Most Helpful Review
Find out what your peers are saying about CyberArk PAS vs. Microsoft Azure Active Directory Premium and other solutions. Updated: January 2020.
389,772 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies.
CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale.
When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution.
Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control.
The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task.
For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks.
There are no issues with scalability. Our clients are very happy to use the product.
We are maintaining compliance in PCI, SOX and HIPPA, which is a big thing. Auditors really like it, and it has made us stay compliant.
This solution serves as the basis to understand the MS SSO and MFA capabilities.
When logging on to Azure AD it's pretty quick.
Configuring the domain and setting it up in the Azure portal is just three clicks to be honest.
The most beneficial feature would be the effectiveness of having a hybrid set-up.
It's very easy to run and it's part of their ecosystem and I don't think it's going anywhere anytime soon.
The ability to speed up ability is an asset.
The self-password reset if it's enabled and configured properly, really helps a company be able to reset rather than getting IT involved.
Just because I've been in the Azure space since it started out and in the Microsoft Cloud AD since the BPOS days in the early 2000s, and it's just a product that made life simpler for my clients to be able to integrate everything.
There is a bit of a learning curve, but it's a pretty complex solution.
CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms.
The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time.
It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers.
Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use.
Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server.
The initial setup of CyberArk is a challenge if you do not have prior experience with it.
Make it easier to deploy.
The SSO MyApps interface is very basic and needs better customization capabilities.
At first, it was a bit challenging to come up with a workaround that would get authentication to work.
Initially, we wanted to exclude specific users from MSA. So, we had a condition policy, which forces MSA for all the users. So we wanted to exclude users who are using an NPS extension. So it was not listed, as a NPS extension was not listed outside an application, in actual, so, we go back and were not able to exclude users using NPS extension from MSA. So that was one limitation that we found and we had to work around that.
Tech support is inconsistent.
To look at more documentation, engineering, or an open standard would be nice.
Microsoft has so many different requirements and priorities that sometimes they don't invest all their energy into the products that you have expectations to investigate.
Documentation I think is always the worst part with what Azure's doing right now across the board.
Whatever business requirements we needed in the past three years, users were created, with the name of the user and they were not connected with the Active Directory. We were trying to in house in three years and with directory, but we were not able to achieve it.
Pricing and Cost Advice
In comparison to other products on the market, CyberArk is a more costly product.
This solution is considered to be more expensive than others out there on the market today.
I do not have any opinions to add about the pricing of the product.
No, I do not have any advice on the price of the product.
Network and security licenses are currently being managed by other outsource vendors, so they are facing some type of problems in the digital aspect.
With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time.
If you are looking at implementing this solution, buy the training and go to it.
Our risk is definitely significantly lower. Also, our resources are low.
I do not have experience with pricing.
It's really affordable.
Licensing is easy.
It is a really nice tool and we have a license for the more complex model.
It is not too expensive.
The licensing is really not clear unless you are a premium client.
The licensing cost is a bit prohibitive.
out of 26 in Access Management
Average Words per Review
out of 26 in Access Management
Average Words per Review
Compared 13% of the time.
Compared 9% of the time.
Compared 8% of the time.
Compared 53% of the time.
Compared 9% of the time.
Compared 6% of the time.
Also Known As
|CyberArk Privileged Access Security, CyberArk Privileged Account Security, SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, Application Identity Manager, On-Demand Privileges Manager, Endpoint Privilege Manager||Azure Active Directory Premium, Azure Active Directory Premium P1|
CyberArk is the trusted expert in privileged account security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.
Azure Active Directory Premium provides single sign-on to thousands of cloud (SaaS) apps and access to web apps you run on-premises. Built for ease of use, Azure Active Directory Premium features multi-factor authentication (MFA); access control based on device health, user location, and identity; and holistic security reports, audits, and alerts.
Learn more about CyberArk PAS
Learn more about Microsoft Azure Active Directory Premium
|Rockwell Automation||PresenceHealth, Walsh Construction|
Financial Services Firm29%
Software R&D Company29%
Comms Service Provider13%
Financial Services Firm12%
Software R&D Company26%
Real Estate/Law Firm7%
Financial Services Firm6%