We performed a comparison between AWS CloudTrail and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two User Activity Monitoring solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is good as a central logging platform for showing all cloud events."
"AWS CloudTrail integrates with AWS Config and provides custom event, security, and compliance auditing."
"AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana."
"In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the employees' activities, revealing that they were downloading specific files from our customer's environment. Without it enabled, we wouldn't have been aware of this."
"It is a stable solution. AWS handles it well."
"The product’s most valuable feature is monitoring. It helps us audit the changes in AWS account at the application and resource level."
"What I found most valuable in AWS CloudTrail is that it provides a good context of what's happening in the environment, so it's an excellent way to baseline what's occurring. I also like that AWS CloudTrail helps with audits."
"It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad."
"The ability to develop and deploy applications with no stored secrets is very valuable."
"CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"Securely protects our TAP/NUID and privileged access accounts within the company."
"Performance-wise, it is excellent."
"I find value in notifications from CyberArk when passwords fail verification and have other issues."
"On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."
"Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great."
"The solution's operation visibility could be improved."
"Filtering multiple values within the console is a feature that has yet to exist in AWS CloudTrail. You can look up a user identity, service, or action, but you can't search for multiple dimensions."
"Once the organization defines its policies, it must immediately enable AWS CloudTrail and integrate it with auto-remediation procedures using Lambda functions. This ensures that the main administrator can receive information quickly and on time without delay."
"The platform’s reporting log sheet feature could be more user-friendly."
"The solution should incorporate visibility for CloudWatch events."
"As a customer, I might need a plugin for a specific product, or an application, and CyberArk might have already worked with some other client on it. There has to be some platform where it is available for everybody else to go and grab it, instead of my having to reinvent the wheel."
"This product needs professional consulting services to onboard accounts effectively based user profiles."
"It is very complex and difficult to set up the solution."
"CyberArk Privileged Access Manager could improve the integration with other solutions and ease of use. Additionally, there should be a feature to have remote connections without a VPN."
"Sometimes the infrastructure team is hesitant to provide more resources."
"The solution should be able to mitigate internal threats"
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
AWS CloudTrail is ranked 3rd in User Activity Monitoring with 8 reviews while CyberArk Privileged Access Manager is ranked 1st in User Activity Monitoring with 144 reviews. AWS CloudTrail is rated 8.8, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of AWS CloudTrail writes "Very comprehensive logs with good points of view for auditing and compliance". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". AWS CloudTrail is most compared with Ekran System, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our AWS CloudTrail vs. CyberArk Privileged Access Manager report.
See our list of best User Activity Monitoring vendors.
We monitor all User Activity Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.