We performed a comparison between AWS CloudTrail and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two User Activity Monitoring solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What I found most valuable in AWS CloudTrail is that it provides a good context of what's happening in the environment, so it's an excellent way to baseline what's occurring. I also like that AWS CloudTrail helps with audits."
"In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the employees' activities, revealing that they were downloading specific files from our customer's environment. Without it enabled, we wouldn't have been aware of this."
"It is a stable solution. AWS handles it well."
"The product’s most valuable feature is monitoring. It helps us audit the changes in AWS account at the application and resource level."
"AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana."
"AWS CloudTrail integrates with AWS Config and provides custom event, security, and compliance auditing."
"The solution is good as a central logging platform for showing all cloud events."
"All of the features of CyberArk Privileged Access Manager are valuable."
"The ability to develop and deploy applications with no stored secrets is very valuable."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information."
"Password rotation, session recording & isolation and on-demand privileges."
"It takes people out of the machine work of ensuring credentials remain up-to-date, and handles connection brokering such that human usage and credential management remain independent."
"The solution is stable."
"You can gradually implement CyberArk, starting with more easily attainable goals."
"Once the organization defines its policies, it must immediately enable AWS CloudTrail and integrate it with auto-remediation procedures using Lambda functions. This ensures that the main administrator can receive information quickly and on time without delay."
"The solution's operation visibility could be improved."
"Filtering multiple values within the console is a feature that has yet to exist in AWS CloudTrail. You can look up a user identity, service, or action, but you can't search for multiple dimensions."
"Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great."
"The platform’s reporting log sheet feature could be more user-friendly."
"The solution should incorporate visibility for CloudWatch events."
"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"The tool’s pricing and scalability can be better."
"The usual workload is sometimes delayed by the solution."
"We don't often contact technical support, but when we do it, the response could be faster and better."
"The web interface has come a long way, but the PrivateArk client seems clunky and not intuitive. It could use an update to be brought up to speed with the usability of PVWA."
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
AWS CloudTrail is ranked 3rd in User Activity Monitoring with 8 reviews while CyberArk Privileged Access Manager is ranked 1st in User Activity Monitoring with 144 reviews. AWS CloudTrail is rated 8.8, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of AWS CloudTrail writes "Very comprehensive logs with good points of view for auditing and compliance". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". AWS CloudTrail is most compared with , whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our AWS CloudTrail vs. CyberArk Privileged Access Manager report.
See our list of best User Activity Monitoring vendors.
We monitor all User Activity Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.