We are using CyberArk Privileged Access Manager for securing access to the host or the server. The solution has the capability to record activity on the server, rotate the passwords, kick out an active user, and complete an action if suspicious activity is triggered on the server. We typically only use the solution for accessing the target server and for password rotations.
Assistant Vice President for Cyber Security Project at a financial services firm with 1,001-5,000 employees
Plenty of features, scalable, and responsive support
Pros and Cons
- "All of the features of CyberArk Privileged Access Manager are valuable."
- "The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple."
What is our primary use case?
How has it helped my organization?
One of the benefits of using CyberArk Privileged Access Manager is we have an audit trail that fits the requirements of our organization and we are more secure using the features of the solution, such as investigating and tracking.
What is most valuable?
All of the features of CyberArk Privileged Access Manager are valuable.
For how long have I used the solution?
I have been using CyberArk Privileged Access Manager for approximately six months.
Buyer's Guide
CyberArk Privileged Access Manager
September 2023

Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
735,432 professionals have used our research since 2012.
What do I think about the stability of the solution?
CyberArk Privileged Access Manager is stable.
What do I think about the scalability of the solution?
The scalability of CyberArk Privileged Access Manager is very good.
We have approximately 300 users using the solution.
How are customer service and support?
The partner support we have in Indonesia is fast and responsive to our needs. They are available if we are facing a problem. However, there is still room for improvement.
I rate the support from CyberArk Privileged Access Manager an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I was previously using MEGA HOPEX.
How was the initial setup?
The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple.
I rate the initial setup of CyberArk Privileged Access Manager a five out of ten.
What about the implementation team?
We use a third party to do the implementation of the solution. We purchased preventive and corrective maintenance from our partner.
What's my experience with pricing, setup cost, and licensing?
There are additional features added to our CyberArk Privileged Access Manager license. For example, features that allow us to integrate into various kinds of platforms.
What other advice do I have?
I would recommend this solution to others. It has great value and it ensures your environment is secure and it is most important in production. If your company is a financial institution it is a lot of times mandatory to have a solution similar to this in operation because of cyber security concerns. We need to have preventive or professional action and one of those elements is to have a secure platform.
I rate CyberArk Privileged Access Manager an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Technical Manager at Gulf IT
Lots of features with a great performance and the ability to expand
Pros and Cons
- "Performance-wise, it is excellent."
- "Sometimes the infrastructure team is hesitant to provide more resources."
What is our primary use case?
The concern on our end was separating the components, including the password storage component, and having everything completely separated.
What is most valuable?
The scalability is very easy.
The most valuable aspect was being to be able to manage it through multiple mediums. We can manage it through its command line interface, web view, and directly logging into the digital environment with permission. You have multiple mediums. You don't have to give direct access to the world every time you want to limit what admins should do and what they should not do.
CyberArk has the biggest number of features available when you compare it to other PAN solutions like BeyondTrust, Thycotic, and Delinea. They tend to have a lot of separate components.
Performance-wise, it is excellent.
What needs improvement?
The components of their web view, policy manager, and session manager, most of them are separated. We need something which can unify those components into a single appliance. Sometimes the infrastructure team is hesitant to provide more resources.
They have a lot of out-of-the-box integrations with a lot of other products. However, I would want them to bring on some kind of similar platform. If they can bring up the SSO on-prem, that would be ideal, as they don't have those things on-premises. They only provide that for the cloud. If they can do that, it would actually help a lot of us and keep us from trying to acquire multiple technologies for solutions.
For how long have I used the solution?
I've used the solution for six or seven years at this point.
What do I think about the stability of the solution?
We are very stringent on the performance metrics and would rate the solution very high. It's stable.
What do I think about the scalability of the solution?
We found that scalability was much easier in CyberArk. In BeyondTrust, scalability required purchasing extra virtual machines every time we wanted to scale it up. However, in CyberArk, we don't need to purchase extra components. It comes along with the line.
Currently, we have around 78 to 80 admins, and there are around 200 underlying accounts.
Which solution did I use previously and why did I switch?
We previously used BeyondTrust.
Which other solutions did I evaluate?
I haven't compared it to Thycotic yet, however, from what I have read, it looks like CyberArk is better. I've also looked into Delinea.
What other advice do I have?
We are reselling the solution to customers.
I'd rate the solution nine out of ten. It's quite a good product.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Buyer's Guide
CyberArk Privileged Access Manager
September 2023

Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: September 2023.
735,432 professionals have used our research since 2012.
Associate Manager at Wipro
Good support, stable, and helpful in securing access to our lab
Pros and Cons
- "It is one of the best solutions in the market. Ever since I started using this solution, there has not been any compromise when it comes to our lab."
- "There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
What is our primary use case?
It is for the lab. We just onboard all the privileged accounts and then try to make them compliant and provide access to end-users. We are CyberArk administrators, and our responsibility is to onboard the accounts and provide access to end-users so that there is no business impact and the users are able to connect to their target services.
I started with version 10.6, and now, the current version of CyberArk is 12.1. It is deployed on-prem, but in my lab, it is my virtual setup.
What is most valuable?
It is one of the best solutions in the market. Ever since I started using this solution, there has not been any compromise when it comes to our lab.
What needs improvement?
There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries.
The GUI part can be better. Previously, they had a classic one, and then they upgraded to the new one, but it is less user-friendly than other PAM solutions. Its GUI is a little bit complex.
For how long have I used the solution?
I have been using this solution for almost five years.
What do I think about the stability of the solution?
It is a stable solution. It is a top PAM solution as per Gartner.
What do I think about the scalability of the solution?
Its scalability is good.
How are customer service and support?
I have contacted them multiple times. They helped me in a good way. Whenever I raised a ticket, depending on the ticket priority, they provided good support. Sometimes, I got a response within two hours.
How was the initial setup?
CyberArk has a distributed architecture. Therefore, as compared to other PAM solutions, it is a little bit complex. You first need to understand the environment and then install the individual components, whereas, in other PAM solutions, you have to build the database and then simply run the application and directly connect to the application. You can then start using the application.
What other advice do I have?
If you are using this solution for the first time, you need to be a little bit aware of Windows, Linux, and AD. Otherwise, it might be complex for you.
I would rate it a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Identity and Access Management Engineer at Wiley Global Technology Pvt. Ltd.
Is user-friendly and easy to deploy, and integrates well with other products
Pros and Cons
- "Creating policies and the password rotation feature have been valuable. We don't have to memorize our password for the ADM account."
- "Report creation could be improved. The policies could be more customized."
What is our primary use case?
We use this solution for the user ADM account onboarding process within our company. If they need server access, we create ADM accounts, and we onboard to CyberArk.
We use it also for the password protection process with other products. We can use this as a password wallet, and we create the password rotation in CyberArk.
We can grant access, check the system's health, and create policies for users.
What is most valuable?
Creating policies and the password rotation feature have been valuable. We don't have to memorize our password for the ADM account.
Security wise, it's really safe. The password expires within six to eight hours, so no one can get that password from us. Other users can't log in without our credentials, and also, the ADM account password will automatically rotate.
It's really user-friendly as well.
What needs improvement?
Report creation could be improved.
The policies could be more customized.
For how long have I used the solution?
I've been working with this solution for almost nine months. It's deployed on the cloud.
What do I think about the stability of the solution?
The stability is really good.
What do I think about the scalability of the solution?
We have more than 2000 users, and it's really easy to scale.
Which solution did I use previously and why did I switch?
I have worked with Thycotic before. It is not user-friendly, although it has changed a lot.
Implementation was really hard, and the reporting was not as good as the users expected. In comparison to CyberArk, Thycotic was not better.
How was the initial setup?
The deployment process is really easy, and I would give it a four out of five.
What about the implementation team?
We got support from the CyberArk team but deployed it ourselves. It was easy to follow the documentation and user guide.
What's my experience with pricing, setup cost, and licensing?
CyberArk is an expensive product.
What other advice do I have?
If you can afford CyberArk Privileged Access Manager or you are looking 5 to 10 years in the future, it's a good investment. You will gain experience handling all these pieces using the one product. You can easily integrate with other products also.
You would have maintenance with other PAM products, and you won't with CyberArk. You can save that money by investing in a high quality product from the beginning itself.
Overall, I would rate CyberArk Privileged Access Manager at eight on a scale from one to ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Partner at a tech consulting company with 51-200 employees
Integrates well, flexible, but custom connectors
Pros and Cons
- "The integrations are the most valuable aspect of CyberArk Privileged Access Manager. The software offers pre-built integrations, and our team can also create custom connectors. This flexibility allows us to integrate with systems that we previously didn't consider integrating with, making it a significant advantage for us."
- "There is room for improvement in the availability of custom connectors on the marketplace for this solution. Additionally, their services for the CICD pipeline and ease of integration could be improved."
What is our primary use case?
CyberArk Privileged Access Manager is used for identity and privilege access management.
What is most valuable?
The integrations are the most valuable aspect of CyberArk Privileged Access Manager. The software offers pre-built integrations, and our team can also create custom connectors. This flexibility allows us to integrate with systems that we previously didn't consider integrating with, making it a significant advantage for us.
What needs improvement?
There is room for improvement in the availability of custom connectors on the marketplace for this solution. Additionally, their services for the CICD pipeline and ease of integration could be improved.
For how long have I used the solution?
I have been using CyberArk Privileged Access Manager for approximately three years.
What do I think about the stability of the solution?
Once the implementation is completed and the solution is hardened, I consider it to be stable.
What do I think about the scalability of the solution?
CyberArk Privileged Access Manager is scalable on-premise but not on the cloud.
I rate the scalability of CyberArk Privileged Access Manager a seven out of ten.
How was the initial setup?
The time it took for the deployment was approximately two years. It was not a simple process for the vendor. It should have been completed in one year, it took too long.
Our process steps for deployment involve specific stages, starting with onboarding Windows and Linux devices, and concluding with the onboarding of application service accounts and related components.
I rate the initial setup of CyberArk Privileged Access Manager an eight out of ten.
What about the implementation team?
The solution's deployment was completed by the vendor.
A team of two to three people was required for the deployment of our solution. One of them had a high level of expertise in architecture and a thorough understanding of the solution. The remaining team members were junior-level personnel in charge of activities including connection development, data collection, and deployment. The vendor was also used by the team to help with data collection, planning, and execution.
What's my experience with pricing, setup cost, and licensing?
The license CyberArk Privileged Access Manager is on an annual basis.
What other advice do I have?
A team of five to six people would be sufficient to maintain 24/7 operations.
I would recommend reducing the fee for cancellations, but when it comes to cloud services, there are superior options available in the market.
I rate CyberArk Privileged Access Manager a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Mar 26, 2023
Flag as inappropriateSenior IT Systems Administrator at a financial services firm with 10,001+ employees
Good security, seamless integration, and real time monitoring capabilities
Pros and Cons
- "With PAM in place, we've experienced a significant reduction in potential security breaches."
- "CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights."
What is our primary use case?
In a large financial institution, CyberArk Privileged Access Management (PAM) plays a pivotal role in ensuring the security and integrity of sensitive financial data. With numerous systems, applications, and databases holding critical client information and transaction data, the institution faced the challenge of managing and protecting privileged accounts effectively.
The PAM solution was seamlessly integrated into the existing IT infrastructure. It introduced granular access controls, requiring all employees to log in with standard user accounts, regardless of their role. When a privileged action is required, the PAM system enables the temporary elevation of privileges through just-in-time (JIT) access, granting access only for the necessary time frame. This reduces the window of opportunity for potential cyber threats.
How has it helped my organization?
CyberArk Privileged Access Management (PAM) has been a game-changer for our organization's security landscape. With PAM in place, we've experienced a significant reduction in potential security breaches. The meticulous control it offers over access rights ensures that only authorized personnel can access critical systems and sensitive information. The implementation of just-in-time access has effectively minimized our attack surface, making it incredibly challenging for unauthorized users to exploit vulnerabilities.
What is most valuable?
The most valuable features of CyberArk Privileged Access Management (PAM) are its granular access controls and just-in-time (JIT) access provisioning. These features ensure that only authorized users have elevated privileges and access to critical systems. JIT access reduces the attack surface by granting privileges only when needed, minimizing exposure to potential threats.
Additionally, robust auditing and real-time monitoring capabilities enhance security by tracking privileged activities, aiding in threat detection and compliance. PAM's ability to seamlessly integrate into existing infrastructures and streamline workflows further adds operational efficiency, making it an indispensable tool for modern cybersecurity.
What needs improvement?
CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights.
The user interface lacks intuitiveness; revamping the UX of the web access panel through intuitive navigation, customization, contextual assistance, visual coherence, and accessibility considerations will undoubtedly result in higher user satisfaction, increased engagement, and ultimately, a more competitive offering in the market.
In addition, several tools seem to be outdated, however, you can see that CyberArk is constantly working on them.
For how long have I used the solution?
I've used the solution since 2017.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Aug 22, 2023
Flag as inappropriateIT Manager at Genpact - Headstrong
Good reporting and MFA with easy integration capabilities
Pros and Cons
- "CyberArk PAM can be easily automated."
- "There should be more models and licensing plans for this software."
What is our primary use case?
In my organization, we are using CyberArk Privileged Access Manager to enhance the security of an organization's critical systems, mainly by securing privileged accounts (e.g. administrator passwords, SSH keys, and API tokens).
We are also using Cyber-Ark for access control by ensuring that only authorized personnel can access privileged accounts and sensitive systems.
very important for us is also Session Recording and Monitoring. We can record and monitor privileged user sessions in real time for auditing purposes.
How has it helped my organization?
CyberArk Privileged Access Manager significantly improved our organization's security. Mainly, it has enhanced our ability to secure privileged accounts. Centralized management of identities ensures that credentials are stored securely. Also, the automated rotation of passwords reduces the risk of leaks.
The session recording feature adds great value and helps with auditing administrative activities.
CyberArk PAM can be easily automated, which saves a lot of time and administrative effort.
What is most valuable?
For our organization, the most valuable features of CyberArk PAM are:
- Credential Management. The automation of the retrieval and injection of credentials into sessions, and automation of password rotation.
- Session Recording. It gives us the possibility to record privileged user sessions for auditing and compliance purposes.
- Ease of integration. CyberArk can by integrated with multiple systems and applications.
- The possibility of using Multi Factor Authentication (MFA) which increases security
- Reporting module. This allows us to generate reports based on session activity
What needs improvement?
Cost management. There should be more models and licensing plans for this software. They should also be flexible, allowing you to purchase selected features at a favorable price.
User Experience. The current interface is OK, however, sometimes it is not very intuitive. There is also no possibility of advanced modification and adaptation to your own needs and requirements.
Performance. The performance of the application could be a bit better, especially in the case of remote sessions - delays in remote sessions can be annoying.
For how long have I used the solution?
I've used the solution for about five years.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Sep 14, 2023
Flag as inappropriateProcurement Manager at OTE Group
Easy to set up and fairly priced with helpful support
Pros and Cons
- "We found the initial setup to be easy."
- "We would, of course, always prefer it if the pricing was cheaper."
What is most valuable?
The product is fairly priced.
It's stable.
The solution is scalable.
People are quite satisfied with the way it's working and the support we receive.
The security is good.
The interface is fine, although I'm not directly using it too much.
We found the initial setup to be easy.
What needs improvement?
We would, of course, always prefer it if the pricing was cheaper.
For how long have I used the solution?
I've been using the solution for four or five years.
What do I think about the stability of the solution?
It's stable. There are no bugs or glitches. It's reliable. It does not crash or freeze.
What do I think about the scalability of the solution?
We have more than 100 people on the solution right now. 20 to 30 are likely admins.
The solution is scalable. We can increase licenses as needed.
How are customer service and support?
Technical support has been helpful and responsive. We are happy with their support.
Which solution did I use previously and why did I switch?
I can't speak to what solutions, if any, we used previously.
How was the initial setup?
The solution is very simple and straightforward. It's not complex at all.
What's my experience with pricing, setup cost, and licensing?
I know that CyberArk is now changing the pricing model to subscription-based. My understanding is renewals will be done on the subscription-based models. The pricing is reasonable. We pay annually.
The costs depend on if you were talking about the access of internal or external users. There is also an extra external fee for supporting the licensing.
What other advice do I have?
We are end-users and customers.
This is a stable, reasonably priced product. It has good security features as well. Since we received the renewal request, it's been working very well.
I'd rate the product eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Updated: September 2023
Popular Comparisons
Cisco ISE (Identity Services Engine)
Microsoft Entra ID
Delinea Secret Server
WALLIX Bastion
SailPoint IdentityIQ
One Identity Safeguard
Zscaler Internet Access
ManageEngine PAM360
Fortinet FortiAuthenticator
VMware Identity Manager
ARCON Privileged Access Management
Okta Workforce Identity
BeyondTrust Privileged Remote Access
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- CyberArk vs. ManageEngine Password Manager Pro
- How does Sailpoint IdentityIQ compare with CyberArk PAM?
- Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
- What is the difference between Privileged Users and Privileged Accounts
- When evaluating Privileged Identity Management, what aspect do you think is the most important to look for?
- Which is the best Privileged Account Management solution?
- What are the top 5 PAM solutions that can be implemented which cover both hybrid and cloud?
- What are the top 5 PAM solutions?
- How will AI and ML help or work with PIM/PAM?
- Is BeyondTrust Endpoint Privilege Management really expensive compared to other tools or software?