No more typing reviews! Try our Samantha, our new voice AI agent.
DerrickAkankwasa - PeerSpot reviewer
Cyber Security Engineer at Isolutions Associates Ltd (ISOLS)
Real User
Top 5Leaderboard
Mar 7, 2025
Improved security infrastructure and reduced risks through comprehensive credential management
Pros and Cons
  • "I find the discovery feature, which includes credential management, session management, monitoring, and remediation within a session, to be very valuable."
  • "CyberArk is a pioneer for PAM; they've always been the leader in terms of research and development and bringing new capabilities to the PAM."
  • "Improved user-friendliness, granularity, and functionality would enhance the product further."

What is our primary use case?

My company partners with CyberArk. I come from a service provider standpoint, so I don't use CyberArk within my company, however, I implement and support it for customers. 

Through the CyberArk partnership, I am certified in CyberArk. I perform activities such as demonstrations, presentations, deployments on-premises, and cloud solutions. 

CyberArk is now a comprehensive identity security solution. My interaction with CyberArk is mostly on the implementation side for our customers, focusing on design and integrating it into customer environments.

It's used in industries such as banking and finance. 

What is most valuable?

I find the discovery feature, which includes credential management, session management, monitoring, and remediation within a session, to be very valuable. It can remediate bad activities occurring in sessions. It offers good management and monitoring as well as good remediating within a session to help users remediate within managed sessions. There's good auditing and activity monitoring.

The session monitoring helps enhance security protocols. With it, users can have more control over what's happening within the session. You have more visibility and can restrict certain activities from happening, such as someone running a malicious command or someone trying to open or edit some sort of platform configurations. You can also send notifications and remediate or terminate sessions. Monitoring helps you build in polices around how to build polices around what's happening within a session.

The implementation of CyberArk impacted our customers' compliance with the regulatory standards in a positive way. Now customers are very happy since they can ensure credentials are compliant. In terms of password management complexity, since they're managing everything through CyberArk, they're able to create complex passwords. The user doesn't really need to remember passwords since the session is entirely being launched through CyberArk. That means that they're able to have much more compliant account management within an organization. They're also able to run reports as well as activity and compliance reports in terms of data related to accounts. It is much easier when you have a tool that manages that. Before CyberArk, having reporting and visibility around usage of accounts was really tricky. In terms of compliance, it's able to cover that by giving just a whole overview of accounts within the organization. 

CyberArk incorporates AI to improve Privileged Access Management. It's consistently improved as well. They do have a previous threat analysis analytics engine, which also can ingest logs from a SIEM solution if it's in place at the customer site. It's able to ingest this information and then give much more correlated security events. This module, the privileged analytics, is able to utilize behavior analytics and AI-related capabilities to be able to give security alerts to the teams. They can action alerts, or even automate to be able to have things blocked or terminated. For example, if someone changes their location. It has a geolocation that's able to then trigger maybe a password or QR code or email with a verification code to check it's that person. It utilizes AI capabilities or behavior analytics capabilities to have capabilities like that enforced.

It has the most plug-ins. Maybe thousands. So in terms of integration within different customer environments, it's much easier compared the competition. CyberArk a pioneer for PAM. They've always been the leader in terms of research and development and bringing new capabilities to the PAM. It will be able to cover 99.9% of most use cases.

What needs improvement?

In terms of improvement, since I am familiar with the product, there are no major issues. 

However, customer feedback suggests that unless it's on-premises, complaints about resources are justified as it enhances security with multiple functionalities. The managed cloud deployment option by CyberArk is easier to manage. Resource issues could be mitigated by choosing this option. 

I suggest adding more plugins and systems, which are often introduced later. Essentially, as long as capable personnel manage it, the solution works well. 

They should continue refining it and adding more dashboards and reporting features. Improved user-friendliness, granularity, and functionality would enhance the product further.

For how long have I used the solution?

I have been using the solution for maybe four or five years. I would say it's closer to four years.

Buyer's Guide
Idira Privileged Access Manager
July 2026
Learn what your peers think about Idira Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,836 professionals have used our research since 2012.

Which solution did I use previously and why did I switch?

At the moment, I work with CyberArk mostly. I haven’t interacted much with other solutions like Imperva, as other engineers have taken over those responsibilities.

What about the implementation team?

We are resellers, working ideally with partners, and I am certified with CyberArk. I am a certified delivery engineer for CyberArk PAM, and my experience is vast with the projects and teams I've been involved with.

What was our ROI?

When looking at Privileged Access Monitoring, many IT administrators have access to numerous privileged accounts, which increases the attack surface. CyberArk's PAM solution manages these credentials, providing value by reducing risks like data breaches or financial losses. The return on investment lies in improved security infrastructure, addressing over-privileged access, and reducing the risk of credential compromise, which is a major source of data breaches.

What other advice do I have?

We're a service provider and offer services to customers that acquire CyberArk. I come from a design perspective for those implementing CyberArk. 

The company is open and shares information with partners. They inform us about new versions and allow enhancement requests through a portal. Many enhancements have come through this channel. If they keep going this way, everything will be good with CyberArk. 

I'd recommend the solution to others. 

Overall, I would rate the product nine out of ten. They've been the leader in PAM for maybe six years.

Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
PeerSpot user
Manuel Carrillo - PeerSpot reviewer
Security Consultant at Silver Bullet IS Consulting
Real User
Top 5Leaderboard
Jul 25, 2025
Privileged access management achieves full control with comprehensive features
Pros and Cons
  • "CyberArk Privileged Access Manager has several valuable features; the basic feature is privileged access management with all the processes and procedures that are needed, and it does everything that is needed to provide a PAM project or program."
  • "When they took it to the cloud, they started cutting things out."

What is our primary use case?

For CyberArk Privileged Access Manager, use cases are providing just-in-time privileged access. The most simple use case is hosting all privileged credentials in a secure manner and managing and controlling access to those credentials. Therefore, controlling access to privileged endpoints is the usual thing that will be done with PAM.

What is most valuable?

CyberArk Privileged Access Manager has several valuable features. The basic feature is privileged access management with all the processes and procedures that are needed. It has all the relevant features required to provide a PAM project or PAM program. It does everything that is needed. A tangible benefit is that we already have full control of privileged access. We have just started and have onboarded all privileged accounts into the system.

What needs improvement?

I have noticed areas of CyberArk Privileged Access Manager that could be improved or enhanced in integration with automation tools. It's not quite the same in the cloud, the Privilege Cloud version. The on-premises version allows users to do absolutely everything. When they took it to the cloud, they started cutting things out. The other issue with CyberArk is that they are marketing their new product, SIA, which is based on Privilege Cloud. Users still need to have Privilege Cloud to achieve the same level of functionality as the on-premises version.

We are still early in the roadmap and haven't progressed far enough to identify additional needs. When organizations reach the end of their maturity roadmap, they can better identify specific tool requirements that aren't currently available.

For how long have I used the solution?

We have been deploying CyberArk Privileged Access Manager for two years now and counting.

How are customer service and support?

The evaluation of customer service and technical support for CyberArk Privileged Access Manager depends on several factors. When receiving support directly from CyberArk, they are the most knowledgeable, though they don't always have immediate solutions as they might need to create them, which can take considerable time. For instance, the Ansible integration for the cloud version has been requested for years.

When working with CyberArk partners for support, it's crucial to ensure they have actual knowledge and aren't just acting as middlemen. There have been instances where third parties are hired to provide first and second line support, but they simply forward requests to CyberArk without adding value to the process.

How would you rate customer service and support?

What about the implementation team?

We used a deployment partner recommended by CyberArk for the deployment and maintenance process. One crucial step that should be done first is creating an inventory of how privileged access is currently handled and where it is needed. Without this inventory, you might deploy CyberArk and realize it doesn't work with your existing architecture or infrastructure.

Our implementation team consisted of approximately 15 people, including architects, engineers, application owners, network specialists, Windows and Linux administrators, database administrators, and cloud specialists. While maintenance requires fewer people, input from all these stakeholders is crucial for successful implementation as they each have different requirements.

Most importantly, this needs to be a management-driven initiative with a top-down approach. Management must establish new working methods, as the biggest barrier to acceptance is typically resistance to changes in working procedures.

For ongoing operations, the staffing requirements depend on the company's operations. Typically, 24/7 coverage requires at least three people per shift in a follow-the-sun model. This accounts for first and second line support only, with additional staff needed for server maintenance, totaling around nine people.

What other advice do I have?

The primary problem addressed by implementing CyberArk Privileged Access Manager is the lack of control over privileged access - where it happens, how it occurs, and what is done with that access. When attempting to attack an enterprise, attackers target the highest-privilege credentials available. Therefore, protecting the most critical credentials within your organization is essential.

For those planning to deploy CyberArk Privileged Access Manager, it's crucial to understand that it's a multi-year program. It's not just about deploying the tool; it needs policies and governance around it. Additionally, infrastructure modifications are necessary to ensure PAM is the only way to provide privileged access to endpoints.

It's a great product that does everything required from a PAM tool. I would rate CyberArk Privileged Access Manager as a nine out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Idira Privileged Access Manager
July 2026
Learn what your peers think about Idira Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,836 professionals have used our research since 2012.
Consultant at a tech vendor with 11-50 employees
Reseller
Top 5
Mar 7, 2025
Helps monitor activities and rotate passwords, also it's very customizable
Pros and Cons
  • "The features that are most effective, like every PAM solution, include monitoring and password rotations."
  • "The solution is very stable."
  • "There are some options in the web portal where they can improve the user experience. For example, in remote, there is a parameter called 'access to remote machine.' When we put host names in that field, we are not able to search it. It"
  • "There is a lot of complexity if we are installing the solution on-premises."

What is our primary use case?

Our main use cases are to monitor all privileged accesses. It can be HTTPS, LDAP, SSH, or SQL management, so anywhere we have privileged access, we want to monitor it and place it under CyberArk.

How has it helped my organization?

Its monitoring capabilities are good. Whenever the end users start their session, it quickly allows you to monitor. However, if there are no firewall rules, it creates a video, but it does not take all the audit logs. For audit logs, you need firewall rules. It is very well described in their documentation. At the start, they communicate this to clients. The documentation is well-defined.

What is most valuable?

The features that are most effective, like every PAM solution, include monitoring and password rotations. 

The best thing about this solution, especially on-premises, is that we can interact with it directly. If we need to develop something, we are allowed or can do it by ourselves, which is most effective for us as administrators. It is not a black box. We have the ability to customize, especially the connection components.

What needs improvement?

There are some options in the web portal where they can improve the user experience. For example, in remote, there is a parameter called 'access to remote machine.' When we put host names in that field, we are not able to search it. It would be useful if a search feature was there to check if a machine is already onboarded. When we onboard a few machines in the same domain using just one account, we put the domain name in the address field and host machine names in the remote access parameter. However, we are not able to search within that field, which makes it difficult for us as admins to know if a machine has already been onboarded.

Other than that, I do not have any areas for improvement. Whenever we find any bugs or have a need for a feature, we open a ticket with them. They usually work on that if the same request has also come from other people. They are already good at doing that.

For how long have I used the solution?

I have been working with CyberArk for almost six to seven years.

What do I think about the stability of the solution?

The solution is very stable. If you install the solution with CyberArk's guidelines, it remains stable. I also offer 24/7 services, and in three years, I have received two or three calls from clients indicating the solution was not working. It means the solution is very stable.

What do I think about the scalability of the solution?

It is scalable. If a client has 100 users and wants to add 100 more users, it is possible. They can make it bigger and smaller, depending on their needs.

Our clients are medium enterprises.

How are customer service and support?

Their technical support is good. They provide solutions and also the documentation if you ask. If you cannot find something, they point you to the right documentation. With support, I have never found any problems.

How would you rate customer service and support?

Positive

How was the initial setup?

There is a lot of complexity if we are installing the solution on-premises. On the cloud, there is no such complexity, but on-premises, it is complex because there are different components like Vault, PVWA, PSM, and CPM. There are many components, and we need to follow a sequence to install these products. One needs a good knowledge of these components to install because we cannot just follow the documentation and install it. The documentation is vast. First, we need to read all of it. For first-time users, it is a bit difficult, but with experience, it is not a big deal. In terms of ease of use, I would rate it a six out of ten for on-premises and a nine out of ten for the cloud.

The deployment model depends on the clients. Our clients from banks usually use it on-premises. Clients in other fields do not want to install the machines on-premises because that is resource-consuming, so they go for the cloud deployment.

With the cloud deployment model, the clients need to deploy fewer components in their infrastructure. Vault and PVWA are already in the cloud, but other components like PSM, CPM, and PSMP are on-premises. It is not that all the infrastructure is on the cloud. There are a few components that are on-premises. However, in the case of on-premises, all the components are on-premises inside the infrastructure of the client, and they are responsible for maintaining that.

What was our ROI?

Our clients have seen an ROI.

What's my experience with pricing, setup cost, and licensing?

If you want a Ferrari, it will cost you. The solution is really nice, so it costs the client, but in the long run, it is very good. If you buy a solution that costs a lot to maintain because it is not stable, and you are frequently asking for consultant support, it costs more. It is better if the client spends a little more money initially. In the long run, it is very good.

What other advice do I have?

My recommendation depends on your needs and what you want to achieve. If you just want SSH, LDAP, and basic monitoring, you can consider other solutions like Wallix or One Identity, which cost less. If you need a lot of customization, such as you want to put in a lot of HTTPS ports and change the passwords of internal applications, this solution is much better than others. 

I would rate it a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer.
PeerSpot user
Mohammad Jasim - PeerSpot reviewer
Senior Information Security at a non-profit with 501-1,000 employees
Real User
Top 20
Feb 4, 2025
A comprehensive solution for securing our environment but it could be more user-friendly
Pros and Cons
  • "It has a lot of good tools, including everything we need."
  • "CyberArk Privileged Access Manager is cool."
  • "It could be more user-friendly. Sometimes I encounter issues, and I do not know what the issue is. It takes a lot of time to find the error and fix it. Sometimes it gives an error, but I do not know what the error is. I have to find the documents, but it does not provide all the details needed to fix the error. This is one of the day-to-day issues with CyberArk."
  • "It could be more user-friendly. Sometimes I encounter issues, and I do not know what the issue is."

What is our primary use case?

I am an admin, and I use this solution for all our users. We have 80 users in our environment.

How has it helped my organization?

By implementing CyberArk Privileged Access Manager, we wanted to secure our environment and track everything.

We were able to realize its benefits within four to five months of its deployment after we had onboarded everything.

What is most valuable?

CyberArk Privileged Access Manager is cool. It has a lot of good tools, including everything we need. 

What needs improvement?

It could be more user-friendly. Sometimes I encounter issues, and I do not know what the issue is. It takes a lot of time to find the error and fix it. Sometimes it gives an error, but I do not know what the error is. I have to find the documents, but it does not provide all the details needed to fix the error. This is one of the day-to-day issues with CyberArk. 

When I contact support, it takes a long time to get help. They request all these logs, but they are not always relevant to my case. It is not always a definite help because I sometimes need help with issues that do not require any logs or device details. I am not sure if they read the case or not.

For how long have I used the solution?

I have been using CyberArk Privileged Access Manager for four years.

What do I think about the stability of the solution?

It is good. We had a ten-minute outage last month. That is all. We do not know the reason. 

It is reliable.

How are customer service and support?

CyberArk's support quality has to improve because we are totally dependent on them. I would rate their support a five out of ten.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I used to use Okta. CyberArk Privileged Access Manager has more features.

How was the initial setup?

We had a third-party professional service that helped us to install it. It took about four or five months. To deploy, we worked with three people.

It does not require any maintenance. We just have to do the day-to-day operations work.

What other advice do I have?

New users should have training before they sign up for CyberArk. CyberArk should provide mandatory training so that everyone implements it properly. Sometimes, new users do not know what is going on, and they open a ticket, which might be an issue from their end. CyberArk should have a new user training service so that everyone is familiar with it.

I would rate CyberArk Privileged Access Manager a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Coordenador at a computer software company with 1,001-5,000 employees
Real User
Top 10
Jun 10, 2025
Provides secure access and visibility, and it's highly configurable
Pros and Cons
  • "It's user-friendly and very configurable. We can do many things with it, especially with password management."
  • "CyberArk Privileged Access Manager's abilities to safeguard the infrastructure are important, as protecting credentials provides us with security and visibility."
  • "Making the reports more editable would be beneficial."
  • "It's not a cheap application. It's very expensive."

What is our primary use case?

The use cases for CyberArk Privileged Access Manager include access to Windows, Windows servers, Linux servers, firewalls, clouds, GCP, AWS, and Azure, but I do not administer the clouds. I only administer CyberArk.

How has it helped my organization?

CyberArk Privileged Access Manager helps us maintain an inventory of our privileged credentials and manage password rotation easily for our organization. It provides a secure way to access and monitor.

CyberArk Privileged Access Manager has positively impacted visibility into the PAM accounts. It has a very good dashboard that provides visibility into our accounts and password information.

CyberArk Privileged Access Manager's abilities to safeguard the infrastructure are important, as protecting credentials provides us with security and visibility.

CyberArk Privileged Access Manager is effective for preventing attacks and threats. It's very effective since it connects to a SIEM, such as Splunk and ArcSight. The functionality called PTA, Privileged Threat Analytics, is very good.

CyberArk Privileged Access Manager integrates well with other products.

CyberArk Privileged Access Manager improves operations because it's all centralized. When you have CyberArk to gain access to the admin console and other applications, it's the easiest way to configure your firewall rule because everything comes from CyberArk.

What is most valuable?

It's user-friendly and very configurable. We can do many things with it, especially with password management. It's easy to manage, and the controls are straightforward. It's a specialized solution for which it's hard to find professionals to work with, but it's very effective.

It's a very good solution for data privacy.

What needs improvement?

The reports could be more editable. I want to be able to edit a dashboard to see other information or graphics. Making the reports more editable would be beneficial.

For how long have I used the solution?

I've been using this solution for at least five years.

How are customer service and support?

I would evaluate the customer service and technical support of CyberArk Privileged Access Manager as very good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I worked with Senhasegura, which is a Brazilian application for password security. We switched to CyberArk Privileged Access Manager because it is recommended for larger environments.

How was the initial setup?

The initial setup is easy. I was involved in the setup process and was part of it.

It takes six months for the full implementation in a big company.

What about the implementation team?

The deployment team consisted of approximately 10 people. While I don't know the exact job titles, a manager and at least two engineers on the CyberArk team were required.

What was our ROI?

CyberArk Privileged Access Manager has helped our organization save on costs. CyberArk Privileged Access Manager is expensive, but it helps protect us from losing money. 

Its benefits are visible immediately after the deployment, but in Brazil, people generally implement CyberArk Privileged Access Manager after an incident.

What's my experience with pricing, setup cost, and licensing?

It's not a cheap application. It's very expensive.

What other advice do I have?

Don't wait to be attacked or lose your data. Protect your credentials, even if you use other security tools. 

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Technical Support Analyst at Capgemini
Real User
Top 10
Mar 7, 2025
Offers comprehensive session monitoring and is worth the price
Pros and Cons
  • "Session monitoring includes recordings of all activities performed."
  • "It is a leading solution and one of the best SaaS solutions in the market."
  • "Their support can be better. Their SLA timings are higher than others."

What is our primary use case?

The use cases include end-to-end privileged access and session management and complete password rotations. All the privileged accounts are secured within the vault, monitored, and rotated from there.

How has it helped my organization?

It helps manage non-human or application accounts used in scripting or containers. All can be managed in CyberArk. They have Secrets Manager as well.

What is most valuable?

Session monitoring includes recordings of all activities performed. For instance, if I connect to a server, whether it is Windows or Linux, and perform some activities, all actions are recorded. It is a video recording.

It can integrate with Splunk, SNMP, and other solutions and technologies. We have integrated it with Splunk for the audit logs.

What needs improvement?

Its price might be high for some people, but the quality is top-notch.

Their support can be better. Their SLA timings are higher than others. If Delinea has an SLA time of three days, CyberArk is going to have an SLA time of five days. They do not breach the SLA. 

For how long have I used the solution?

I have been working with this solution for around eight years.

How are customer service and support?

Support is available through different models, depending on the license agreement. Dedicated customer support personnel can be assigned to specific clients. Additionally, professional service hours are available for purchase.

Typical case resolution can take between a week and two weeks, although priority cases may be resolved in a day. There are different levels of support. Initially, a case goes to a level one engineer. If unresolved, it escalates to level two and then to R&D if needed.

CyberArk has a large number of customers. If you compare it to other vendors, they are doing better than CyberArk because their numbers are less, so they are able to support in a better way. With CyberArk, we have a longer waiting time.

How would you rate customer service and support?

Neutral

How was the initial setup?

There are two models: on-premises and cloud. For on-premises, we have virtual machines hosted on Hyper-V, but physical servers are recommended by CyberArk. Installation requires technical expertise.

SaaS deployment is faster than on-premises because most of the components are handled by CyberArk. The deployment is faster in SaaS, but the cost of SaaS is a bit high. They have different licensing costs.

What was our ROI?

From my perspective, the capabilities the tool provides match the investment. For small businesses, the price is fair compared to other tools. While the cost may be higher, I believe it is a top-tier solution.

What's my experience with pricing, setup cost, and licensing?

It is a leading solution and one of the best SaaS solutions in the market. CyberArk is good at what they do, and the price reflects that. You have to pay the price for the same.

The price can vary based on the capabilities you need. We are paying a fair price for our environment. Compared to other solutions, its price can be high, but you are getting the best solution available in the market.

For 1,000 SaaS licenses, 100K euros might be required.

What other advice do I have?

I would rate the solution a nine out of ten.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer2619339 - PeerSpot reviewer
Senior Manager at a energy/utilities company with 1,001-5,000 employees
Real User
Top 10
Dec 18, 2024
Achieves effective privileged access management with comprehensive password and session management
Pros and Cons
  • "For me, CyberArk Privileged Access Manager's most valuable features are password and session management."
  • "I would rate CyberArk Privileged Access Manager nine out of ten."
  • "CyberArk could enhance its usability by simplifying its architecture and design."
  • "CyberArk Privileged Access Manager is more expensive than its competitors, such as BeyondTrust, Delinea, and ManageEngine PAM360."

What is our primary use case?

My primary use case for CyberArk Privileged Access Manager is managing privileged access across the organization. I focus on auditing compliance and ensuring compliance with financial systems like SAP.

How has it helped my organization?

The benefits of CyberArk Privileged Access Manager are typically realized over time, often facing initial resistance from various teams within an organization. While security, audit, and governance teams readily recognize the value of CyberArk, platform teams, and other stakeholders may resist its implementation. This necessitates a concerted effort to sell CyberArk internally, emphasizing its benefits and addressing concerns. Convincing internal stakeholders can be more challenging than securing buy-in from security or IT teams, often requiring three to six months after deployment for the benefits to become evident and widely accepted.

What is most valuable?

For me, CyberArk Privileged Access Manager's most valuable features are password and session management. It also includes technologies like Zero Standing Privileges and EPM, which I deploy for customers to demonstrate the return on investment.

What needs improvement?

CyberArk could enhance its usability by simplifying its architecture and design. Additionally, incorporating automated onboarding and offboarding features directly into the product would reduce the maintenance burden on administrators.

For how long have I used the solution?

I have been using CyberArk Privileged Access Manager for eight years.

What do I think about the stability of the solution?

I find CyberArk to be quite stable. Exceptions occur mostly due to user errors. It has a large customer base and positive feedback within my network.

What do I think about the scalability of the solution?

On-premises scalability is challenging for me due to deploying various components on different servers, but I find SaaS to be more promising in scalability.

How are customer service and support?

In my experience, the quality of support has been inconsistent. Response times seem to correlate with the strength of the relationship with the CyberArk account manager, with quicker responses when rapport is strong.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I worked briefly with BeyondTrust but returned to CyberArk, which has been my primary focus.

How was the initial setup?

In SaaS, most tasks are abstracted, reducing the workload compared to on-premise solutions where tasks like network configuration, connectivity, SSL certificates, and management fall on the user. However, SaaS solution eliminate the overhead of building VMs and similar infrastructure. Overall effort for both approaches is comparable, but SaaS offers the significant advantage of CyberArk managing the underlying infrastructure, including the vault and web interface, a feature most customers prefer today.

Initial setups were challenging for me at first, but with experience, they became more manageable. It generally requires reviewing documentation and seeking initial support from CyberArk. The deployments take between three and six months.

What about the implementation team?

Implementation involves a project team with a project manager and Windows engineers for tasks like VM provisioning. Typically, I have executed projects primarily by myself, sometimes with minimal assistance from junior resources.

What's my experience with pricing, setup cost, and licensing?

CyberArk Privileged Access Manager is more expensive than its competitors, such as BeyondTrust, Delinea, and ManageEngine PAM360. While ManageEngine PAM360 offers similar flexibility and support at a lower cost, CyberArk's SaaS solution is particularly expensive. This high price point has discouraged many customers from migrating from on-premise solutions to the CyberArk SaaS platform.

Which other solutions did I evaluate?


What other advice do I have?

I would rate CyberArk Privileged Access Manager nine out of ten.

CyberArk manages the maintenance for the Privileged Access Manager.

Organizations must ensure users understand the importance of PAM and how it secures infrastructure. Training sessions, workshops, and demos are crucial for building user engagement and overcoming initial resistance.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Saransh Sondhi - PeerSpot reviewer
Senior Manager at a consultancy with 11-50 employees
Reseller
Top 20
Dec 22, 2024
Privileged Session Manager offers session recordings, logging, and tracking of user activities
Pros and Cons
  • "The feature that I like the most is the Privileged Session Manager. It offers session recordings, logging, and tracking of user workstreams."
  • "Based on the user experience that I see on a day-to-day basis, some changes could be made to the Privileged Session Manager tool to make it more user-friendly. The user interface of that tool could be more advanced and understandable to laymen, rather than being more of a developer tool."
  • "If CyberArk wants people to pay for cloud services, they need to make the cloud services much more real-time."

What is our primary use case?

I am a senior manager, and we have multiple clients for whom we deploy CyberArk Privileged Access Manager. We also manage or upgrade their instances. We handle migrations and new implementations. We take care of anything related to CyberArk.

What is most valuable?

The feature that I like the most is the Privileged Session Manager. It offers session recordings, logging, and tracking of user workstreams. It keeps a record of activities, allowing me to easily fetch screen recordings to detect any misuse and see who did what and what happened. Its benefits can be seen immediately after the deployment.

What needs improvement?

Based on the user experience that I see on a day-to-day basis, some changes could be made to the Privileged Session Manager tool to make it more user-friendly. The user interface of that tool could be more advanced and understandable to laymen, rather than being more of a developer tool. I would recommend more user-friendliness there.

CyberArk is more focused on the cloud solution. They are not going towards on-prem, but a lot of clients still like the on-prem solution. With the cloud implementation, you have a lot of dependencies on expert services. When you get into some issues, you have to wait for expert services. They usually reply in two to three days. That is something CyberArk needs to make better. If they want clients to move to the cloud, they need to support them in real-time. The client should not be waiting for two days to get a response for the issue. If CyberArk wants people to pay for cloud services, they need to make the cloud services much more real-time.

For how long have I used the solution?

I have been using CyberArk Privileged Access Manager for approximately six years.

What do I think about the stability of the solution?

CyberArk Privileged Access Manager is a stable solution. I have never faced any issues with stability.

What do I think about the scalability of the solution?

CyberArk Privileged Access Manager is a scalable solution.

How are customer service and support?

I have contacted their support a lot of times. The quality of support is okay, but the time frame for replies should be much faster than it is currently.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have not used any similar solution for PAM. However, for managing the accounts, we have used some password management solutions such as 1Password, but they do not give you the accessibility and different components that PAM provides. They are just for password storage and keeping the passwords safe. A PAM solution from CyberArk or BeyondTrust solution provides a lot more than that, so we cannot compare them. There is no comparison.

How was the initial setup?

I have deployed it both on the cloud and on-prem. My one client is on-prem, and another one is on the cloud.

The initial deployment depends on how extensive it is. For one client, it was quite easy, but after the deployment, it was tricky to deploy the components for AEM, EP, and CCP. On-prem implementation is much easier than the cloud. Cloud solutions require better and more immediate support. Cloud deployment is challenging due to dependencies on expert services.

It requires a bit of maintenance but not that much. Once you deploy the solution, it works, but there are always new upgrades. For example, if you deploy a web connector for web applications and Chrome releases an upgrade, you have to see whether CyberArk is supporting that upgrade or not. Accordingly, you have to update the drivers and other things for the web applications. The same goes with PSMP and SMP. If there are any version upgrades or any vulnerability patch fixes, you have to perform maintenance.

What about the implementation team?

We help customers deploy it.

The duration depends on how big the instance is. To deploy all the components, the duration can range from three to six months.

It can be deployed by one person, but it also depends on how many instances of servers you are deploying, what is the concurrent usage, how many users are being onboarded, and what components you have. There is PSM. There is EPM and PSMP. It depends on what exactly the client requires. These are some factors that determine the time frame and number of people required.

What's my experience with pricing, setup cost, and licensing?

From a client perspective, CyberArk's pricing is fair but there is a significant increase each year. They should limit the price increase because this could potentially drive customers to other partners. Price changes should be at defined intervals. There should not be sudden jumps.

What other advice do I have?

I would rate CyberArk Privileged Access Manager an eight out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
reviewer2699367 - PeerSpot reviewer
Sr IT Security Spec at a financial services firm with 5,001-10,000 employees
Real User
Top 20
Apr 28, 2025
Provides good control over privileged access but users sometimes experience lagging
Pros and Cons
  • "CyberArk Privileged Access Manager has made our operations more streamlined. There is an approval process, so it helps us keep tabs on who's working on what and for how long."
  • "Occasionally, there are lagging issues. Sometimes users have to re-login. When users copy passwords, there is sometimes a lag, so they have to log out and log in, but these are very rare cases."
  • "The solution that they proposed was not straightforward because of the backend processes of CyberArk."

What is our primary use case?

We use CyberArk Privileged Access Manager to manage privileged access, so all the privileged accounts are vaulted in CyberArk, and that's our control method to manage privileged access. We also manage access for developers, so we have dual control to give approval to developers.

How has it helped my organization?

CyberArk Privileged Access Manager has made our operations more streamlined. There is an approval process, so it helps us keep tabs on who's working on what and for how long. We also have to give a reason when we're using privileged accounts, which helps keep track of whether they're being used correctly. 

It's been good so far in safeguarding the infrastructure, but we've not used additional features of CyberArk Privileged Access Manager. Modern PAM with secure web sessions or secure infrastructure access is something that I learned about at the conference. I am curious about how we can use it.

It has not helped to reduce the number of privileged accounts. Whatever we find privileged in the environment, we want to control that by using CyberArk Privileged Access Manager. That's how we're able to control it. It has helped us identify privileged access better because we discovered users who didn't need privileged access. There have been cases where users with privileged access don't want their accounts in PAM because they need to pick up the password on a daily basis to perform their actions. There have been cases where they've gotten their privileged access off the account because it's not needed.

The user interface needs some training, but with a guide telling the user how to go about it, we have received positive feedback from whoever has used it.

It took us some time to realize its benefits because any new tool needs a proper understanding of how it can be used. A lot of testing was done on the engineering side, and demos were given. It took some time, but it is going smoothly.

What is most valuable?

Given that this is the only tool that I've worked with for the control process of privileged access, I don't have anything to compare it with. However, it's helped us keep our privileged access in check. We're able to get logs as to when the user checks out an ID and for how long, so it's a good monitoring tool.

What needs improvement?

They covered a lot at the conference. I don't have visibility into what product we've bought. It would be nice for them to approach us with what we have bought versus the new features being added. We need clarity on whether new features come included in the package that we already have, or if it's something that we need to have over and above.

Occasionally, there are lagging issues. Sometimes users have to re-login. When users copy passwords, there is sometimes a lag, so they have to log out and log in, but these are very rare cases.

For how long have I used the solution?

I've been using it for about 5 years.

What do I think about the stability of the solution?

Occasionally lagging occurs. I've not heard about crashing, but there is a lag. Sometimes users will have to re-login and get it right.

How are customer service and support?

The team that I work with is our in-house engineering team. I've had a conversation with CyberArk once last year revolving around efficiently generating the inventory reports. I contacted the technical support, but I didn't get a very straightforward solution that I was expecting.

We were developing a dashboard to find all the privileged accounts that weren't vaulted in CyberArk. We wanted the inventory report to be generated on a daily basis, but were having some trouble. We reached out to their technical support. The solution that they proposed was not straightforward because of the backend processes of CyberArk. We had to approach it in a different way.

How would you rate customer service and support?

Neutral

What other advice do I have?

I would rate CyberArk Privileged Access Manager a seven out of ten.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer2694921 - PeerSpot reviewer
Works at a consumer goods company with 501-1,000 employees
Real User
Top 10
Apr 15, 2025
Improves risk management with recorded sessions and flexible workflows
Pros and Cons
  • "The most valuable feature I find in CyberArk Privileged Access Manager is that we can record the sessions. It provides flexible workflows. I can change the workflow to specify if it needs one approval or two approvals, and I can approve my peer."
  • "You can see the benefits of CyberArk Privileged Access Manager immediately."
  • "I find it hard to mention a point of improvement because I'm happy with the platform. The only thing I would say is that they can improve their price."
  • "It's expensive and you're not getting anything new. It's just a control, but in terms of risk, you are covering a big impact on the company."

What is our primary use case?

My use cases for CyberArk Privileged Access Manager are specifically for privileged access management. We are using it along with other products. They have access management, their own certificate manager, and other managers. CyberArk Privileged Access Manager is for privileged access for users who require more than normal access, such as administrators and engineers. We can rely on this tool to manage that access.

How has it helped my organization?

You can see the benefits of CyberArk Privileged Access Manager immediately. This is risk management. You are not getting any features from the tool. It's not something that you are installing because you want it, for example, ChatGPT. With CyberArk Privileged Access Manager, you're getting control. You're not getting any additional features for your platform or systems. You are just controlling the risk. Users can't do what you aren’t allowing them. They can't make any change without approval, so it controls risks. Once you see that value, you're controlling what the privileged users in your system are doing.

What is most valuable?

The most valuable feature I find in CyberArk Privileged Access Manager is that we can record the sessions. It provides flexible workflows. I can change the workflow to specify if it needs one approval or two approvals, and I can approve my peer. We can record sessions for external people who want or require privileged access to our systems. That is very flexible. We can record what people are doing in the platform.

What needs improvement?

I find it hard to mention a point of improvement because I'm happy with the platform. The only thing I would say is that they can improve their price. 

For how long have I used the solution?

I have been using CyberArk Privileged Access Manager for three years.

What do I think about the stability of the solution?

Regarding the stability of CyberArk Privileged Access Manager, I have seen a couple of times that the server was not available. In three years, it has only been a couple of times. It has high availability and low impact. In terms of the platform, it is stable.

What do I think about the scalability of the solution?

The scalability of CyberArk Privileged Access Manager has been good; the only thing is the license. The platform is very scalable, but you need to get more licenses in terms of users.

How are customer service and support?

I don't handle that kind of interaction, but my engineer does. Sometimes it requires escalation, but I have not heard of any complaints from him in terms of the support received. It is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have used Delinea but not in this company. I prefer CyberArk over Delinea.

How was the initial setup?

It is not that easy. You need to load the users and platforms that you will be using. You need to teach the users how to do it. It requires some change management. It is a bit complicated, but it is expected. It is not just plug-and-play.

Its maintenance depends. You can have an on-premise solution or you can have a cloud solution. We have an on-premise solution, so it requires some maintenance on the infrastructure.

What about the implementation team?

Its implementation requires a team effort

What's my experience with pricing, setup cost, and licensing?

With the current model of licensing, for my use cases, sometimes it's hard to convince the management and get budget approvals for it. It's expensive and you're not getting anything new. It's just a control, but in terms of risk, you are covering a big impact on the company. Improvement in the licensing prices is something I would want to have.

What other advice do I have?

I would rate CyberArk Privileged Access Manager as an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free Idira Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.
Updated: July 2026
Buyer's Guide
Download our free Idira Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.