We performed a comparison between Amazon Cognito and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."They offer a permission tool to help us manage multi-factor authentication."
"Cognito speeds up our development and saves us time."
"The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility."
"The most valuable features of Amazon Cognito are OTP validation and email validation."
"The solution is proto connective and integrates well with other AWS services."
"The federation is one of the most efficient features as the pricing is competitive."
"One of the key benefits of this software is its ease of integration with a wide range of applications, including mobile apps and web applications. This simplifies the process of integration, and it can be seamlessly incorporated with Azure, Kubernetes, and other software systems."
"This is a scalable solution. If our app or general usage increases, this solution can support it."
"The voice technology is very good."
"It is scalable."
"With CyberArk, you can be fully confident that your existing accounts are secure. You will be 100 percent"
"CyberArk has helped us to identify, store, protect, and monitor the usage of privileged accounts."
"The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach."
"It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities."
"The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials."
"Its' quite stable."
"Cognito triggers can improve by providing more direct use cases rather than giving a white paper. A white paper is not at all interesting, it has too many details. It would be a benefit to provide a smaller document that is summarized. The smaller version would bring microdata, macro data is not helpful."
"I believe this product could improve by enriching user profiles."
"The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint."
"The MFA related to the solution's side is nonexistent."
"The secure authentication of Amazon Cognito has benefited our company. We were previously using legacy signup systems."
"In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users."
"Amazon Cognito could improve by simplifying the configuration."
"Amazon Cognito’s UI needs improvement while onboarding new users."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"Initially, there was a lot of hiccups, because there were a lot of transitions due to manual installations."
"CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms."
"The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers."
"We had an issue with the Copy feature... Apparently, in version 10, that Copy feature does not work. You actually have to click Show and then copy the password from within Show and then paste it. We've had a million tickets and we had to figure out a workaround to it."
"It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler."
"It is very complex and difficult to set up the solution."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
Amazon Cognito is ranked 5th in Access Management with 8 reviews while CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews. Amazon Cognito is rated 7.6, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of Amazon Cognito writes "Good integration with AWS services but not feasible for B2C because MFAs are nonexistent". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". Amazon Cognito is most compared with Auth0, Microsoft Entra ID, Cloudflare Access, Okta Workforce Identity and WSO2 Identity Server, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our Amazon Cognito vs. CyberArk Privileged Access Manager report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.