We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Its' quite stable."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"The Password Upload Utility tool makes it easier when setting up a Safe that contains multiple accounts and has cut down the amount of time that it takes to complete the task."
"We've written over a hundred custom connectors ourselves that allow us to do all types of privileged session management for various applications. On top of that, the rest of the API-based central credential providers allow us to get away from credentials that may be hard-coded in the script or some application."
"The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
"The technical support is good."
"The most valuable feature is Special Monitoring."
"When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution."
"The solution is very good at securing files. For example, if I forward a secure document, it's blocked from others, as I can send it with restrictions in relation to who can open it."
"Integration between our departments has been the most valuable."
"The solution offers excellent documentation that is easily available online."
"Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting."
"They need to provide better training for the System Integrator."
"CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms."
"It needs better documentation with more examples for the configuration files and API/REST integration"
"We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
"Their post-sale support area requires a big improvement. Customers cannot automate tickets directly with CyberArk. They have to come through the distributor or bring in partners who have access to the support portal. Basically, the support for post-sales implementation is there, but the role of CyberArk is very minimal. Customers have to rely on partners, which sometimes creates issues. Some of the vendors help you during the implementation process, but the CyberArk support team does not do that. They have 24/7 support for our region, but they help only if there is an emergency or there is a problem with their system. If the password vault is down or the system is down, they provide immediate attention. For almost everything else, they take more time to respond. They give low priority to service-related or migration-related questions."
"Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use."
"The MDM part of the engine could be better."
"We did the deployment with the help of Microsoft's consultants. But sometimes, we found it difficult to educate the application developers to integrate."
"Technical support could be improved. Sometimes they use a third party that's not so knowledgeable in the product and that can slow down things a bit."
"The price of this solution is quite reasonable."
"Pricing is quite high and it could be improved."
"Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
"Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
"They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."
"The price of CyberArk support could be a little bit less. Otherwise, pricing is fine."
"The solution is very expensive and requires a license. We pay for an enterprise license."
"I believe that this solution is priced well. It's the market leader and I think that it's the best solution."
Earn 20 points
CyberArk is the trusted expert in privileged access management and a global leader Identity Security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.
Microsoft Enterprise Mobility + Security (EMS) is the only comprehensive solution designed to help manage and protect users, devices, apps, and data in a mobile-first, cloud-first world.
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 17 reviews while Microsoft Enterprise Mobility + Security is ranked 13th in Enterprise Mobility Management (EMM) with 3 reviews. CyberArk Privileged Access Manager is rated 8.4, while Microsoft Enterprise Mobility + Security is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Its architecture is much more secure compared to competitors ". On the other hand, the top reviewer of Microsoft Enterprise Mobility + Security writes "Excellent security and documentation with constant updating to protect from threats". CyberArk Privileged Access Manager is most compared with SailPoint IdentityIQ, Thycotic Secret Server, BeyondTrust Endpoint Privilege Management, Azure Active Directory and Cisco ISE (Identity Services Engine), whereas Microsoft Enterprise Mobility + Security is most compared with Cisco ISE (Identity Services Engine), Microsoft Intune, SailPoint IdentityIQ, IBM MaaS360 and VMware Workspace ONE.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.