. The vendor was also used by the team to help with data collection, planning, and execution.

The license CyberArk Privileged Access Manager is on an annual basis.

A team of five to six people would be sufficient to maintain 24/7 operations.

I would recommend reducing the fee for cancellations, but when it comes to cloud services, there are superior options available in the market.

I rate CyberArk Privileged Access Manager a seven out of ten.

Our primary use case for the solution is to support privileged identities.

The password management feature is valuable.

The solution can be improved by including more connectors to other third-party systems for integration.

We have been using the solution for approximately five years.

The solution is stable.

The solution is scalable. Approximately 150,000 people are using the solution.

We previously used One Identity.

The initial setup was a bit complex.

We deployed the solution in-house.

We have seen a return on investment. The solution makes our procedures better, making the environment more secure and changing the mindset of people. 

I rate the solution a seven out of ten.

Our primary use case for his solution is privileged identity and application identity management, and we deploy the solution on-premises.

We have found the core features of the product most valuable, such as password management, session recording and vaulting.

The architecture needs to be improved. For example, the whole solution can come within a single software bundle instead of the distributed components we have for the on-premise deployments. I think there's room for improvements in that area because the competitors within that space have appliances and software that are just a single software. You don't have to split functionality across several servers like the current deployment.

We have been using this solution for approximately five years.

The solution is scalable. At the point of implementation, 300 users in our organization were using it, but that number may have increased.

The initial setup is not very complex because of my experience and skills. Still, the end users are only in charge of the administrative aspects, but I think the set up is a bit complex for those who are not very savvy with the solution. Implementation took approximately two weeks.

I rate the solution nine out of ten. The solution is good, but the main feature to be improved is having the product in a consolidated software bundle. So the moment we have PSM, it's a dedicated server. We can also have a PVWA in another server, so having a singular bundle is just like the cloud offering. The infrastructure is abstracted from the end user. So if we can have something like that for on-premises, that would simplify implementation. Regardless it's a good solution, it works, and the bank is happy with it. My recommendation to people considering implementing this product is to get the scoping appropriately done. It comes down to scoping the initial deployment, so it doesn't take forever. Still, if you're not scoping correctly, you could have a situation where people keep adding new accounts continuously, and your project never ends. Hence, scoping is kind of important.

It is a PAM solution, in which we provide privileged access to CyberArk and the users who are using to try to access their devices. They onboard on the CyberArk and then, whenever they need to access the devices, they get access to CyberArk which means they have to log in on CyberArk.

The models as a whole are great. I'm not sure if I can pull out specific features. I like that if we execute the user can't access their devices. If you remove the session manager, the user can't access their devices. It helps ensure we can protect our organization and data. The session manager is the most critical part of CyberArk's PAM solution. 

It works perfectly well. 

The solution is pretty easy to set up. 

The solution is stable.

It's scalable. 

The support services could act faster when people reach out to resolve issues. 

I've been using the solution for the last two years. 

It's a stable product. 

We have deployed CyberArk for two years, and so far, we haven't received any issues regarding any bugs or anything like that. We haven't faced any issues. There are some challenges regarding user access. We have to explain to users who are not familiar with the PAM solution what to do, however, regarding stability, or regarding bugs we haven't faced any issues.

It's a scalable product. For example, in my scenario, the deployment that I have done, if I want to scale it up or if I want to extend it, I can easily add the next module in that. There are no challenges regarding scalability.

I have only one deployment in Pakistan. It is at one of the largest banks in Pakistan here which has thousands of users on CyberArk.

Technical support is good. I haven't faced any issues. If you're looking at the response time, I will say that it's quite a long wait. 

The setup process of CyberArk is quite typical. Once you understand the process, it is very easy for you. That said, for a newbie, it may be a bit difficult. For example, for the PSM module, we have to make changes in the registry of the devices. You have to collaborate with your system team to make a configuration. I can get complex. That said, once you know, it's very easy.

I have been through the process of implementing the solution for clients. 

The licensing can be yearly or over a couple of years. Support needs to be renewed every year. 

We have four models which we are using. 

The first one has a wall that which we have deployed on the particular server. The next one is the CPM which is the Central Policy Manager through which we enforce the password policy and password rotation policies. 

I'd recommend the solution to others. 

We have conducted a POC in Pakistan on multiple sites with different customers. CyberArk is a quite typical product and can be a bit expensive, so it's a good idea to try it out first and make sure it is what you need.

I'd rate the solution seven out of ten. 

The password vault and session monitoring are useful.

We have been using this solution since 2016.

The solution is stable, but some features in BeyondTrust are unavailable in CyberArk Privileged Access Manager. For example, there is a PMUL feature in BeyondTrust where you can do a deeper dive with the keys for login, but it is not available in CyberArk Privileged Access Manager.

The technical support is good, and they fix any issues we have. However, the turnaround time for technical support is lengthy.

We set up huge environments.

Regarding pricing, we have an APAC sheet and a contact person from CyberArk Singapore that provides a pricing sheet when we need one.

I rate this solution an eight out of ten. I would recommend having a proper plan before implementing this solution. It will be a smoother process if you jot down the granular execution level and get senior resources with hands-on experience.

We use CyberArk Privileged Access Manager for our customers who want to monitor and protect the access from the vendor side or the partner side. These customers want to cover external users who want to gain access.

What I found most valuable in CyberArk Privileged Access Manager is the Session Manager as it allows you to split the connection between the administrator site and the target site. I also found the Password Manager valuable as it lets you rotate the passwords of privileged users.

In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution.

Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations.

In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows.

I've been working with CyberArk Privileged Access Manager for four years.

CyberArk Privileged Access Manager is a stable solution.

CyberArk Privileged Access Manager is easy to scale. You can divide the solution into different parts and connect them, then you can add a new feature, a new appliance, or a new system. The solution works.

In terms of the technical support for CyberArk Privileged Access Manager, I sometimes contact the service engineer in this region. I also have access to the support portal which I use in some issues, but it's not so often. I found the technical support team very professional and I would rate support for CyberArk Privileged Access Manager five out of five.

The initial setup for CyberArk Privileged Access Manager was complex because, in the beginning, you must get the information from the customer such as how he wants to install it, how he wants to protect privileged accounts, how password rotation would work, etc., before you can install the solution.

The time it takes to deploy CyberArk Privileged Access Manager depends on several factors such as how many admins a customer has, how many devices, and the types of devices, for example, does the customer have servers such as Windows or Linux, some other network solution, or some applications, etc.? It could take between ten, fifteen, or one hundred days. My company needs to analyze at the beginning to define how long the process will take.

On a scale of one to five, with one being complex and five being very easy, I would rate the initial setup for CyberArk Privileged Access Manager four out of five.

I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year.

You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features.

I've evaluated WALLIX, apart from CyberArk Privileged Access Manager.

CyberArk Privileged Access Manager is a global solution that applies to all customers, from small scale to enterprise businesses, but the solution has a little bit more servers that you need for the installation. WALLIX, on the other hand, is just one appliance that focuses on small-scale customers. Its deployment is much easier because you just install one appliance with all the features inside. Deployment is easier with WALLIX versus CyberArk Privileged Access Manager which has a complex deployment. In the end, CyberArk Privileged Access Manager has more features that you can define or set up, while WALLIX has some limitations.

I'm working for a company that sells privileged access management solutions, including CyberArk Privileged Access Manager.

The version of the solution which I'm dealing with is an old version. Most of the deployment is on-premises, but my company will start cloud deployment for CyberArk Privileged Access Manager as well.

My company resells, implements, and also provides support for CyberArk Privileged Access Manager for the customers.

The solution requires upgrading regularly, and if there's a new system or application, you need to set it up for privileged access management on CyberArk Privileged Access Manager, so maintenance is important. Currently, in my company, five people work with the solution where there are about two hundred devices with fifty administrators. In the beginning, CyberArk Privileged Access Manager was for large-sized businesses. Nowadays, it's also used by medium-sized businesses.

I would recommend CyberArk Privileged Access Manager to others looking into implementing it because it's very important to protect privileged accounts in the company and do password rotation, so the hackers won't have a chance to detect and find the real passwords in the system. You can also use CyberArk Privileged Access Manager to protect external users and the admins from the direct connection to the server and after that, you can see what the users and admins do because the system makes video recordings and session logs. It's important to see what the admins do from time to time.

For me, CyberArk Privileged Access Manager is the best product, and even Gartner says the same, so I would rate it a ten out of ten.

My company is a partner and reseller of CyberArk Privileged Access Manager.