CyberArk Privileged Access Manager Reviews

The concern on our end was separating the components, including the password storage component, and having everything completely separated. 

The scalability is very easy.

The most valuable aspect was being to be able to manage it through multiple mediums. We can manage it through its command line interface, web view, and directly logging into the digital environment with permission. You have multiple mediums. You don't have to give direct access to the world every time you want to limit what admins should do and what they should not do.

CyberArk has the biggest number of features available when you compare it to other PAN solutions like BeyondTrust, Thycotic, and Delinea. They tend to have a lot of separate components.

Performance-wise, it is excellent. 

The components of their web view, policy manager, and session manager, most of them are separated. We need something which can unify those components into a single appliance. Sometimes the infrastructure team is hesitant to provide more resources. 

They have a lot of out-of-the-box integrations with a lot of other products. However, I would want them to bring on some kind of similar platform. If they can bring up the SSO on-prem, that would be ideal, as they don't have those things on-premises. They only provide that for the cloud. If they can do that, it would actually help a lot of us and keep us from trying to acquire multiple technologies for solutions.

I've used the solution for six or seven years at this point. 

We are very stringent on the performance metrics and would rate the solution very high. It's stable. 

We found that scalability was much easier in CyberArk. In BeyondTrust, scalability required purchasing extra virtual machines every time we wanted to scale it up. However, in CyberArk, we don't need to purchase extra components. It comes along with the line.

Currently, we have around 78 to 80 admins, and there are around 200 underlying accounts. 

We previously used BeyondTrust.

I haven't compared it to Thycotic yet, however, from what I have read, it looks like CyberArk is better. I've also looked into Delinea.

We are reselling the solution to customers.

I'd rate the solution nine out of ten. It's quite a good product.

The product is fairly priced. 

It's stable.

The solution is scalable. 

People are quite satisfied with the way it's working and the support we receive. 

The security is good. 

The interface is fine, although I'm not directly using it too much. 

We found the initial setup to be easy.

We would, of course, always prefer it if the pricing was cheaper. 

I've been using the solution for four or five years. 

It's stable. There are no bugs or glitches. It's reliable. It does not crash or freeze. 

We have more than 100 people on the solution right now. 20 to 30 are likely admins. 

The solution is scalable. We can increase licenses as needed. 

Technical support has been helpful and responsive. We are happy with their support. 

I can't speak to what solutions, if any, we used previously. 

The solution is very simple and straightforward. It's not complex at all. 

I know that CyberArk is now changing the pricing model to subscription-based. My understanding is renewals will be done on the subscription-based models. The pricing is reasonable. We pay annually.

The costs depend on if you were talking about the access of internal or external users. There is also an extra external fee for supporting the licensing.

We are end-users and customers. 

This is a stable, reasonably priced product. It has good security features as well. Since we received the renewal request, it's been working very well. 

I'd rate the product eight out of ten. 

We are using CyberArk Privileged Access Manager for securing access to the host or the server. The solution has the capability to record activity on the server, rotate the passwords, kick out an active user, and complete an action if suspicious activity is triggered on the server. We typically only use the solution for accessing the target server and for password rotations.

One of the benefits of using CyberArk Privileged Access Manager is we have an audit trail that fits the requirements of our organization and we are more secure using the features of the solution, such as investigating and tracking.

All of the features of CyberArk Privileged Access Manager are valuable.

I have been using CyberArk Privileged Access Manager for approximately six months.

CyberArk Privileged Access Manager is stable.

The scalability of CyberArk Privileged Access Manager is very good.

We have approximately 300 users using the solution.

The partner support we have in Indonesia is fast and responsive to our needs. They are available if we are facing a problem. However, there is still room for improvement.

I rate the support from CyberArk Privileged Access Manager an eight out of ten.

Positive

I was previously using MEGA HOPEX.

The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple.

I rate the initial setup of CyberArk Privileged Access Manager a five out of ten.

We use a third party to do the implementation of the solution. We purchased preventive and corrective maintenance from our partner.

There are additional features added to our CyberArk Privileged Access Manager license. For example, features that allow us to integrate into various kinds of platforms.

I would recommend this solution to others. It has great value and it ensures your environment is secure and it is most important in production. If your company is a financial institution it is a lot of times mandatory to have a solution similar to this in operation because of cyber security concerns. We need to have preventive or professional action and one of those elements is to have a secure platform.

I rate CyberArk Privileged Access Manager an eight out of ten.

There are many possible use cases, but in general, CyberArk permits users to target machines and rotate their passwords, and to record decisions. It is used to create security through PTA and to forward Vault logs and investigate events. It also enables users to access passwords in dev code without actually knowing the passwords. There are a lot of advantages to CyberArk.

As a consultant, I have seen a lot of CyberArk configurations. Sometimes we use the CyberArk Cluster Vaults with one DR. I also worked for a company that used only one vault, without a cluster, but they switched data centers when there was an incident.

I used to be a Windows and Linux administrator before I used CyberArk. The difference is that now it is simple for me to connect to my target machines. I can add them to my favorites, making access to the servers simple. 

CyberArk enables confidentiality. The passwords are stored in a fully secured Vault. If you want, you can access target machines without using PVWA. If you act as a remote desktop manager, you can register your connections and connect your target machines through the virtual IP and easily connect to your machines. Your connections and commands would all be registered to the Vault.

All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information.

Another valuable feature is that if you don't have access to a machine, you can see the machine in CyberArk. It's the management capabilities that CyberArk enables for a company that are very useful.

Other useful features are optional, such as recording decisions or rotating passwords.

The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments. 

CyberArk, as a solution, can easily adapt to a lot of environments, and you can add a lot of components to different zones, and that will work with the Vault. But not all the components, such as the PTA, can do so.

Also, it would be helpful if CyberArk added some features for monitoring machines when we access them. For example, they need to improve the PVWA. In general, when we don't use the PVWA, we don't have a lot of problems. For me, the PVWA is not perfect. I would like to see more features in the PVWA to administer our machines and to improve the transfer of data.

I have been using CyberArk Privileged Access Manager for more than three years.

I have implemented and maintained CyberArk solutions for clients, including creating administration functionality, such as platforms and support for users, so that everybody has 24/7 access to the account. 

I have also been involved in enhancing the solution by installing useful components and testing them. I would help analyze if a component could be of interest to the client and then implement it in production.

In general, I would help maintain the solutions and make sure that everybody can access the accounts, and that password rotation works.

I would rate WALLIX support at six out of ten, while CyberArk's support is a seven. The reason it's a seven is that we always have to send them the logs. Of course, we do get some response and they work on things, but sometimes we lose time on little tickets.

Neutral

If you have some experience, it is not complex to implement CyberArk. For me, the preparation is more difficult than the installation. Because CyberArk uses binaries, if you add good information, it will work. But if you miss something at the preparation stage, like the opening of the flows that you need, of course, it will be difficult. I know how the solution works, so it's not difficult.

First, you have to install the Vaults, and after installing them you can add PVWA to access the information. After that, you can install the PSM and then the CPM for the rotation, and that's it.

The time it takes to implement depends on the environment. Sometimes we work with complex environments and we have to adapt and collect all the information that we will need. We need to look out how the machines should be set up for the installation. It really depends on the size of CyberArk you want to install, including how many computers will be onboarded to CyberArk. There are technical and functional variables.

CyberArk is one of the best PAM solutions and one of the most expensive, but it works better than the others, so the pricing is fair.

I used to work on WALLIX Bastion, but CyberArk works better than WALLIX. WALLIX is a PAM solution, a French version, but when I was at another job I was a consultant on both WALLIX and CyberArk at the same time. That's when I saw that CyberArk is better.

It is simpler to upgrade the CyberArk environment and components than WALLIX. CyberArk has a user interface but WALLIX does not because WALLIX is installed on Linux while CyberArk is installed on Windows, making it user-friendly. Connecting is also simple with CyberArk. When a user connects to the PVWA, there aren't a lot of buttons. When users see the icon, they click "Connect" and connect. It is simple for them.

CyberArk can adapt easily to environments. For example, when we talk about connectors, CyberArk can easily connect to all the target machines these days. CyberArk can onboard network machines, Windows Servers, Linux servers, and Oracle Databases.

Web application passwords can be rotated. With its PSM and Selenium features, it enables the connection of a web application to CyberArk and rotation of passwords, so that it's not system accounts all the time. We can manage the web application accounts as well. CyberArk can also connect to the cloud.

When you work on CyberArk, you have to have more than one skill set. You are not just a PAM consultant because you manage passwords for all kinds of systems. You have to have skills in Windows, Linux, databases, and security because you manage those kinds of accounts. If you don't have those kinds of prerequisites, you can't work with CyberArk.

I started working on CyberArk when it was version 10.x and at this moment it is at 12 and more. The interface has changed and a lot of features have been added over that time. It's a good solution.

It is nothing but privileged access management. Most companies have servers, and for each server, they identify a generic ID to login. For example, if someone is an administrator, they will be using that ID to log in. So, we need to manage those IDs in a common repository, and that is why we have CyberArk PAM. CyberArk PAM is nothing but a common repository used to store passwords and manage them.

Managing passwords is a pain area in any organization. By using this tool, we have a set of policies and emerging technology where we manage these passwords.

It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization.

We have connected all the endpoints in our organization's servers. This has been an improvement. We are trying to connect any new servers being added into the organization to CyberArk PAM.

When it comes to PAM, it is always about compliance. It has a feature that enables you to access the password in a very secure way using encryption. You also need multiple approvals. For example, if you have access to CyberArk, it doesn't mean that you have access to the server. So, whenever you try to access that server, a request will go to your manager. Once he approves the request, only then will you be able to access the server. These are a few of the features that I like about this solution.

CyberArk PAM provides ease of access based on how they have designed it. It is clearly defined where you have to go and what you have to do. If you are an end user, it is very easy to use and provides a comfort level.

CyberArk PAM is able to find all pending servers that can be integrated, but we cannot get this as a report. We can only see the list of servers on CyberArk PAM. This is a problem that could be improved.

If you are an administrator or architect, then the solution is kind of complicated, as it is mostly focused on the end user. So, they need to also focus on the people who are implementing it.

I started using CyberArk PAM in 2016, so it has been almost six to seven years. I started with version 9, and now it is currently on version 12. So, I have used multiple versions of CyberArk.

Its scalability is good. It is available on-premise and they started having a cloud three or four years back.

Our environment is very small. We are managing around 2,000 users. Whereas, I have seen it managing users of 10,000 to 15,000 servers. We have around 30,000 users, and I have seen that kind of environment, though what I am currently managing is much less. When it comes to the Middle East, it is always regionally focused, it is not international. Our organization is specific to one country and not international.

The technical support is from the US. The only problem is that they reply during their own time zone. It has been a bit difficult to reach them, but we get the answers, they are just a bit delayed.

Neutral

We previously had Hitachi ID PAM. We switched to CyberArk because of the features and interface, where there is a bit of distinct difference between the two solutions. Though, the architecture is the same.

When you do an implementation, it is always challenging internally. While the setup is very easy because they give you tools for installation, you have certain things that you need to keep in mind when you implement it in an organization. These things become a kind of a roadblock. Every time that something comes up that you need to enable from the organization's side, e.g., if you have to unlock a few things on the organization's side, you must go through a process and some teams might not allow you to go ahead with it.

The deployment took three to six months.

For the deployment, we needed a solution architect, two consultants, and two people to work on the BAU. While it depends on your organization's size, we needed around five to 10 people to implement it. 

The ROI depends upon a company's capability to maximize the usage of this application. If you buy something, it is your responsibility to use it at an optimal level.

Previously, the pricing was very meager. They started publicizing and advertising the solution, growing CyberArk, as an organization. They also changed their pricing with that growth, e.g., the pricier the product, the more people who will purchase it.

Bomgar was one of its competitors, now it is called BeyondTrust. Another competitor was Thycotic. 

While CyberArk PAM has survived, it needs to be more flexible. They are currently focusing on the solution's GUI, but rather than the GUI, they need to focus on the solution's internal aspects, e.g., making the steps a bit easier. There are too many things to focus on and be aware of. So, they need to streamline it in a way where it is more compact.

You need to know the sizing of your company and not randomly use it, thinking you may need to use this solution in the future. You need to use most of the features, e.g., if you have 10 features, then your company should use at least seven features of CyberArk. If you are not going to use seven or more features, i.e., if it is below seven, you should not go for this tool.

We were using Secrets Manager for managing a few SSH files, but we are not using it anymore.

I would rate this solution as eight out of 10. CyberArk is a solution to problems being faced by multiple companies and organizations. It removes security threats and vulnerabilities from an organization in a secure way, and your credentials are handled in a secure way. Therefore, it solves this pain area in a company, and that is why I think they are one of the top tools.

We use it to control privileged access within the environment, including domain admins and server admins.

We're using the CyberArk Privilege Cloud version, which is the PaaS.

It provides a one-stop shop for the majority of our administrators to get the privileged access they need. It has enabled us to reduce risk as well, and that is the largest benefit that we've encountered through the solution. We've reduced the number of admins in our environment significantly.

It provides an automated and unified approach for securing access across environments, including hybrid, multi-cloud, RPA, and DevOps, as well as for SaaS applications. For what we're using it for, it's doing all of that seamlessly in one place. It helps us to quickly adapt and secure modern technology, and that's another reason we chose CyberArk. They already had integrations with solutions that we were either moving toward or that we already had. We weren't going to have to do them as customizations.

The ability, with Secrets Manager, to secure secrets and credentials for mission-critical applications means people don't have to go searching for them. They know where they are—they're in CyberArk—so they don't have to go to a separate place. They have one identity to manage, which is their single sign-on identity. From there, they can go into CyberArk to get the access they need. That's an area that has been very helpful. And from a risk perspective, the multifactor authentication to get to those accounts has also been awesome. That helps us to be in compliance, as well as secure.

The Privileged Session Manager has been the most useful feature because we're able to pull back information on how an account is used and a session is run. We're also able to pull training sessions and do reviews of what types of access have been used.

We also use CyberArk’s Secrets Manager. Because AWS is the biggest area for us, we have accounts in AWS that are being rotated by CyberArk. We also have a manual process for the most sensitive of our AWS accounts, like root accounts. We've used Secrets Manager on those and that has resulted in a significant risk reduction, as well. There's a lot to it, but from a high level, we've been able to get some things under control that would have been difficult otherwise.

For DevOps, we've integrated some automation with CyberArk to be able to onboard those systems. There are some native tools like the CFTs that we're using with CyberArk to get CyberArk deployed automatically to them.

It also gives us a single pane of glass to manage and secure identities across multiple environments; a single view with all of the accounts. It's super important for us to be able to see all of that in one place and have that one-stop shop with access to different environments. We have lots of domains because a lot of acquisitions have happened. It's important for us to be able to manage all of those environments with one solution and we do have that capability with CyberArk.

I've been using CyberArk Privileged Access Manager at this company for two years, and all together for the past six years.

The stability is great. We haven't had problems with it.

The scalability is very good. I'm surprised they keep as many logs and video recordings as they do on their side. But scalability hasn't been a problem. If we wanted to scale up, we could certainly do so. All we would have to do is add more servers on our side, with our PSMs (Privileged Session Managers). The way the solution is built out, you can expand it elastically pretty easily.

We have around 400 users right now who are mostly in IT. There are developers, database administrators, as well as our Active Directory enterprise teams, and some of our cloud implementation and infrastructure teams. We have some in incident response people, from information security, who use it as well.

We're looking to expand it in the coming year. We've already started that expansion. It's the developers we're targeting next and there are a lot of them. We're looking at a couple of hundred more users within a year.

If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone. I would rate their support at eight out of 10, whereas the rest of the solution is a nine or 10.

From a technical support perspective, they've been really good. There has just been a little bit of trouble with the database stuff, but that's because ours is a very aggressive deployment. Sometimes, when working with support, they aren't as aggressive as we are.

Positive

I've used Thycotic and Hitachi HiPAM, and we've used some custom in-house build solutions.

The reason we switched is that Thycotic opened up the door to that possibility when we talked about pricing. The price came out to be something similar to what we were spending. We were basically going to have to redeploy the whole Thycotic solution to get what we needed, and that opened it up for us to evaluate the landscape.

There were some complexities about the setup, but deploying a solution like this is going to be complex, no matter what solution you go with. CyberArk did an excellent job of making sure that we had everything we needed. They had checklists and the prerequisites we had to do before we got to the next steps. Although it was complex, they were complex "knowns," and we were able to get everything organized fairly easily.

Our initial deployment took about two weeks.

We broke the deployment into four phases. The first phase was called Rapid Risk Reduction, and with that we were getting our domain admins under control, where we went with domain admin, server admin, and link admin. A part of that was the server administrators and Linux administrators. All of that was part of a very short-term goal that we had. 

Phase two was called risk reduction, where we were focused on Microsoft SQL, the database administrators, and Oracle Database administrators. It also included bringing in some infrastructure support as well. 

Phase three was enterprise-grade security, and with that we've been pushing the network tools and AWS admins, along with some other controls. 

And our last phase, which we've just recently started on, is one where we are going to be pushing hard to get developers onboarded into CyberArk. There are a whole lot of little details that go along with all of that. The initial auto onboarding happened in phase three, but we also have auto onboarding that we're looking to roll out across a larger group.

We implement least privilege entitlements as well. We started out from a high level of not going the least privilege route and, rather, we locked things down in a way that they were managed, at least. Then we started knocking down the least privileged path. You have to start somewhere, and least privilege is not going to be the first option, out of the gate. You're going to have to take stepping stones to the best practices. And that's what we've done. We took this large amount of high-risk access and brought it into CyberArk and then pulled access away over time and have been making things more granular, when it comes to access to the systems. The access within the systems, within CyberArk, is absolutely granular and we have been very granular with that from the beginning.

For maintenance of it we need about one and a half people. My team supports it and, while one full-time person is probably enough to support the solution, my team is split up. The general operations of CyberArk are what take up the most time. The actual running of the solution, from an engineering perspective, is very lightweight; it's hardly anything.

We did not use a third party for the deployment.

We started doing some comparisons of different tools and that's why we ended up switching to CyberArk, after discussions with both Thycotic and CyberArk. When looking at the capabilities, we ended up moving towards CyberArk. We felt it was a more mature solution and that some of the connectivity and reporting was done in a way that we would prefer, for a company of our size.

Thycotic is a good tool. A lot of IT people already understand the structure of how it runs. The upgradability is nice as well. You can just click an "upgrade" button and it upgrades the solution for you. The cons of Thycotic include the way that the recorded sessions are done. In addition, proxy server connections were not available. Maybe they are now, but at the time we were building out custom connectors and we had to go through a third party to get those developed. It was very bad and every step of the way was like pulling teeth. That really soured our relationship with them a bit because we couldn't seem to execute with that solution. When we started talking with them about what we needed it to do to make things easier, they ended up recommending a full redeploy. That's not ideal under any circumstances for anyone. That's why we took a step back and evaluated other solutions.

With CyberArk, some of the pros were that their sales team and engineers were very quick to come in and help us understand exactly what we needed. The deployment timeframe was  also much shorter. We didn't have to work through a third party, as we would have had to with Thycotic. And the type of relationship we've had with CyberArk is one that I wish we had with other vendors we use. They've been phenomenal working with us.

CyberArk's abilities are amazing. We're just starting to hit some limits, but we're able to get through the majority of them. Some of the database stuff is a little bit more involved. The other things, like cloud and all of the Linux and Windows, have not been a problem at all. It's not that the database stuff is a problem, but it's just more complex.

If you want to talk about CyberArk providing an automated and unified approach for securing access for all types of identity, "all types" is a strong claim. I wouldn't ascribe "all types" of identities to anything. But for everything that we're doing with it, it has been a great tool and it's doing that for us.

The solution is used to provide privileged access management to our datacentre environments, for anyone with admin rights with infrastructure or applications within the datacentres. Authentication to the solution in the PVWA (Password Vault Web Access) with onward connectivity via the PSM for Windows (PSM) as well as the PSM for SSH (PSMP). These provide the session isolation, audit, and session recording capabilities that CyberArk offers. The use of Privileged Threat Analytics (PTA) adds more control functionality to the solution.

The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution. 

This includes sessions via the solution and sessions to administer the solution itself. From a user perspective, we no longer need to try and create or remember complex passwords or have to be concerned about when they will change as the solution takes care of this and can and does populate these credentials for you so mistyping a complex password is a thing of the past.

Password management is a great feature, as all passwords are changed more frequently. This can be scheduled in line with a specific policy requirement or each time the credentials are returned to the pool for reuse and are always compliant with the password policy however long or complicated the policy states that they need to be. 

Another great feature is the Privileged Threat Analytics (PTA) as this can stop a session based on prescribed risk and bring it to an end or pause it pending approval to proceed.  

The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow. That said, it has been moving in the right direction with features becoming available in the v10 interface and some user features are available in both classic and v10 interfaces. I would love to see all the classic interface features moved into the v10 interface or available in both interfaces within the next version. 

I've used the solution for about eight years.

The solution has been very stable.

The solution performs well, however, based on the user base may require a sizable footprint.

Support does vary depending on how critical your issue is and if it needs to be elevated to dev support.

Positive

Our previous solution was not a PAM solution and these days you can't afford to not use one.

The setup is not complicated when trained staff are used.

We handled the initial setup in-house.

Set-up costs can be minimized by controlling the number of applications that are made available within the solution. The newer licenses are per user and open up access to a suite of products, the best value, and security can be achieved by using more of the products.

We looked at other products like Delinia and Wallix.

Take advantage of the vendor's training or use a good partner to provide support and administration.

Previously, we used to share passwords for service and normal admin accounts among team members. However, since we started managing it through the product, we've transitioned to individual admin accounts or implemented dual control for shared accounts. With dual control, exclusive checking and checkout options are available, and passwords are not stored in clear text anywhere in the credentials.

The solution's most valuable features are automatic password rotation, privilege manager, and secret manager. Previously, IT personnel had admin rights on their regular accounts, allowing them to log in to domain controllers. However, this posed a security risk as compromised accounts could grant unauthorized access to domain controllers. To mitigate this risk, we implemented separate DA accounts for IT staff. These DA accounts were restricted from logging in to domain controllers and did not have associated email addresses. They were dedicated AD accounts solely for accessing domain controllers, and the solution handled their management.

Previously, manually rotating admin credentials was a time-consuming task. However, implementing the tool's automatic password management feature has made this process easier. We've configured defined policies within the solution to dictate when these credentials should be changed.

The tool's UI has bugs and lags. It needs to be improved. The deployment process can be complex due to multiple components for various functionalities, each requiring separate infrastructure management. To simplify this process, consolidating all these components into a single platform could be beneficial. The product's pricing could be cheaper. 

I have been using the product for eight to nine years. 

I rate the product's stability a seven out of ten. 

I rate the tool's scalability a seven out of ten. 

The tool's support gets worse each year. Support is outsourced to smaller companies, which doesn't work fine. Its support was good eight to nine years back. Over the years, it hasn't improved but degraded. 

Negative

I work with BeyondTrust. BeyondTrust's UI and support are good and never lag. BeyondTrust is also cheaper. 

CyberArk Enterprise Password Vault's implementation timeline largely depends on the size and complexity of the infrastructure. A smaller infrastructure with around a thousand servers can typically be implemented within a week or two. However, the implementation process may extend to four or five months for more extensive infrastructures with tens or hundreds of thousands of workstations and accounts. The tool's transition into a security-focused product necessitates strong integration with security orchestration platforms. Prebuilt packages with ready-made integrations are required instead of developing everything from scratch. It lags in automation. 

We have seen 40-50 percent improvements after using the solution. 

I rate the product a seven out of ten.