We performed a comparison between Azure Active Directory and CyberArk Privileged Access Manager based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Azure Active Directory is the more popular solution because its deployment is easier and it has a free version.
"It is scalable."
"We have demoted a lot of domain admins and taken a lot of that away from people, giving it a shared account structure."
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"We are able to rotate credentials and have privileged account access."
"CyberArk Privileged Access Manager is stable."
"The ability to develop and deploy applications with no stored secrets is very valuable."
"Automatic password management, which will automatically change passwords based on compliance requirements."
"We have accomplished our security goals. We have two-factor authenticated and vaulted our important accounts, so people can't just steal stuff from us."
"The two-factor authentication provides an additional layer of security for our organizational data, so Microsoft Authenticator plays a crucial role in making our confidential data more secure."
"I primarily use this solution for hybrid deployment, security, securing resources and for integration purposes. In terms of security, we have been using the B2B/B2C hybrid integration with the certificate authentication."
"It helps us with maintaining enterprise identities."
"The user functionality enables us to provide different levels of access, across many applications, for each user. We can customize the access level and set a security level in connection with that access. For instance, we can require MFA. That is a feature that helps enhance our security posture a lot."
"The most valuable feature is Identity and Access Management. As an IT administrator, this feature allows me to manage access for users and groups."
"Let's say we decide that our users need to have MFA, multi-factor authentication. It is very easy to implement that with Azure Active Directory."
"The ability to see and control PCs and mobile devices is the most valuable. I can see where they are and how many we have. I can also see the age and retention of PCs."
"The scalability of the product is decent."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"For users to access a system via CyberArk Privileged Session Manager, a universal connector needs to be coded in a language called AutoIT and its support for web browsers is so-so. Other products like Centrify have browser plugins that can help automate the process when using their products."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"There is room for improvement in the availability of custom connectors on the marketplace for this solution. Additionally, their services for the CICD pipeline and ease of integration could be improved."
"Some of the additional features that we are looking at are in the Conjur product. I am specifically discussing key management, API Keys, and things for connecting applications in the CI/CD pipelines."
"There were a lot of manual steps in the initial setup which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"Reading documentation could be simplified. Technical support could also be faster."
"The solution can improve the educational portion because it is an administration cost."
"I would like it to be easier to integrate third-party applications."
"Azure AD could be more robust and adopt a saturated model, where they can offer unlimited support for a multi-cloud environment."
"Whatever business requirements we needed in the past three years, users were created, with the name of the user and they were not connected with the Active Directory. We were trying to in house in three years and with directory, but we were not able to achieve it."
"I think the solution can improve by making the consumption of that data easier for our customers."
"The SSO MyApps interface is very basic and needs better customization capabilities."
"Many people believe that the Azure Active Directory is overly complicated and antiquated."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Microsoft Entra ID is ranked 1st in Access Management with 190 reviews. CyberArk Privileged Access Manager is rated 8.8, while Microsoft Entra ID is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Delinea Secret Server, WALLIX Bastion, One Identity Safeguard and Zscaler Internet Access, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, Yubico YubiKey, Cisco Duo and Auth0. See our CyberArk Privileged Access Manager vs. Microsoft Entra ID report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.