CyberArk Privileged Access Manager Reviews

We are using CyberArk Privileged Access Manager for securing access to the host or the server. The solution has the capability to record activity on the server, rotate the passwords, kick out an active user, and complete an action if suspicious activity is triggered on the server. We typically only use the solution for accessing the target server and for password rotations.

One of the benefits of using CyberArk Privileged Access Manager is we have an audit trail that fits the requirements of our organization and we are more secure using the features of the solution, such as investigating and tracking.

All of the features of CyberArk Privileged Access Manager are valuable.

I have been using CyberArk Privileged Access Manager for approximately six months.

CyberArk Privileged Access Manager is stable.

The scalability of CyberArk Privileged Access Manager is very good.

We have approximately 300 users using the solution.

The partner support we have in Indonesia is fast and responsive to our needs. They are available if we are facing a problem. However, there is still room for improvement.

I rate the support from CyberArk Privileged Access Manager an eight out of ten.

Positive

I was previously using MEGA HOPEX.

The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple.

I rate the initial setup of CyberArk Privileged Access Manager a five out of ten.

We use a third party to do the implementation of the solution. We purchased preventive and corrective maintenance from our partner.

There are additional features added to our CyberArk Privileged Access Manager license. For example, features that allow us to integrate into various kinds of platforms.

I would recommend this solution to others. It has great value and it ensures your environment is secure and it is most important in production. If your company is a financial institution it is a lot of times mandatory to have a solution similar to this in operation because of cyber security concerns. We need to have preventive or professional action and one of those elements is to have a secure platform.

I rate CyberArk Privileged Access Manager an eight out of ten.

The concern on our end was separating the components, including the password storage component, and having everything completely separated. 

The scalability is very easy.

The most valuable aspect was being to be able to manage it through multiple mediums. We can manage it through its command line interface, web view, and directly logging into the digital environment with permission. You have multiple mediums. You don't have to give direct access to the world every time you want to limit what admins should do and what they should not do.

CyberArk has the biggest number of features available when you compare it to other PAN solutions like BeyondTrust, Thycotic, and Delinea. They tend to have a lot of separate components.

Performance-wise, it is excellent. 

The components of their web view, policy manager, and session manager, most of them are separated. We need something which can unify those components into a single appliance. Sometimes the infrastructure team is hesitant to provide more resources. 

They have a lot of out-of-the-box integrations with a lot of other products. However, I would want them to bring on some kind of similar platform. If they can bring up the SSO on-prem, that would be ideal, as they don't have those things on-premises. They only provide that for the cloud. If they can do that, it would actually help a lot of us and keep us from trying to acquire multiple technologies for solutions.

I've used the solution for six or seven years at this point. 

We are very stringent on the performance metrics and would rate the solution very high. It's stable. 

We found that scalability was much easier in CyberArk. In BeyondTrust, scalability required purchasing extra virtual machines every time we wanted to scale it up. However, in CyberArk, we don't need to purchase extra components. It comes along with the line.

Currently, we have around 78 to 80 admins, and there are around 200 underlying accounts. 

We previously used BeyondTrust.

I haven't compared it to Thycotic yet, however, from what I have read, it looks like CyberArk is better. I've also looked into Delinea.

We are reselling the solution to customers.

I'd rate the solution nine out of ten. It's quite a good product.

It is for the lab. We just onboard all the privileged accounts and then try to make them compliant and provide access to end-users. We are CyberArk administrators, and our responsibility is to onboard the accounts and provide access to end-users so that there is no business impact and the users are able to connect to their target services.

I started with version 10.6, and now, the current version of CyberArk is 12.1. It is deployed on-prem, but in my lab, it is my virtual setup.

It is one of the best solutions in the market. Ever since I started using this solution, there has not been any compromise when it comes to our lab.

There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries.

The GUI part can be better. Previously, they had a classic one, and then they upgraded to the new one, but it is less user-friendly than other PAM solutions. Its GUI is a little bit complex.

I have been using this solution for almost five years.

It is a stable solution. It is a top PAM solution as per Gartner.

Its scalability is good.

I have contacted them multiple times. They helped me in a good way. Whenever I raised a ticket, depending on the ticket priority, they provided good support. Sometimes, I got a response within two hours.

CyberArk has a distributed architecture. Therefore, as compared to other PAM solutions, it is a little bit complex. You first need to understand the environment and then install the individual components, whereas, in other PAM solutions, you have to build the database and then simply run the application and directly connect to the application. You can then start using the application.

If you are using this solution for the first time, you need to be a little bit aware of Windows, Linux, and AD. Otherwise, it might be complex for you.

I would rate it a nine out of ten. 

We use this solution for the user ADM account onboarding process within our company. If they need server access, we create ADM accounts, and we onboard to CyberArk.

We use it also for the password protection process with other products. We can use this as a password wallet, and we create the password rotation in CyberArk.

We can grant access, check the system's health, and create policies for users.

Creating policies and the password rotation feature have been valuable. We don't have to memorize our password for the ADM account.

Security wise, it's really safe. The password expires within six to eight hours, so no one can get that password from us. Other users can't log in without our credentials, and also, the ADM account password will automatically rotate.

It's really user-friendly as well.

Report creation could be improved.

The policies could be more customized.

I've been working with this solution for almost nine months. It's deployed on the cloud.

The stability is really good.

We have more than 2000 users, and it's really easy to scale.

I have worked with Thycotic before. It is not user-friendly, although it has changed a lot.

Implementation was really hard, and the reporting was not as good as the users expected. In comparison to CyberArk, Thycotic was not better.

The deployment process is really easy, and I would give it a four out of five.

We got support from the CyberArk team but deployed it ourselves. It was easy to follow the documentation and user guide.

CyberArk is an expensive product.

If you can afford CyberArk Privileged Access Manager or you are looking 5 to 10 years in the future, it's a good investment. You will gain experience handling all these pieces using the one product. You can easily integrate with other products also.

You would have maintenance with other PAM products, and you won't with CyberArk. You can save that money by investing in a high quality product from the beginning itself.

Overall, I would rate CyberArk Privileged Access Manager at eight on a scale from one to ten.

CyberArk Privileged Access Manager is used for identity and privilege access management.

The integrations are the most valuable aspect of CyberArk Privileged Access Manager. The software offers pre-built integrations, and our team can also create custom connectors. This flexibility allows us to integrate with systems that we previously didn't consider integrating with, making it a significant advantage for us.

There is room for improvement in the availability of custom connectors on the marketplace for this solution. Additionally, their services for the CICD pipeline and ease of integration could be improved.

I have been using CyberArk Privileged Access Manager for approximately three years.

Once the implementation is completed and the solution is hardened, I consider it to be stable. 

CyberArk Privileged Access Manager is scalable on-premise but not on the cloud.

I rate the scalability of CyberArk Privileged Access Manager a seven out of ten.

The time it took for the deployment was approximately two years. It was not a simple process for the vendor. It should have been completed in one year, it took too long.

Our process steps for deployment involve specific stages, starting with onboarding Windows and Linux devices, and concluding with the onboarding of application service accounts and related components.

I rate the initial setup of CyberArk Privileged Access Manager an eight out of ten. 

The solution's deployment was completed by the vendor. 

A team of two to three people was required for the deployment of our solution. One of them had a high level of expertise in architecture and a thorough understanding of the solution. The remaining team members were junior-level personnel in charge of activities including connection development, data collection, and deployment. The vendor was also used by the team to help with data collection, planning, and execution.

The license CyberArk Privileged Access Manager is on an annual basis.

A team of five to six people would be sufficient to maintain 24/7 operations.

I would recommend reducing the fee for cancellations, but when it comes to cloud services, there are superior options available in the market.

I rate CyberArk Privileged Access Manager a seven out of ten.

In a large financial institution, CyberArk Privileged Access Management (PAM) plays a pivotal role in ensuring the security and integrity of sensitive financial data. With numerous systems, applications, and databases holding critical client information and transaction data, the institution faced the challenge of managing and protecting privileged accounts effectively.

The PAM solution was seamlessly integrated into the existing IT infrastructure. It introduced granular access controls, requiring all employees to log in with standard user accounts, regardless of their role. When a privileged action is required, the PAM system enables the temporary elevation of privileges through just-in-time (JIT) access, granting access only for the necessary time frame. This reduces the window of opportunity for potential cyber threats.

CyberArk Privileged Access Management (PAM) has been a game-changer for our organization's security landscape. With PAM in place, we've experienced a significant reduction in potential security breaches. The meticulous control it offers over access rights ensures that only authorized personnel can access critical systems and sensitive information. The implementation of just-in-time access has effectively minimized our attack surface, making it incredibly challenging for unauthorized users to exploit vulnerabilities.

The most valuable features of CyberArk Privileged Access Management (PAM) are its granular access controls and just-in-time (JIT) access provisioning. These features ensure that only authorized users have elevated privileges and access to critical systems. JIT access reduces the attack surface by granting privileges only when needed, minimizing exposure to potential threats. 

Additionally, robust auditing and real-time monitoring capabilities enhance security by tracking privileged activities, aiding in threat detection and compliance. PAM's ability to seamlessly integrate into existing infrastructures and streamline workflows further adds operational efficiency, making it an indispensable tool for modern cybersecurity.

CyberArk PAM could greatly benefit from an under-the-hood update; integrating machine learning algorithms could provide predictive insights.

The user interface lacks intuitiveness; revamping the UX of the web access panel through intuitive navigation, customization, contextual assistance, visual coherence, and accessibility considerations will undoubtedly result in higher user satisfaction, increased engagement, and ultimately, a more competitive offering in the market.

In addition, several tools seem to be outdated, however, you can see that CyberArk is constantly working on them.

I've used the solution since 2017.

In my organization, we are using CyberArk Privileged Access Manager to enhance the security of an organization's critical systems, mainly by securing privileged accounts (e.g. administrator passwords, SSH keys, and API tokens). 

We are also using Cyber-Ark for access control by ensuring that only authorized personnel can access privileged accounts and sensitive systems. 

very important for us is also Session Recording and Monitoring. We can record and monitor privileged user sessions in real time for auditing purposes. 

CyberArk Privileged Access Manager significantly improved our organization's security. Mainly, it has enhanced our ability to secure privileged accounts. Centralized management of identities ensures that credentials are stored securely. Also, the automated rotation of passwords reduces the risk of leaks.

The session recording feature adds great value and helps with auditing administrative activities.

CyberArk PAM can be easily automated, which saves a lot of time and administrative effort.

For our organization, the most valuable features of CyberArk PAM are:

• Credential Management. The automation of the retrieval and injection of credentials into sessions, and automation of password rotation.
• Session Recording. It gives us the possibility to record privileged user sessions for auditing and compliance purposes. 
• Ease of integration. CyberArk can by integrated with multiple systems and applications.
• The possibility of using Multi Factor Authentication (MFA) which increases security
• Reporting module. This allows us to generate reports based on session activity

Cost management. There should be more models and licensing plans for this software. They should also be flexible, allowing you to purchase selected features at a favorable price.

User Experience. The current interface is OK, however, sometimes it is not very intuitive. There is also no possibility of advanced modification and adaptation to your own needs and requirements.

Performance. The performance of the application could be a bit better, especially in the case of remote sessions - delays in remote sessions can be annoying.

I've used the solution for about five years. 

The product is fairly priced. 

It's stable.

The solution is scalable. 

People are quite satisfied with the way it's working and the support we receive. 

The security is good. 

The interface is fine, although I'm not directly using it too much. 

We found the initial setup to be easy.

We would, of course, always prefer it if the pricing was cheaper. 

I've been using the solution for four or five years. 

It's stable. There are no bugs or glitches. It's reliable. It does not crash or freeze. 

We have more than 100 people on the solution right now. 20 to 30 are likely admins. 

The solution is scalable. We can increase licenses as needed. 

Technical support has been helpful and responsive. We are happy with their support. 

I can't speak to what solutions, if any, we used previously. 

The solution is very simple and straightforward. It's not complex at all. 

I know that CyberArk is now changing the pricing model to subscription-based. My understanding is renewals will be done on the subscription-based models. The pricing is reasonable. We pay annually.

The costs depend on if you were talking about the access of internal or external users. There is also an extra external fee for supporting the licensing.

We are end-users and customers. 

This is a stable, reasonably priced product. It has good security features as well. Since we received the renewal request, it's been working very well. 

I'd rate the product eight out of ten.