2016-04-16T14:05:00Z
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 263

What is your primary use case for CyberArk Privileged Access Manager?

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

28
PeerSpot user
28 Answers
AslamImroze - PeerSpot reviewer
Technical Manager at Gulf IT
Reseller
Top 5Leaderboard
2022-10-06T21:49:06Z
Oct 6, 2022

The concern on our end was separating the components, including the password storage component, and having everything completely separated.

Search for a product comparison
Furqan Ahmed - PeerSpot reviewer
Network Engineer at Pronet
Real User
Top 5Leaderboard
2022-09-16T18:45:11Z
Sep 16, 2022

It is a PAM solution, in which we provide privileged access to CyberArk and the users who are using to try to access their devices. They onboard on the CyberArk and then, whenever they need to access the devices, they get access to CyberArk which means they have to log in on CyberArk.

KL
Team Lead Information Security Control at a financial services firm with 5,001-10,000 employees
Real User
Top 5Leaderboard
2022-09-02T09:06:05Z
Sep 2, 2022

We are using CyberArk Privileged Access Manager because we have too many accounts and we need to manage them.

KD
Network Engineer at CalSTRS
Real User
Top 20
2022-08-15T21:20:24Z
Aug 15, 2022

We're in the process of rolling it out. We haven't finished our rollout yet. Most of my co-workers have been doing a lot of hands-on, and I haven't been the one with the most hands-on. We're not in production yet. We're still in tests, but it will give us the ability to manage the privileged accounts. It'll make that a lot easier. One of the things that we've been having trouble with is that we haven't been changing the passwords on our service accounts, for instance, for a long time, because it is so difficult to do. That was one of the main reasons we started down this road. We decided we would also expand out into managing things like the local administrator accounts on our laptops, etc. We've started there with local administrator accounts because it is an easier thing to tackle, rather than doing the service accounts and all of that. We're going to start there, and then we'll move into service accounts, and then we're going to move into administrative accounts that are human-owned rather than service accounts. At this point, we're still dealing with the things related to local administrators. I'm pretty sure we are using its latest version. In terms of deployment, we're split between an on-prem and public cloud setup.

VA
Consultant at a recruiting/HR firm with 10,001+ employees
Real User
Top 20
2022-07-13T11:28:24Z
Jul 13, 2022

CyberArk is for Privileged Access Management, so we secure our privileged accounts using CyberArk.

Jan Strnad - PeerSpot reviewer
Security Architect at AutoCont CZ a. s.
Reseller
Top 10
2022-07-07T15:08:12Z
Jul 7, 2022

We use CyberArk Privileged Access Manager for our customers who want to monitor and protect the access from the vendor side or the partner side. These customers want to cover external users who want to gain access.

Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
656,474 professionals have used our research since 2012.
ChaminiEllawala - PeerSpot reviewer
Identity and Access Management Engineer at Wiley Global Technology Pvt. Ltd.
Real User
Top 10
2022-06-03T15:14:46Z
Jun 3, 2022

We use this solution for the user ADM account onboarding process within our company. If they need server access, we create ADM accounts, and we onboard to CyberArk. We use it also for the password protection process with other products. We can use this as a password wallet, and we create the password rotation in CyberArk. We can grant access, check the system's health, and create policies for users.

Rohan Basu - PeerSpot reviewer
IT Manager at Cognizant
Real User
Top 5
2022-05-11T15:10:00Z
May 11, 2022

Our main use cases for CyberArk Privileged Access Manager are privileged access management and privileged session management. Another use case of the solution is password rotation.

DK
Manager at a financial services firm with 1,001-5,000 employees
Real User
Top 20
2022-04-27T11:56:40Z
Apr 27, 2022

I am using CyberArk Privileged Access Manager to protect our servers. It can be either a Windows or Linux Server. Additionally, we have some network devices, and databases, such as Oracle and MySQL Server being protected.

Amandeep Singh - PeerSpot reviewer
Associate Manager at Wipro
Real User
Top 20
2022-04-06T11:02:00Z
Apr 6, 2022

It is for the lab. We just onboard all the privileged accounts and then try to make them compliant and provide access to end-users. We are CyberArk administrators, and our responsibility is to onboard the accounts and provide access to end-users so that there is no business impact and the users are able to connect to their target services. I started with version 10.6, and now, the current version of CyberArk is 12.1. It is deployed on-prem, but in my lab, it is my virtual setup.

Salif Bereh - PeerSpot reviewer
Consultant at a consultancy with 10,001+ employees
Consultant
Top 10
2022-03-07T19:12:00Z
Mar 7, 2022

There are many possible use cases, but in general, CyberArk permits users to target machines and rotate their passwords, and to record decisions. It is used to create security through PTA and to forward Vault logs and investigate events. It also enables users to access passwords in dev code without actually knowing the passwords. There are a lot of advantages to CyberArk. As a consultant, I have seen a lot of CyberArk configurations. Sometimes we use the CyberArk Cluster Vaults with one DR. I also worked for a company that used only one vault, without a cluster, but they switched data centers when there was an incident.

MV
Engineering Lead PAM with 10,001+ employees
MSP
Top 20
2022-01-17T13:50:00Z
Jan 17, 2022

The primary use case of CyberArk is controlling privileged access. It is good at providing various privileged access controls. The CyberArk use case can be implemented on various platforms. Password rotation is another key use case. There are many integrations available on the CyberArk Marketplace, plugins and connectors with different technologies to be integrated with CyberArk to achieve this use case. I've had an experience of deploying CyberArk in on-premise and in the cloud.

IB
Security Architect at a tech services company with 1,001-5,000 employees
Real User
2022-01-12T12:29:00Z
Jan 12, 2022

We have clients that ask us to implement CyberArk PAM. There are two kinds: * Greenfield installation and setup. * They already have CyberArk and want to extend their usage to protect different types of accounts and passwords. CyberArk PAM protects privileged accounts and passwords. Privileged account means that those accounts have particular authorization that can span all the features of the system. For example, usually on network devices, they come out out-of-the-box with administrator accounts. Windows has an administrator account built-in so you need to protect that. Also, Active Directory has some accounts, like domain administrators, who can do whatever on the platform. These accounts are used for administration. CyberArk stores and rotates the password/credential. They can rotate SSH keys as well. This protects the attack surface. By way of CyberArk, you can allow sessions, isolation, and recording. The main aim is to protect privileged accounts and their credentials. I started with version 9.7, and now I am working with version 10.10, but the latest version is 12.

AM
Product Owner at a tech services company with 1,001-5,000 employees
Real User
2022-01-10T13:53:00Z
Jan 10, 2022

The major use case for us is to securely release and manage passwords for non-personal accounts. CyberArk provides an automated and unified approach for securing access across environments. It's a work in progress but that is the goal, for us, of implementing CyberArk. We want to provide a unified way to access all environments. We are in transition, like most big companies, into cloud solutions. So this is also something that is being discussed and analyzed. But that, overall, is the mission of CyberArk in our organization.

NM
Information Security Leader at a government with 10,001+ employees
Real User
2021-12-19T18:34:00Z
Dec 19, 2021

We use it to control privileged access within the environment, including domain admins and server admins. We're using the CyberArk Privilege Cloud version, which is the PaaS.

KS
Information Security Administrator at a insurance company with 501-1,000 employees
Real User
Top 20
2021-12-16T18:49:00Z
Dec 16, 2021

I have been working with CyberArk for the past five years. I do installations, support, and presales. We have installed the CyberArk solution and have been using it as a PAM solution. The main reason for having the solution in place is to isolate and monitor all previous activities that have taken place within the organization. The second thing is to make sure all the previous accounts have been onboarded to the solution and accurately monitored as well as passwords have been managed as per the policies defined. The third thing is to make sure users are unaware of their previous account passwords. Those should be centrally stored and located in one of the solutions where we can manage them per our policy or ask users to raise a request for internal workflows on the solution, in case of any emergencies. The last thing is for managing the service account passwords.

JP
Cybersecurity Engineer at a healthcare company with 10,001+ employees
Real User
Top 20
2021-12-14T02:29:00Z
Dec 14, 2021

We are mostly rotating passwords and using PSM for remote connections.

JA
Security Lead at a insurance company with 1,001-5,000 employees
Real User
Top 20
2021-10-29T13:55:00Z
Oct 29, 2021

CyberArk's Privileged Access Management solution covers a whole range of features, like privileged web access, private vault, privileged session manager rights for a session in isolation, privileged threat analytics for analytics, and private sessions. We also use CyberArk's Application Access Manager, which includes their credential providers, such as agents and run servers. Then there is a central credential provider, which is API-based credential retrieval, and DAP or Conjur. This is more of a DevOps model for credential provisioning. We also have the Central Policy Manager, which rotates the credentials associated with unprivileged or servers accounts. It's a huge environment. Those are all the different functions we use. We initially purchased CyberArk for privileged access manager and session isolation of privileged users. By privileged users, I mean main admins, global admins, and preps like Azure or Office 365. Our initial use case was to manage those users who could drastically impact the environment if their credentials were compromised. After we purchased the product, we had a third party on it. They suggested we also leverage CyberArk as part of the platform for managing service accounts, i.e. go out and proactively rotate credentials that are running or ordering services. That's another kind of big use case that we started implementing a couple of years. It's long work. It is tough to do, there's a lot of cases where it just doesn't work right, but overall it's been pretty valuable.

Mateusz Kordeusz - PeerSpot reviewer
IT Manager at a financial services firm with 1,001-5,000 employees
Real User
Top 10
2021-10-16T07:22:00Z
Oct 16, 2021

In our company, CyberArk is used to manage passwords for IP use. We use CyberArk for managing and automatically changing passwords in our managed system and environment. We use it for coding privileged sessions, but we also use another solution for that, and CyberArk is the backup for this. We are using the latest version.

LT
Auditor de Sistemas y Procesos at a tech services company with 11-50 employees
Reseller
Top 5Leaderboard
2021-03-11T09:18:30Z
Mar 11, 2021

We sell this solution to our partners. We are not currently using the application for our own use — we're consultants.

JL
Presales Engineer at a tech services company with 51-200 employees
Reseller
Top 5Leaderboard
2021-02-19T09:15:00Z
Feb 19, 2021

Our primary use case for this solution is business and client management. Our clients are mostly from the banking sector.

ABHILASH TH - PeerSpot reviewer
Managing Director at FOX DATA
Reseller
Top 5Leaderboard
2021-02-16T19:01:41Z
Feb 16, 2021

We are a system integrator. We are selling its latest version to customers who are new to PAM or are coming from an older PAM.

Richard Nagygyörgy - PeerSpot reviewer
Product Manager at a tech services company with 11-50 employees
Reseller
Top 5Leaderboard
2021-02-04T07:52:57Z
Feb 4, 2021

I am a consultant. We are in the process of using this in our clients' companies.

KN
Junior Product Consultant at a tech services company with 501-1,000 employees
Real User
Top 5Leaderboard
2020-12-08T05:35:26Z
Dec 8, 2020

I primarily use the solution to record any actions taken on specific important targets. It allows management to look at actions and play them back to see what was done within the environment.

YP
Threat Protection Architect at a consumer goods company with 10,001+ employees
Real User
2020-07-08T14:17:00Z
Jul 8, 2020

Our primary use case is to control the technical accounts used in our DevOps environnment. The primary goal was to automate to the maximum all privileged accounts used by applications. It was a big issue because al dev guys were always using the same account/password couple. CyberArk is doing this for them transparently. Through time the scope was extended to all interactive users with the target to avoid them knowing the password. The automated password change was implemented to 99% of all accounts inside the company.

BridgitAmstrup - PeerSpot reviewer
Cyber Security Manager at a hospitality company with 10,001+ employees
Real User
2019-12-15T09:11:00Z
Dec 15, 2019

So far, CyberArk has done everything that we've needed it to. We are growing and moving into the cloud. We have a pretty complex environment. Everything that we've needed it to do in terms of managing our privileged accounts, it has done.

reviewer988578 - PeerSpot reviewer
Snr Technical Consultant at Computacenter
Consultant
2019-01-12T11:39:00Z
Jan 12, 2019

Managing passwords to infrastructure and applications, keeping those accounts “safe,” and being able to audit their use.

Rodney Dapilmoto - PeerSpot reviewer
Systems Admin Analyst 3 at CPS Energy
Real User
Top 10
2016-04-16T14:05:00Z
Apr 16, 2016

We use this solution for privileged systems access with a high emphasis on security. End users are required to go through a process of being vetted in our NERC environment in order to use the solution. This product has been used by my company for about 5 years now.

Related Questions
AG
Associate VP & Cyber Security Specialist at Union Bank of California
Dec 5, 2022
Hello community,  I am the Associate VP and Cyber Security Specialist at a large bank. I am researching PAM tools. These are our requirements for the PAM tool needed: - Privileged Access Governance and Administrative - Privileged Accounts Discovery and Management - Privileged Credentials Management - Privileged Session Management - Privileged Access Logging, Reporting, and Audit - Privi...
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Dec 1, 2021
Which is better and why?
See 2 answers
Nov 17, 2021
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the management of user identities, systems, data, and cloud services. It works great for Identity Access Management, specifically for cleaning up inactive and orphaned accounts. It has the joiner-mover-leaver feature. One of the features we like is the large availability of connectors for different applications and platforms. You can also recertify an account, which is very useful. It is well suited for large companies with lots of users and applications. However, for small companies, it might be a bit of an overkill. Sailpoint has a steep learning curve, so it is not for inexperienced users. Moreover, it doesn’t offer a lot of supporting documentation. It also doesn’t integrate well with other solutions. We chose CyberArk despite the cost because it works great for password management. CyberArk helps manage privileged accounts and service accounts, for example, when users need to connect remotely into systems. It is especially useful for IT staff to access their privileged accounts without having to remember the passwords every time - individually and even as a group. What we like the most about CyberArk is the ease of use and effectiveness in managing privileged accounts. For instance, it automatically changes the passwords for privileged accounts and reconciles and verifies passwords. New users can obtain secure credentials with minimal time and effort. The initial cost is high, which can be a bit of a stretch for small organizations. It also has high requirements for the initial setup and is difficult to customize. The performance could be faster. Conclusions While Sailpoint IdentityIQ is a very good privileged account solution, CyberArk is better suited for us because of its ease of use and efficiency in password management.
DM
Identity Management Consultant at IdentityMD
Dec 1, 2021
The two products are actually complimentary. Both companies have been very good about staying in their lanes and are their respective market leaders. CyberArk's PAM solution is aimed at protecting privileged accounts by providing features like vaulting, credential rotation, session monitoring and recording. They also have solutions for DevOps and Secrets management. SailPoint is an Identity Governance solution and actually manages CyberArk as an application the same way it manages accounts and privileges in SAP, AD, AAD and over 100 more applications. For CyberArk, it can add/change/delete users as well as create safes and assign users to those safes. At a user account certification time, it will show the CyberArk users and their associated privileges and allow the user's manager or other appropriate people to approve or revoke the privileged access.  SailPoint creates an Identity warehouse so that a user's accounts and entitlements are gathered, managed and reported on in a centralized manner. See Youtube for a quick explanation - SailPoint Identity Governance Integrates with CyberAek Privileged Access Security.  SailPoint does not provide the vault and session management functions that CyberArk does.
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Apr 18, 2022
Top 5 Privileged Access Management (PAM) Tools PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews ...
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
Apr 18, 2022
Top 5 Privileged Access Management (PAM) Tools 2022
Top 5 Privileged Access Management (PAM) Tools PeerSpot’s crowdsourced user review platform help...
Download Free Report
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
DOWNLOAD NOW
656,474 professionals have used our research since 2012.