We performed a comparison between AWS CloudTrail and CyberArk Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two User Activity Monitoring solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product’s most valuable feature is monitoring. It helps us audit the changes in AWS account at the application and resource level."
"It is a stable solution. AWS handles it well."
"In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the employees' activities, revealing that they were downloading specific files from our customer's environment. Without it enabled, we wouldn't have been aware of this."
"The solution is good as a central logging platform for showing all cloud events."
"What I found most valuable in AWS CloudTrail is that it provides a good context of what's happening in the environment, so it's an excellent way to baseline what's occurring. I also like that AWS CloudTrail helps with audits."
"AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana."
"AWS CloudTrail integrates with AWS Config and provides custom event, security, and compliance auditing."
"Automates password management to remove the human chain weakness."
"Securely protects our TAP/NUID and privileged access accounts within the company."
"We are able to know who is accessing what and when; having accountability."
"CyberArk Privileged Access Manager's main benefit is it provides secure access to our servers. There are features to capture the user activity, it provides video recording processing. If the users are logged in to the server, we can see what activities they are performing. It's a very nice tool for Privileged Access Management. They have plenty of useful services and the solution has fulfilled our needs."
"CyberArk has helped us to identify, store, protect, and monitor the usage of privileged accounts."
"The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."
"Provides improved security around having your credentials locked down and rotated regularly."
"It is a scalable product."
"The platform’s reporting log sheet feature could be more user-friendly."
"The solution should incorporate visibility for CloudWatch events."
"Once the organization defines its policies, it must immediately enable AWS CloudTrail and integrate it with auto-remediation procedures using Lambda functions. This ensures that the main administrator can receive information quickly and on time without delay."
"Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great."
"Filtering multiple values within the console is a feature that has yet to exist in AWS CloudTrail. You can look up a user identity, service, or action, but you can't search for multiple dimensions."
"The solution's operation visibility could be improved."
"I would love them to improve their UI customizing features."
"New functionalities and discovered bugs take longer to patch. We would greatly appreciate quicker development of security patches and bug corrections."
"The usual workload is sometimes delayed by the solution."
"Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms."
"The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time."
"The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
AWS CloudTrail is ranked 3rd in User Activity Monitoring with 8 reviews while CyberArk Privileged Access Manager is ranked 1st in User Activity Monitoring with 142 reviews. AWS CloudTrail is rated 8.8, while CyberArk Privileged Access Manager is rated 8.8. The top reviewer of AWS CloudTrail writes "Very comprehensive logs with good points of view for auditing and compliance". On the other hand, the top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". AWS CloudTrail is most compared with Ekran System, whereas CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard. See our AWS CloudTrail vs. CyberArk Privileged Access Manager report.
See our list of best User Activity Monitoring vendors.
We monitor all User Activity Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
