CyberArk Enterprise Password Vault vs HashiCorp Vault comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between CyberArk Enterprise Password Vault and HashiCorp Vault based on real PeerSpot user reviews.

Find out in this report how the two Enterprise Password Managers solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed CyberArk Enterprise Password Vault vs. HashiCorp Vault Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The logs and reporting features are impressive.""Super stable and easy to scale""We use the solution for password vaulting, password rotation, session management, and secret management.""If properly set up, CyberArk Enterprise Password Vault has good stability, and is a very solid tool. It can run by itself. Its most valuable features are auto password recycling and PSM.""The most valuable features of CyberArk Enterprise Password Vault are password rotations and password encryptions.""The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use.""The tool has safe vaults. We keep our passwords in the Vault. The tool’s recording feature is also valuable for us.""Password Vault's main advantage is its scalability. We constantly see huge enterprises implementing something like this, and the privileged session management is an excellent piece. You can kind of watch videos of whatever an admin has done."

More CyberArk Enterprise Password Vault Pros →

"It is user-friendly and easy to implement from any application point.""The interface is very simple to navigate.""It can still be configured by a separate team other than developers. That's why I think it's more secure.""The most valuable feature of HashiCorp Vault is the management of tickets in the pipeline.""The solution is stable. It has been working perfectly without any problem.""It's stable. I would rate the stability a nine out of ten.""It is a good product to consider for companies who are looking to build on-premise or hybrid infrastructure.""The product is free and easy to use. It is well documented with an easy implementation process."

More HashiCorp Vault Pros →

Cons
"I would prefer that this is a fully-managed service, rather than have to manage the software ourselves and keep it up to date.""The technical support is very poor.""CyberArk Enterprise Password Vault can improve the distributive vault feature. Distributing the vault in multiple areas and multiple data centers should improve.""The stability depends on the infrastructure it is installed on, which is important because CyberArk does not have the hardware appliance.""Upgrading the product is very difficult, so this could be an area for improvement.""The challenge with the product is pricing since it's expensive. It also needs to improve the customization. We encountered some stability issues as well.""I would like to see a simplification of the product.""We should be able to join small components."

More CyberArk Enterprise Password Vault Cons →

"There could be a plugin for the database to change the secret automatically. It would be an efficient feature for password security.""The solution's initial setup process is complicated.""The product needs to improve its customization. It should be also more like easy to plug and play.""I would rate the stability a six out of ten. There are some bugs and glitches. We are in touch with the vendor to resolve them.""A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution.""In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it.""I don't think there are any major improvements required—so far, so good. However, I think that having more training materials, such as videos, and documentation available would be helpful. I would prefer to have more videos available either on the official site or on YouTube.""The onboarding is a challenge. It should be more self-service, but it involves reviews and approvals."

More HashiCorp Vault Cons →

Pricing and Cost Advice
  • "This solution is expensive."
  • "The price of this solution is expensive."
  • "This product is very expensive."
  • "CyberArk is very expensive and there are additional fees for add-ons."
  • "It's per-company, license-based."
  • "It's an affordable platform."
  • "Licensing fees are paid on a yearly basis."
  • "Quite expensive"
  • More CyberArk Enterprise Password Vault Pricing and Cost Advice →

  • "I am using the open-source version of Vault and I would have to buy a license if I want to get support."
  • "The AWS version is much cheaper than HashiCorp Vault."
  • "It could do everything we wanted it to do and it is brilliant, but it is super pricey. To be fair to HashiCorp, we drove the price up with our requirements around resiliency. Because of the nature of our company, we don't really operate in the cloud."
  • "The solution's cost is reasonable."
  • "The product is expensive."
  • "In my case, the open-source version works well. It's advisable for small to medium-scale organizations, but for large-scale organizations, you should go with the enterprise version."
  • More HashiCorp Vault Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Enterprise Password Managers solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Previously, we used to share passwords for service and normal admin accounts among team members. However, since we started managing it through the product, we've transitioned to individual admin… more »
    Top Answer:The tool's UI has bugs and lags. It needs to be improved. The deployment process can be complex due to multiple components for various functionalities, each requiring separate infrastructure… more »
    Top Answer:HashiCorp Vault was designed with your needs in mind. One of the features that makes this evident is its ability to work as both a cloud-agnostic and a multi-cloud solution. As a cloud-agnostic… more »
    Top Answer:It's stable. I would rate the stability a nine out of ten.
    Top Answer:The enterprise version would require considering factors like the level of support needed, the amount of secret data being stored, and replication needs. But in my case, the open-source version works… more »
    Ranking
    Views
    8,102
    Comparisons
    5,016
    Reviews
    15
    Average Words per Review
    548
    Rating
    8.3
    Views
    19,546
    Comparisons
    13,475
    Reviews
    9
    Average Words per Review
    447
    Rating
    8.4
    Comparisons
    Learn More
    CyberArk
    Video Not Available
    Overview

    CyberArk Enterprise Password Vault, a vital component of the CyberArk Privileged Access Manager Solution (PAM), is designed to create, secure, rotate, and control access to privileged accounts and credentials used to access systems throughout an enterprise IT ecosystem. CyberArk Enterprise Password Vault enables enterprise organizations to better understand the scope of their privileged account risks and put controls in place to prevent malicious or inappropriate account or credential access.

    CyberArk Enterprise Password Vault uses a Central Policy Manager protocol (CPM) to perform the basic password management functions.

    • Verify Password Task - The CPM will pull the password from the vault and use it to log into the application or device to verify that the password is indeed correct and satisfies all the password safety protocols.
    • Change Password Task - The CPM will pull the password from the vault and create a new password that meets all preset protocols. It will send it to the device or application and then begin the process of changing it, using the same method that might be performed manually. The CPM will then update the password in the vault.
    • Reconcile Password Task - This task is utilized when there is a failure in either the Verify Password Task or the Change Password Task. Using a pre-established reconcile account from the vault, the CPM will use the reconcile account credentials to reset or fix problematic password issues due to changed passwords not being updated properly, new accounts being established, or any other failure with the above tasks.

    Enterprise organizations can utilize the easily adaptable policies and protocols to enforce granular privileged access controls, automate workflows, and rotate passwords at prescribed regular intervals without requiring any manual IT effort. Additionally, to satisfy compliance regulations, organizations can easily generate reports to prove that passwords are being changed regularly according to guidelines, meet strict password safety protocols, and report on which users accessed what privileged accounts, when, why, and what device they were using. Enterprise organizations can know at all times that data has remained secure at all times. CyberArk Password Vault will have enterprise organizations audit-ready at all times, keeping them safe and secure from risks while maximizing productivity and profitability.

    Reviews from Real Users

    Irma S., a program manager at a HR/Recruiting firm, said, "I love how easily we could operate within Password Vault and get things done. It was almost effortless."

    Another user, who is a security delivery analyst at a computer software company, relates that CyberArk Password Vault offers, “Good policy configuration and tech support.”



    HashiCorp Vault is a cloud-agnostic solution used for security and secret management. Its valuable features include integration with other HashiCorp tools, token sharing, open source nature, cloud agnosticism, and on-the-fly encryption management. 

    The solution provides encryption of data at rest, in use, in transit, on the fly, and linked with applications. It is free to use, and the interface is simple to navigate. HashiCorp Vault has helped organizations with its multiple authentication methods and RESTful API.

    HashiCorp Vault Features

    • Data encryption: The solution is capable of encrypting and decrypting data, and will not store it. Organizations’ security personnel define their own encryption protocols; developers can store the encrypted data where they choose and are not obligated to design specific encryption processes.

    • Robust secrets: For systems such as AWS or SQL databases, Vault is able to generate secrets automatically. HashiCorp Vault is able to generate AWS keypairs with all the appropriate permissions when necessary, and when the approved time expires, will nullify them.

    • Secure secret storage: Any type of value or key secrets can be stored in the Vault. The Vault automatically encrypts the desired secrets before recording them into persistent storage, keeping them safe and secure. Users can record data using HCP Vault’s Consul service or disk, or choose from other options.

    • Nullification: Vault is able to nullify single secrets or all secrets from a particular group or specific user. This process is integral in securing systems in the event of an attack or inappropriate access.

    Reviews from Real Users

    The greatest benefit of HashiCorp is its ability to manage encryption on the fly. It provides encryption of data at rest, in use, in transit, on the fly, and linked with applications, which was really attractive. The lifecycle of a key is so easy to manage in terms of rotating, revoking, and issuing. They have different auth methods, and I tried all different auth methods. It is seamless.”- Project Manager at a comms service provider.

    “The most valuable feature of HashiCorp Vault is that it's an open source solution. Second, it's cloud-agnostic, so it's very easy to maintain and control, which is why we prefer HashiCorp. “ - Mohamed A., Lead DevOps Engineer at Etisalat.

    Sample Customers
    AstraZeneca, Time, DBS, Novartis, Motorola, BT, pwc, Braun, Deloitte, Williams, Revlon, Belgacom, Barclays
    Adobe, SAP Ariba, Citadel, Spaceflight, Cruise
    Top Industries
    REVIEWERS
    Financial Services Firm31%
    Computer Software Company19%
    Comms Service Provider14%
    Energy/Utilities Company6%
    VISITORS READING REVIEWS
    Financial Services Firm23%
    Computer Software Company11%
    Insurance Company7%
    Government7%
    REVIEWERS
    Financial Services Firm44%
    Comms Service Provider33%
    Pharma/Biotech Company11%
    University11%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company15%
    Manufacturing Company7%
    Healthcare Company6%
    Company Size
    REVIEWERS
    Small Business19%
    Midsize Enterprise21%
    Large Enterprise60%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise11%
    Large Enterprise74%
    REVIEWERS
    Small Business21%
    Midsize Enterprise29%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    Buyer's Guide
    CyberArk Enterprise Password Vault vs. HashiCorp Vault
    March 2024
    Find out what your peers are saying about CyberArk Enterprise Password Vault vs. HashiCorp Vault and other solutions. Updated: March 2024.
    765,386 professionals have used our research since 2012.

    CyberArk Enterprise Password Vault is ranked 4th in Enterprise Password Managers with 47 reviews while HashiCorp Vault is ranked 2nd in Enterprise Password Managers with 15 reviews. CyberArk Enterprise Password Vault is rated 8.4, while HashiCorp Vault is rated 8.2. The top reviewer of CyberArk Enterprise Password Vault writes "Helps to store system accounts ". On the other hand, the top reviewer of HashiCorp Vault writes "Easy to manage and maintain the password API but stability could be improved". CyberArk Enterprise Password Vault is most compared with Azure Key Vault, AWS Secrets Manager, Delinea Secret Server, BeyondTrust Password Safe and LastPass, whereas HashiCorp Vault is most compared with Azure Key Vault, AWS Secrets Manager, Delinea Secret Server, Keeper and BeyondTrust Password Safe. See our CyberArk Enterprise Password Vault vs. HashiCorp Vault report.

    See our list of best Enterprise Password Managers vendors.

    We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.