We performed a comparison between Azure Active Directory and CyberArk Privileged Access Manager based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Azure Active Directory is the more popular solution because its deployment is easier and it has a free version.
"The established sessions on the target systems are fully isolated and the privileged account credentials are never exposed to the end-users or their client applications and devices."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"We have accomplished our security goals. We have two-factor authenticated and vaulted our important accounts, so people can't just steal stuff from us."
"Creating policies and the password rotation feature have been valuable. We don't have to memorize our password for the ADM account."
"All of the features of CyberArk Privileged Access Manager are valuable."
"The product is an important security measure against credential theft. It ensures session isolation and password rotation including pushing passwords to the endpoints."
"We know when passwords will be expiring so we can force users to change their passwords, as well as requiring specific password requirements for length, complexity, etc."
"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
"The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD."
"The feature that I have found most valuable is its authentication security. That is Azure Active Directory's purpose - making cloud services' security and integration easier."
"It is pretty good in terms of stability."
"The most valuable components of the solution are provisioning and deprovisioning since both features work...Microsoft Entra Verified ID is a very stable solution."
"My two preferred features are conditional access and privileged identity management."
"I would say that Azure AD's pricing is very reasonable because of the structure and in terms of the solution."
"If a company has hundreds of users that already exist in the cloud, and it now wants to enable those same users to be present in third-party applications that their business uses, like Atlassian or GoToMeeting, the provisioning technology can assist in achieving that."
"Having access to Azure Active Directory on the cloud gives us speed and use of the latest technology. The application services are very good, such as GitHub."
"It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler."
"The support services could act faster when people reach out to resolve issues."
"I would love them to improve their UI customizing features."
"It needs better documentation with more examples for the configuration files and API/REST integration"
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"They need to provide better training for the System Integrator."
"CyberArk PAM is a very broad product as everyone's requirements for implementation are different. In our particular case, the initial implementation was planned and developed by people who didn't know our specific network requirements, so the initial implementation needed to be tweaked over time. While this is normal, at the time all these "major" changes required CyberArk professional services to come in-plant and "assist" with the changes."
"The scalability, sometimes, is lacking. It works really well for more static environments... But for an environment where you're constantly spinning up new infrastructure or new endpoints, sometimes it has a hard time keeping up."
"Definitely, the price could be lower. When we moved from AWS to Azure, we started paying more."
"The monitoring dashboard could be a bit better."
"It would be an improvement if Authenticator made it easier to recover the app if you reboot your cellphone and lose access."
"We have a lot of freedom in using the Group Policy Objects and, although Group Policy Objects are part of Azure Active Directory, there are still a lot of things that can be improved, such as providing local admin rights to a user. There are various, easy ways that I can do that in the on-premises version, but in the cloud version, it is a bit difficult. You have to create a bunch of policies to make it work."
"Azure AD could be more robust and adopt a saturated model, where they can offer unlimited support for a multi-cloud environment."
"The support is a bit slow."
"The only improvement would be for everything to be instant in terms of applying changes and propagating them to systems."
"Maybe there could be a dashboard view for Active Directory with some pie or bar charts on who is logged in, who is not logged in, and on the activity of each user for the past few days: whether they're active or not active."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Microsoft Entra ID is ranked 1st in Access Management with 190 reviews. CyberArk Privileged Access Manager is rated 8.8, while Microsoft Entra ID is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Delinea Secret Server, WALLIX Bastion, One Identity Safeguard and ManageEngine PAM360, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, Ping Identity Platform, Okta Workforce Identity and Cisco Duo. See our CyberArk Privileged Access Manager vs. Microsoft Entra ID report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.