CyberArk Privileged Access Manager Reviews

• Password management and accountability for Privileged accounts
• Identify, protect and monitor the usage of Privileged accounts
• Record and control privileged sessions on critical systems i.e. Windows, Unix, DBs
• Application credentials including SSH keys and hard-coded embedded passwords can be managed
• Control and monitor the commands super-users can run based on their role
• PTA is a security intelligence system that allows organizations to detect, alert, and respond to cyberattacks on privileged accounts.

Privileged accounts represent the largest security vulnerability an organization faces today. Most organisations are not aware of the total number of privilege accounts.

Compromising privilege accounts leads to various breaches. With this growing threat, organisations need controls put in place to proactively protect, detect and respond to in-progress cyberattacks before they strike vital systems and compromise sensitive data.

On implementing the CyberArk PIM solution, we are able to achieve this goal. Now, we are aware of the total privileged accounts in our enterprise. These are securely stored and managed by the Vault. The end users need not remember passwords for these accounts to use them.

E.g.: A Unix Admin who has to login to a Unix server using the "root" account needs to log in to CyberArk and search for the root account, click Connect and he can perform all of his activities. We can enforce a command list on this account, monitor his activities and also get to know who has used this root account. The access to this account can also be restricted. The user does not have to remember any credentials.

Integration of this tool with SAML is a problem, as there is a bug. We’d like to be able to integrate AWS accounts in CyberArk.

I have been using this solution for the past three years. I have implemented this solution for various clients from banking and pharmaceutical companies.

I have not really encountered any issues with stability.

I have not encountered any scalability issues.

I rate technical support 9/10, very good.

Straightforward, easy-to-install setup.

It is expensive.

Before we chose CyberArk, we evaluated ARCOS.

Go ahead and use CyberArk. Request a demo.

The most valuable feature is the password Vault which gives the administrator control over privileged accounts. The other components that are valuable are Private Session Manager, OPM, Viewfinity, and AIM, which came as an add-on to the organisation's needs. The ability to start the project, install and add the passwords in just a few days brings a big advantage for CyberArk.

The client can see all the users sessions through PSM, and can protect the applications on servers using AIM. Also, the Privileged Threat Assessment helps the organisation to see all the account risks, including accounts not managed by CyberArk, and accounts/machines with unusual behavior, etc.

The DNA scan should be able to scan Unix machines for privileged accounts.

PIM tested in the last 2 years.

We didn't have any issues with the deployment.

The product is very stable.

I didn't have any issues with the stability. I usually recommend the client to increase the system requirements with 10%.

Customer service is OK in Romania.

I had direct contact with the local team and they are OK.

No.

Straightforward when you have the use cases and a SoW. Usually you follow the Installation Manual, and perform the after-installation tests, and you are sure that everything is OK. The only issue I had was with the anti-virus that was left on the server and that deleted some PSM files. You must always double-check the prerequisites, as you can have some surprises with the GPO that overrides your settings.

I was part of the implementation team with support from the vendor.

We also looked at BalaBit Shell Control Box.

It has the ability to monitor privileged sessions.

Our security has improved since implementing CyberArk.

The user interface needs to be improved. It could be done by getting the GUI to work with other programs from within internet browsers out of box.

I've used it for one year.

No issues encountered.

No issues encountered.

No issues encountered.

It's good.

It's good.

I didn't use a previous solution.

It was straightforward as the documentation was rather clear. This made the implementation simple.

I implemented myself.

I didn't evaluate any other options.

The most valuable feature of this product is the Central Policy Manager. From the Operation and Security point of view a robot that can connect to destination machines, change passwords at fixed times, and put them in the vault, like a person, and therefore, is the best that you can ask for.

It combines more functionality in a single product and solve a lot of problem, from security to compliance.

It has improved many parts of the organization. From the security and audit perspective, we're now fully aware of who accessed data and from where they accessed it. This helped us with regulatory compliance. We've improved our level of security in many typically-unsafe environments, such as domains.

I think that this product can be improved in all the areas. The details usually are important as the funcionallity. So I think that understanding the request from the customer CyberArk, as is already doing, can improve day by day his product.

I have used Cyber-Ark PAS since 2008, so thid is the seventh year that I will be working with it.

Usually not. The biggest problem was the incompatibility or non-default installation of an OS to be managed by the Central Policy Manager.

Never encountered any problems with stability.

Never encountered any problems with scalability. The Vault, Central Policy Manager, Password Vault Web Access, Privileged Session Manager and Application Identity Management architecture are designed to support scalability.

It's improved over the years and now is very fast and efficient. We've got a very good Italian customer service.

Very high level of technical support. Fast and organized.

Never used a different solution.

The initial setup is really fast, simple and straightforward. It consist of a simple Windows installation (next-next type) for any component. The only requirement is to do the installation step by step following a list of components to do beforehand.

I work in a vendor team, and we installed the product in a large company.

We sell this solution to our partners. We are not currently using the application for our own use — we're consultants.

Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too.

There are always improvements that can be made, but nothing really stands out. It's hard for me to say as I am not a direct user.

CyberArk PAS is very stable.

The technical support is excellent. On a scale from one to ten, I would give the support a rating of ten.

The price of this solution is quite reasonable. 

Overall, on a scale from one to ten, I would give CyberArk PAS a rating of ten.

The accounts are maintained automatically. Hence, resource and administration costs are less. 

CyberArk Enterprise Password Vault's deployment is complex for resources with little experience. Tech support needs to be improved as well based on quality and knowledge. 

I have been working with the product for more than five years. 

The product is very stable. 

CyberArk Enterprise Password Vault is scalable. 

CyberArk Enterprise Password Vault's deployment can be done with two to three resources. 

I rate the solution a nine out of ten. 

CyberArk is a good, profitable, and most valuable solution.

While testing the functionality of PAM, we weren't merely conducting a standard PAM evaluation. We aimed to establish a connection and successfully received a response from the target PAM component.

The product’s pricing could be improved.

I have been using CyberArk Privileged Access Manager as a partner and implementor.

The product is stable. If you make some changes or something, it's stable.

The solution is scalable. We cater it to enterprise businesses.

Customer support takes too much time to provide some response. When you open some cases, sometimes it takes one or two weeks to get some people to know the problem and how they will help us.

Neutral

The initial setup takes a few days to complete.

I rate the initial setup a six out of ten, where one is difficult and ten is easy.

The product is expensive.

I rate the product’s pricing a seven out of ten, where one is cheap and ten is expensive.

Overall, I rate the solution a nine out of ten.