We performed a comparison between Azure Active Directory and CyberArk Privileged Access Manager based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Azure Active Directory is the more popular solution because its deployment is easier and it has a free version.
"You can write different types of policies for custom business needs or any developer needs. If they need certain functions allocated, they can be customized easily."
"It provides an accountability to the individuals who are using it, knowing that it is audited and tracked."
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"The most valuable feature of CyberArk Privileged Access Manager is the vault. I am satisfied with the interface and the documentation."
"I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"The central password manager is the most valuable feature because the password is constantly changing. If an outsider threat came in and gained access to one of those passwords, they would not have access for long."
"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."
"The most valuable feature of this solution is that is easy to use."
"User and device management is the most valuable feature."
"Azure Active Directory has been very useful for our company, it is not difficult to use."
"We have a history of all our authentications and excellent integration with the Microsoft solutions we use at our company. It runs smoothly in Windows and macOS."
"If you want to replicate a website at the frontend in Azure, it's very easy to do it globally."
"Microsoft Authenticator is highly secure."
"It has made our work easier in that it’s simplified everything for us."
"The best thing about Microsoft Entra ID is the ease of setup."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"The documentation is rather basic and it is missing many use cases."
"One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible."
"CyberArk PAM is a very broad product as everyone's requirements for implementation are different. In our particular case, the initial implementation was planned and developed by people who didn't know our specific network requirements, so the initial implementation needed to be tweaked over time. While this is normal, at the time all these "major" changes required CyberArk professional services to come in-plant and "assist" with the changes."
"The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
"We need a bit more education for our user community because they are not using it to its capabilities."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"It would be ideal if the solution moved to a passwordless type of environment. It's the future of authentification. It's also more secure and convenient."
"The onboarding process for new users can be improved. It can be made simpler for people who have never registered to Azure AD previously and need to create an account and enable the MFA. The initial setup can be made simpler for non-IT people. It should be a bit simpler to use. Unless you get certifications, such as AZ-300 and AZ-301, it is not a simple thing to use at the enterprise scale."
"Be aware that it may not work perfectly globally yet. There are still glitches with the solution in Africa."
"I would like to see Microsoft communicate how they intend to manage legacy applications. Right now, you still have to deploy a hosted domain server (which comes at an extra cost) if you have a legacy application that cannot sync properly with the enterprise applications and the modern applications."
"I think something that is key would be the group policies replication over the cloud, in order to prevent or to avoid relying on the on-premise Active Directory servers and to manage group policies."
"Transitioning to the cloud is very difficult. They need the training to make it easier."
"From an admin perspective, I would like to see improvement in the Microsoft Graph API."
"Microsoft Authenticator can improve their notifications because sometimes, my team doesn't receive notifications about app updates and authentication failures."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Microsoft Entra ID is ranked 1st in Access Management with 190 reviews. CyberArk Privileged Access Manager is rated 8.8, while Microsoft Entra ID is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Delinea Secret Server, WALLIX Bastion, One Identity Safeguard and Zscaler Internet Access, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, Yubico YubiKey, Cisco Duo and Auth0. See our CyberArk Privileged Access Manager vs. Microsoft Entra ID report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.