We performed a comparison between Azure Active Directory and CyberArk Privileged Access Manager based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Azure Active Directory is the more popular solution because its deployment is easier and it has a free version.
"There are no issues with scalability. Our clients are very happy to use the product."
"We are able to know who is accessing what and when; having accountability."
"It is an extremely scalable solution."
"DVR like video recording and text-based recording for easier audits."
"The product is for hardening access and making the organization more secure, therefore reducing chances of a breach."
"Enterprise Password Vault, Privilege Session Manager, and Application Identity Management have been very useful for our client environment."
"It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."
"The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task."
"The solution adds an extra layer of security."
"Privileged Identity Management (PIM), managed identities, dynamic groups, and extension and security attributes are all great features."
"Many of its features are valuable, including: facilitating application authentication, privileged access management, processes for attestation, and access reviews."
"Microsoft Entra ID's valuable features include integration capabilities, a simplified Active Directory approach, scalability, conditional access, and privileged identity management."
"We have a history of all our authentications and excellent integration with the Microsoft solutions we use at our company. It runs smoothly in Windows and macOS."
"The portal version of the Azure active directory is pretty robust."
"Conditional Access, Geofencing, and Azure Multi-Factor Authentication are the major security features to secure resources."
"The most valuable feature is the ease with which a person can log in remotely using only a password or pin without creating a profile or policy."
"Some aspects of the administration need improvement, though they have recently made improvements to the API. However, the management with the interface and configuration are not so user-friendly. It has not changed much during all the years that CyberArk has been on the market. The management part, like platform management as well as PSM connectors definition and management, could be improved, even if it has already been done with the API."
"As a customer, I might need a plugin for a specific product, or an application, and CyberArk might have already worked with some other client on it. There has to be some platform where it is available for everybody else to go and grab it, instead of my having to reinvent the wheel."
"Some of the additional features that we are looking at are in the Conjur product. I am specifically discussing key management, API Keys, and things for connecting applications in the CI/CD pipelines."
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."
"There were a lot of manual steps in the initial setup which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5."
"Performance of PIM could be better and intended for usability as well as security."
"The Vault's disaster recovery features need improvement."
"Report creation could be improved. The policies could be more customized."
"Better deployment management and visibility functionality would be helpful."
"We previously used Microsoft's technical support, which was excellent; they were very responsive. Now, we use a CSP, and their support is lacking, so I rate them five out of ten."
"Microsoft Authenticator can improve their notifications because sometimes, my team doesn't receive notifications about app updates and authentication failures."
"The custom role creation function could be improved as it's somewhat tricky to use."
"There is a concept of cross-tenant trust relationships, which I believe Microsoft is actively pursuing. That is something which in the coming days and years to come by will be very key to the success of Azure Active Directory, because many organizations are going into mergers and acquisitions or spinning off new companies. They will still have to access the old tenant information because of multiple legal reasons, compliance reasons, and all those things. So, there should be some level of tenant-level trust functionality, where you can bring people from other tenants to access some part of your tenant application. So, that is an area which is growing. I believe Microsoft is actively pursuing this, and it will be an interesting piece."
"It would be an improvement if Authenticator made it easier to recover the app if you reboot your cellphone and lose access."
"Something that can be improved is their user interface"
"It would be good to have more clarity around licensing."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while Microsoft Entra ID is ranked 1st in Access Management with 190 reviews. CyberArk Privileged Access Manager is rated 8.8, while Microsoft Entra ID is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Delinea Secret Server, WALLIX Bastion, One Identity Safeguard and ManageEngine PAM360, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, Okta Workforce Identity, Cisco Duo and Yubico YubiKey. See our CyberArk Privileged Access Manager vs. Microsoft Entra ID report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.