It's a privileged access management tool so it helps in making sure that all privileged accounts are compliant.
Cyber Security Senior Consultant at Ernst & Young
Provides a comprehensive access control list and auditing and offers robust reporting
Pros and Cons
- "The product is an important security measure against credential theft. It ensures session isolation and password rotation including pushing passwords to the endpoints."
- "The documentation is rather basic and it is missing many use cases."
What is our primary use case?
How has it helped my organization?
The product is an important security measure against credential theft. It ensures session isolation and password rotation including pushing passwords to the endpoints.
It's also possible to pull the password from the CyberArk to ensure that there are no hardcoded credentials in scrips or DevOps tools.
It provides a comprehensive access control list and auditing. Reporting capabilities are extensive.
What is most valuable?
New features are being added in every release, and there are few releases a year.
Enhancement requests can be submitted by the community and are taken into consideration by the company.
What needs improvement?
As configuration options are very extensive, it is sometimes hard to find the correct and complete way of customization or specific configuration.
The documentation is rather basic and it is missing many use cases.
It's also hard to test solutions without a development environment as CyberArk doesn't provide the possibility to run the environment for personal purposes.
Buyer's Guide
Idira Privileged Access Manager
July 2026
Learn what your peers think about Idira Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,836 professionals have used our research since 2012.
For how long have I used the solution?
I've used the solution for six years.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Sales Engineer at Softprom by ERC
Scalable solution with an efficient exclusive access feature
Pros and Cons
- "The solution is highly stable."
- "It is complicated to deploy for Windows servers compared to other vendors."
What is most valuable?
The solution's most valuable features are one-time password and exclusive access.
What needs improvement?
CyberArk is complicated and costly to deploy for Windows servers compared to a few other vendors. It would be helpful if they combined all the components on a single server. Also, they should release a version specific to small businesses with two servers installation architecture.
For how long have I used the solution?
We have been using the solution for three years.
What do I think about the stability of the solution?
The solution is highly stable. I rate its stability a ten out of ten.
What do I think about the scalability of the solution?
I rate the solution's scalability a ten. It is the best in the market. It can scale to any infrastructure. We had implemented around 1000 target servers for our previous customers.
How are customer service and support?
The solution's training documentation compensates for efforts to raise the tickets. We can resolve the issues ourselves based on the documents provided by the vendor. If you contact them for any problems, they solve them within a few hours.
How was the initial setup?
I have implemented the solution for small and large enterprises. I haven't come across any bugs or issues. I use the 12.2 version as it is more stable, and I have more experience working with it than the newer version. It is easier to deploy if you know how to use it.
The time taken for deployment depends on specific project requirements. In the case of lesser servers and target machines, it takes about a few weeks. Whereas for a larger number of servers, it takes around two to three months to complete. The process involves setting up servers to host password vault, API access, central policy manager, and SM server. Additionally, for customer-specific requirements, we can set up Distributed Trusted Host (DTH) server for privileged analytics and Privileged Session Manager (PSM) for session management.
Apart from the deployment, it involves configuring policies, setting up additional connection components, etc.
What's my experience with pricing, setup cost, and licensing?
The solution is cost-effective for the features. In comparison, other vendors would charge extra for the same features. Also, its pricing model is based on the number of users rather than the number of servers. Thus, there are no additional costs. I rate its pricing a six or seven.
What other advice do I have?
I recommend the solution to others and rate it a ten out of ten. It is user-friendly once you understand its functionality.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. reseller
Buyer's Guide
Idira Privileged Access Manager
July 2026
Learn what your peers think about Idira Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,836 professionals have used our research since 2012.
Cyber Security Engineer at eprocessconsulting
Highly stable and efficiently automates application authorization
Pros and Cons
- "It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."
- "One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible."
What is our primary use case?
We use it for other use cases, such as automating application authorization, managing files, and securing monetary accounts. We use it for managing privileged accounts.
What is most valuable?
I like everything about it. It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components.
What needs improvement?
The issue is that in many environments, what I purchase via text is different. We have some policies that are specific to Microsoft environments. For example, my actual manager may not be able to connect to a Microsoft product due to a policy on it. The issue that comes to mind now is how six credentials are managed.
Currently, if you try to log in to any server within the environment, you would need to log in every time, regardless of whether you have already received the credential or if the connecting device is present or not. It is a problem with CyberArk. If CyberArk could find a way to solve this, it would greatly improve the experience.
I'm not sure if it is possible to fix this. It's not a point of entry, but it may require a longer string than the user might want to know, or maybe cheaper right now. If CyberArk can find a solution that improves the experience, it would be beneficial to customers.
Another thing is that there are some time needs that could be improved in the future. One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible.
For how long have I used the solution?
I've been working with it for three years. I'm currently working with version 12 of the solution, and I've also worked with version 10 and partition 11.
What do I think about the stability of the solution?
The number of users is about 3,305, and it is stable. We don't have any small clients, mainly medium and enterprise businesses.
I would rate stability a ten out of ten, and it's very stable.
What do I think about the scalability of the solution?
I would rate scalability an eight out of ten. It's not perfect, but it's fairly scalable.
How are customer service and support?
Some things need improvement. The solution doesn't provide sufficient support. I contacted them at one point, but it took several months to get a response. Additionally, we had an issue with account balances that took a while to resolve. That was four or five years ago, though. Other than that, it's a decent solution.
How would you rate customer service and support?
Positive
How was the initial setup?
Regarding the initial setup, I would say it's pretty straightforward on a scale from one to ten, where one is difficult and ten is easy. I'd give it a nine. Deployment took less than a week.
What about the implementation team?
I deployed the solution.
What's my experience with pricing, setup cost, and licensing?
It is pretty pricey. I would rate it a seven on a scale of one to ten, where one is cheap, and ten is very expensive.
What other advice do I have?
Overall, I would rate the solution a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Procurement Manager at OTE Group
A robust solution that provides good security support
Pros and Cons
- "The solution helps our developers access internal systems. It also helps us in Privilege Access Management."
- "The tool’s pricing and scalability can be better."
What is our primary use case?
The solution helps our developers access internal systems. It also helps us in Privilege Access Management.
What needs improvement?
The tool’s pricing and scalability can be better.
For how long have I used the solution?
I have been using the solution for five years.
What do I think about the stability of the solution?
I would rate the tool’s stability a ten out of ten. It is stable.
What do I think about the scalability of the solution?
I would rate the tool’s scalability an eight out of ten. The tool is scalable.
How was the initial setup?
I would rate the tool’s setup a nine out of ten. The solution’s setup is easy. We have a good internal implementation team who completed the deployment in a few days. About five to six engineers worked on the tool’s deployment.
What about the implementation team?
We have an internal integrator for the tool.
What was our ROI?
We have seen ROI with the tool’s use.
What's my experience with pricing, setup cost, and licensing?
I would rate the tool’s pricing a six out of ten.
What other advice do I have?
The tool is robust and our IT team is happy with it. It provides you with strong security.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Sri Privileged Access Management Architect at Edgile
Extremely stable, scalable, and has great technical support
Pros and Cons
- "CyberArk has the ability to change the credentials on every platform."
- "The initial setup has room for improvement to be more straightforward."
What is our primary use case?
The primary use case of the solution is mining the credentials on our Windows unique network.
What is most valuable?
The solution is able to rotate the credentials and session recording. CyberArk has the ability to change the credentials on every platform.
What needs improvement?
The initial setup has room for improvement to be more straightforward.
For how long have I used the solution?
I have been using the solution for three months.
What do I think about the stability of the solution?
The solution is extremely stable.
What do I think about the scalability of the solution?
The solution is extremely scalable.
How are customer service and support?
The technical support is fantastic and quick to respond.
How was the initial setup?
I give the initial setup a five out of ten.
The initial deployment requires a couple of weeks and for the on-premises portion an additional two to four weeks. The deployment required one full-time architect and one full-time senior consultant.
What's my experience with pricing, setup cost, and licensing?
The solution is costly but we get what we pay for.
What other advice do I have?
I give the solution a ten out of ten.
For maintenance, we require one part-time architect and two operations people.
I recommend the solution to others.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Pre sales Engineer (West Africa) at StarLink - Trusted Security Advisor
A useful solution for privileged identity and application identity management
Pros and Cons
- "Regardless it's a good solution, it works, and the bank is happy with it."
- "The architecture needs to be improved."
What is our primary use case?
Our primary use case for his solution is privileged identity and application identity management, and we deploy the solution on-premises.
What is most valuable?
We have found the core features of the product most valuable, such as password management, session recording and vaulting.
What needs improvement?
The architecture needs to be improved. For example, the whole solution can come within a single software bundle instead of the distributed components we have for the on-premise deployments. I think there's room for improvements in that area because the competitors within that space have appliances and software that are just a single software. You don't have to split functionality across several servers like the current deployment.
For how long have I used the solution?
We have been using this solution for approximately five years.
What do I think about the scalability of the solution?
The solution is scalable. At the point of implementation, 300 users in our organization were using it, but that number may have increased.
How was the initial setup?
The initial setup is not very complex because of my experience and skills. Still, the end users are only in charge of the administrative aspects, but I think the set up is a bit complex for those who are not very savvy with the solution. Implementation took approximately two weeks.
What other advice do I have?
I rate the solution nine out of ten. The solution is good, but the main feature to be improved is having the product in a consolidated software bundle. So the moment we have PSM, it's a dedicated server. We can also have a PVWA in another server, so having a singular bundle is just like the cloud offering. The infrastructure is abstracted from the end user. So if we can have something like that for on-premises, that would simplify implementation. Regardless it's a good solution, it works, and the bank is happy with it. My recommendation to people considering implementing this product is to get the scoping appropriately done. It comes down to scoping the initial deployment, so it doesn't take forever. Still, if you're not scoping correctly, you could have a situation where people keep adding new accounts continuously, and your project never ends. Hence, scoping is kind of important.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
IEM tower manager at Capgemini
Useful session monitoring and password vault features
Pros and Cons
- "The password vault and session monitoring are useful."
- "The turnaround time for technical support is lengthy."
- "The solution is stable, but some features in BeyondTrust are unavailable in CyberArk Privileged Access Manager."
What is most valuable?
The password vault and session monitoring are useful.
For how long have I used the solution?
We have been using this solution since 2016.
What do I think about the stability of the solution?
The solution is stable, but some features in BeyondTrust are unavailable in CyberArk Privileged Access Manager. For example, there is a PMUL feature in BeyondTrust where you can do a deeper dive with the keys for login, but it is not available in CyberArk Privileged Access Manager.
How are customer service and support?
The technical support is good, and they fix any issues we have. However, the turnaround time for technical support is lengthy.
How was the initial setup?
We set up huge environments.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, we have an APAC sheet and a contact person from CyberArk Singapore that provides a pricing sheet when we need one.
What other advice do I have?
I rate this solution an eight out of ten. I would recommend having a proper plan before implementing this solution. It will be a smoother process if you jot down the granular execution level and get senior resources with hands-on experience.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Senior Leader at a financial services firm with 5,001-10,000 employees
Useful password vaulting, reliable, and simple deployment
Pros and Cons
- "The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use."
- "CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve."
What is our primary use case?
CyberArk Enterprise Password Vault can be used for password vaulting and purpose session management.
What is most valuable?
The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use.
What needs improvement?
CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve.
For how long have I used the solution?
I have been using CyberArk Enterprise Password Vault for approximately seven years.
What do I think about the stability of the solution?
The stability of CyberArk Enterprise Password Vault depends on what you use it for. It is very stable when using a single vault. I had the most problems using the distributive vault. They've worked through some of that, so it's more stable now.
What do I think about the scalability of the solution?
The scalability of CyberArk Enterprise Password Vault is okay. The distributive vault is what would affect the scalability and there were some issues with that that I've run into.
We only have a small number of users in the current company I am working at, and the previous company I was working for had hundreds of users using the solution.
We do not plan to increase the usage of this solution.
How are customer service and support?
The support from CyberArk Enterprise Password Vault is good.
I rate the support from CyberArk Enterprise Password Vault a four out of five.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not use a solution similar to CyberArk Enterprise Password Vault.
How was the initial setup?
The initial setup of CyberArk Enterprise Password Vault was straightforward. The time it took to implement was two months.
What about the implementation team?
We did the implementation of CyberArk Enterprise Password Vault in-house.
We have approximately nine people for the deployment and maintenance of CyberArk Enterprise Password Vault.
What was our ROI?
We have seen a return on investment from using CyberArk Enterprise Password Vault.
What's my experience with pricing, setup cost, and licensing?
There are no additional costs other than the standard licensing fees.
Which other solutions did I evaluate?
We evaluated other solutions but we decided to choose CyberArk Enterprise Password Vault because they were a key player in the market who invented the space.
What other advice do I have?
CyberArk Enterprise Password Vault is great. It excels on-premise. If you were looking at the hybrid or other solutions, there are other solutions that were built in that environment. They're probably a little ahead of CyberArk Enterprise Password Vault at this point.
I rate CyberArk Enterprise Password Vault an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Identity and Access Management Engineer at Wiley Global Technology Pvt. Ltd.
Is user-friendly and easy to deploy, and integrates well with other products
Pros and Cons
- "Creating policies and the password rotation feature have been valuable. We don't have to memorize our password for the ADM account."
- "If you can afford CyberArk Privileged Access Manager or you are looking 5 to 10 years in the future, it's a good investment."
- "Report creation could be improved. The policies could be more customized."
What is our primary use case?
We use this solution for the user ADM account onboarding process within our company. If they need server access, we create ADM accounts, and we onboard to CyberArk.
We use it also for the password protection process with other products. We can use this as a password wallet, and we create the password rotation in CyberArk.
We can grant access, check the system's health, and create policies for users.
What is most valuable?
Creating policies and the password rotation feature have been valuable. We don't have to memorize our password for the ADM account.
Security wise, it's really safe. The password expires within six to eight hours, so no one can get that password from us. Other users can't log in without our credentials, and also, the ADM account password will automatically rotate.
It's really user-friendly as well.
What needs improvement?
Report creation could be improved.
The policies could be more customized.
For how long have I used the solution?
I've been working with this solution for almost nine months. It's deployed on the cloud.
What do I think about the stability of the solution?
The stability is really good.
What do I think about the scalability of the solution?
We have more than 2000 users, and it's really easy to scale.
Which solution did I use previously and why did I switch?
I have worked with Thycotic before. It is not user-friendly, although it has changed a lot.
Implementation was really hard, and the reporting was not as good as the users expected. In comparison to CyberArk, Thycotic was not better.
How was the initial setup?
The deployment process is really easy, and I would give it a four out of five.
What about the implementation team?
We got support from the CyberArk team but deployed it ourselves. It was easy to follow the documentation and user guide.
What's my experience with pricing, setup cost, and licensing?
CyberArk is an expensive product.
What other advice do I have?
If you can afford CyberArk Privileged Access Manager or you are looking 5 to 10 years in the future, it's a good investment. You will gain experience handling all these pieces using the one product. You can easily integrate with other products also.
You would have maintenance with other PAM products, and you won't with CyberArk. You can save that money by investing in a high quality product from the beginning itself.
Overall, I would rate CyberArk Privileged Access Manager at eight on a scale from one to ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Manager Engineering at a comms service provider with 1,001-5,000 employees
Once you complete the setup, you have everything at the click of a button.
Pros and Cons
- "The logs and reporting features are impressive."
- "With CyberArk, everything is a click away for us."
- "CyberArk's license is too expensive. I rate it seven out of 10 for affordability."
What is our primary use case?
We Enterprise Password Vault to manage privileged credentials as well as some server and activity logging.
How has it helped my organization?
Before we implemented CyberArk, we had no password vault, so it was challenging to keep a record of who made changes and had access. With CyberArk, everything is a click away for us. We don't need to worry about reporting and other things. We can on our server to check who had access and the changes they made.
What is most valuable?
The logs and reporting features are impressive.
For how long have I used the solution?
We've been using CyberArk for about five years now.
What do I think about the stability of the solution?
CyberArk is stable, and the performance is awesome.
What do I think about the scalability of the solution?
CyberArk is highly scalable. You don't need to worry about being dependent on only one server because you can deploy to multiple ones and manage it with all of them. If one fails, you can still use your access, so I think it's scalable.
We aren't using the solution extensively, but we plan to expand, and we'll definitely we'll continue with the same solution.
How are customer service and support?
I rate CyberArk support 10 out of 10. We have contacted tech support a few times for help with some of the cases, and the support was perfect.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We didn't have a password vault solution before CyberArk.
How was the initial setup?
The initial setup was straightforward for us, but it depends on how you want to use it. It will become a little complex, and you need to gain some knowledge to customize it how you want. That applies to any product. I'll rate CyberArk 10 out of 10 for ease of setup.
It took us around five or six months to deploy because we were also testing out some other products at the same time. And after testing for a few months, we decided to go with CyberArk for the final production rollout. Once you complete the setup, you don't need much maintenance, but we have around 40 system administrators managing the CyberArk server.
What about the implementation team?
We did the deployment with our in-house team.
What's my experience with pricing, setup cost, and licensing?
CyberArk's license is too expensive. I rate it seven out of 10 for affordability.
Which other solutions did I evaluate?
We tried a couple of solutions before selecting CyberArk. Some of them are highly secure, but the reporting functions were tricky. A few were highly scalable, but they required a lot of resources to manage. We preferred CybeArk because it's easy to use and set up. Once you complete the setup, you have everything at the click of a button.
What other advice do I have?
I rate CyberArk Enterprise Password Vault nine out of 10. If you're worried about privileged ID management, security, and scalability, you should go with CyberArk.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
Download our free Idira Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Updated: July 2026
Product Categories
Privileged Access Management (PAM) User Activity Monitoring Enterprise Password Managers Mainframe Security Operational Technology (OT) SecurityPopular Comparisons
Okta Platform
Azure Key Vault
Saviynt Identity Cloud
AWS Secrets Manager
Claroty Platform
Idira Identity
Nozomi Networks
One Identity Safeguard
Idira Endpoint Privilege Manager
Delinea Secret Server
BeyondTrust Endpoint Privilege Management
HashiCorp Vault
Keeper Enterprise Password Manager
LastPass Business
Buyer's Guide
Download our free Idira Privileged Access Manager Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- CyberArk vs. ManageEngine Password Manager Pro
- Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
- How does Sailpoint IdentityIQ compare with CyberArk PAM?
- What is the difference between Privileged Users and Privileged Accounts
- When evaluating Privileged Identity Management, what aspect do you think is the most important to look for?
- How was the 2020 Twitter Hack carried out? Could it have been prevented?
- Which is the best Privileged Account Management solution?
- What are the top 5 PAM solutions that can be implemented which cover both hybrid and cloud?
- What are the top 5 PAM solutions?
- Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A




















