We just raised a $30M Series A: Read our story

CyberArk Privileged Access Manager OverviewUNIXBusinessApplication

CyberArk Privileged Access Manager is #1 ranked solution in top User Activity Monitoring tools and top Privileged Access Management (PAM) tools. IT Central Station users give CyberArk Privileged Access Manager an average rating of 8 out of 10. CyberArk Privileged Access Manager is most commonly compared to SailPoint IdentityIQ:CyberArk Privileged Access Manager vs SailPoint IdentityIQ. CyberArk Privileged Access Manager is popular among the large enterprise segment, accounting for 58% of users researching this solution on IT Central Station. The top industry researching this solution are professionals from a computer software company, accounting for 28% of all views.
What is CyberArk Privileged Access Manager?

CyberArk is the trusted expert in privileged access management and a global leader Identity Security. Designed from the ground up with a focus on security, CyberArk has developed a powerful, modular technology platform that provides the industry's most comprehensive Privileged Account Security Solution.

CyberArk Privileged Access Manager was previously known as CyberArk Privileged Access Security.

CyberArk Privileged Access Manager Buyer's Guide

Download the CyberArk Privileged Access Manager Buyer's Guide including reviews and more. Updated: December 2021

CyberArk Privileged Access Manager Customers

Rockwell Automation

Pricing Advice

What users are saying about CyberArk Privileged Access Manager pricing:
  • "Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
  • "Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
  • "The price of CyberArk support could be a little bit less. Otherwise, pricing is fine."

CyberArk Privileged Access Manager Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
James Ashley
Security Team Lead at a insurance company with 1,001-5,000 employees
Real User
Its architecture is much more secure compared to competitors

Pros and Cons

  • "We've written over a hundred custom connectors ourselves that allow us to do all types of privileged session management for various applications. On top of that, the rest of the API-based central credential providers allow us to get away from credentials that may be hard-coded in the script or some application."
  • "Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting."

What is our primary use case?

CyberArk's Privileged Access Management solution covers a whole range of features, like privileged web access, private vault, privileged session manager rights for a session in isolation, privileged threat analytics for analytics, and private sessions. We also use CyberArk's Application Access Manager, which includes their credential providers, such as agents and run servers. Then there is a central credential provider, which is API-based credential retrieval, and DAP or Conjur. This is more of a DevOps model for credential provisioning. We also have the Central Policy Manager, which rotates the credentials associated with unprivileged or servers accounts. It's a huge environment. 

Those are all the different functions we use. We initially purchased CyberArk for privileged access manager and session isolation of privileged users. By privileged users, I mean main admins, global admins, and preps like Azure or Office 365. Our initial use case was to manage those users who could drastically impact the environment if their credentials were compromised.

After we purchased the product, we had a third party on it. They suggested we also leverage CyberArk as part of the platform for managing service accounts, i.e. go out and proactively rotate credentials that are running or ordering services. That's another kind of big use case that we started implementing a couple of years. It's long work. It is tough to do, there's a lot of cases where it just doesn't work right, but overall it's been pretty valuable.

How has it helped my organization?

From a security perspective, CyberArk PAM gives us a lot of control and visibility into what our privileged users are doing. In terms of securing our cloud-native apps, we're just getting into deploying things to Azure, AWS, etc., and DAP brings a lot of value to that because it is cloud-agnostic credential retrieval. Azure has their key vaults, and AWS has their version if you are a multi-cloud solution. CyberArk's Secrets Manager, or DAP, brings a lot of value because you only have to learn how to integrate your apps with one solution that can be deployed across multiple clouds. 

I will say that CyberArk is struggling with some of the cloud integrations. For instance, Azure has a native identity solution, and Microsoft keeps causing issues with their ability to identify the hosts calling back. Some cloud providers are trying to lock CyberArk and other tools out of their environment and force you to use their native one. With that said, I don't use the other functions. I don't use the containerization Kubernetes integration or anything like that. We're not at that point yet. One of my significant concerns about investing a lot of time in CyberArk Conjur or DAP solution is that Microsoft seems to be trying to push them out of that space, and if they do that, then all of that work is null and void.

What is most valuable?

In our initial use case, we found CyberArk's privileged session management functionality to be incredibly flexible. It's challenging to write these plug-ins, but if you have somebody with a development background, you can write all sorts of custom connections to support different functional applications. We've written over a hundred custom connectors ourselves that allow us to do all types of privileged session management for various applications. On top of that, the rest of the API-based central credential providers allow us to get away from credentials that may be hard-coded in the script or some application. 

What needs improvement?

CyberArk's web console isn't in a great state. Over the last three years, if not more, it has been transitioning from what they call the "classic UI" to its modern interface. However, there are a lot of features that you can only use in the classic interface. Hence, each version seems to put more makeup on the modern interface, but all of the complex functionality you need is still in the classic UI. 

I'm not sure they've figured out how to transition, and they're kind of in a weird state. So, while CyberArk has made strides, the web interface is painful, particularly as an administrator, because you have to bounce between these different user interfaces. It is an incredibly complex solution that requires at least a dedicated employee or more to maintain it, support it, and understand it thoroughly. If you don't have that, it's just not the right solution for you because it is very complicated. 

Many of the infrastructure folks who use the product dislike it because it complicates their workflow. They get a little less control, and they have to go through a specific solution. It proactively logs in for them, which obfuscates some of the issues that they may be troubleshooting. And I think some of the consumers aren't big fans of the product. Also, I feel that in the last year or so, CyberArk has been pushing very hard for customers to go to their cloud solution. It doesn't have the same flexibility as the on-premise version, which is problematic because that's where I see a lot of value in the solution.

For how long have I used the solution?

I've been using CyberArk PAM for about four years now.

How are customer service and support?

CyberArk support isn't the worst, but it's certainly not the best. I'd give it a six out of 10. They were responsive. After you submit a ticket, you get the typical response. You gather all the logs and send them, and then they do some analysis. They typically send you back to get more specific logs, so it's a standard support experience. I would not say it's great, but it is not terrible either.

Overall, as a partner in our digital transformation, CyberArk has been great. The technology adds a lot of value, but they're also very much engaged and concerned. The customer success manager very much wants to make sure we're getting value out of the tool. I guess my only concern there is that they are pushing very heavily for customers to switch to their new cloud solutions that may or may not fit our needs or expectations. I am worried that they're going to push even harder. For example, CyberArk might start offering features only available in the cloud solution that would make our future somewhat tenuous depending on what's going on. So my only hangup is that they're pushing cloud solutions that I don't think are very mature yet.

How would you rate customer service and support?

Neutral

How was the initial setup?

The environment's architecture is very complex, depending on your use cases, and I'm talking about CyberArk as a whole. Their past solution — their AM solution — and all of the other solutions bundled together are straightforward, and it all needs to work together. Depending on your use case and the connected components you need to have or build, you must learn a lot. So, it's not as simple a thing to deploy — at least on-premise. It isn't straightforward. Our environment comprises 20 to 30 servers that we had to spin up and connect. Disaster recovery has to be thoroughly vetted, discussed, and documented because as you onboard and manage those privileged accounts, you need a way to get to them if something goes wrong.

It took about a month to get the product running and several months to onboard users. And when we start talking about Application Access Manager, that's ongoing, and I think that'll probably be ongoing for a very long time. We were targeting our specific use cases, so we started with interactive users. The whole idea was to restrict, manage, and monitor those interactive users. Our rollout proceeded from the most privileged users to the less privileged users. Then we started targeting service accounts and that kind of stuff. So it was a phased approach from highest risk to lowest risk to lower risk.

CyberArk PAM requires a lot of maintenance. Right now, we have about one and a half people, but I would say we need to add several more people to do a better job and add a lot of functionality. It requires a lot of maintenance and monitoring. They've relied on many different Microsoft features to secure the privileged session manager. It requires a lot of tuning, monitoring, and managing those solutions. They use AppLocker to restrict and isolate these running sessions, and AppLocker breaks all the time, so you have to go in and troubleshoot why it's broken and tweak it. That could mean adding a new rule or updating an application. It is a lot of maintenance, depending on your use case. But then again, we have gone very hard into privileged session management and developed over a hundred custom connectors. Another customer might deploy RDP and call it a day, drastically reducing maintenance.

What was our ROI?

If you ask me the ROI, I'm not sure I could give you an exact number. Security tools are pretty tricky when it comes to that. But if you're adopting a risk-based approach, this substantially reduces risk. It brought a lot of visibility and allowed us to monitor all of our privileged users, so it is valuable from the perspective of KPI, modern solutions, and risk reduction. If we were to score this on an internal risk review, our previous risk would rank four out of five, and we've lowered this to a low severity risk.

What's my experience with pricing, setup cost, and licensing?

CyberArk had just changed switched their licensing model to perpetual licenses when we purchased, including the whole PAM Suite. Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization. 

In the last year or so, it's my understanding that they have switched from a perpetual licensing model to pushing companies to a subscription-based model. I have not dealt with this yet, so I'm not sure my feedback on licensing would be too valuable because they've moved away from the license type we purchased.

Which other solutions did I evaluate?

This was our first foray into the PAM space. We did a proof of concept evaluating three different solutions, so CyberArk was the clear winner. I don't want to speak ill of any other solutions, but I will say that CyberArk's architecture was much more secure. Other competing solutions may leverage an agent that is installed on your local machine and runs your privileged applications locally, leaving a lot to be desired from a security perspective. 

CyberArk uses remote desktop gateways similar to Microsoft's RDS functionality, and it abstracts that privileged application from your workstation. So even if you're compromised, a malicious actor on your laptop or workstation would not be able to get to that privileged application. This was very valuable to us. Other solutions did not have that functionality.

What other advice do I have?

As it stands today, I would rate CyberArk PAM nine out of 10. However, I'm concerned about the future of the platform. While I've had nothing but great experiences so far, I have concerns about how they've been pushing that cloud solution in the last year and a half. I feel like they're going to pressure us to move to the cloud even though they're not mature enough in the cloud. 

Rather than create a cloud-native version, they've migrated their on-premise solution to the cloud, but they don't allow cloud customers to access the backend, which I recommend all the time as an on-premise user. Instead, you have to submit a support ticket and have their support do things on your behalf, which delays your ability to work with the tool. Furthermore, they may not be willing to make the modifications you want because it would affect their ability to impact the solution consistently. CyberArk designed the on-premise version to be incredibly flexible, and I have never found a use case where I can't do the work I want to do. Their cloud model discards a lot of that flexibility, which is where I see a lot of value, so I have concerns about the future of the tool.

Also, I'd like to point out that service account management is incredibly hard, particularly in a company that's been around for a while. Any company looking to adopt service account management needs to know that it's not as easy as vendors make it sound. Many things don't work right out of the box, so the most important lesson we've learned is to calibrate the expectations of senior management when it comes to service account management because it is a lot harder than anybody thinks. You're likely to break things in the process of trying to manage these accounts. 

Which deployment model are you using for this solution?

On-premises
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
GerryOwens
Founder at GoTab IT Risk Services
Real User
Top 5Leaderboard
Provides simplicity and ease of implementation for the right level of security controls

Pros and Cons

  • "CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
  • "CyberArk has to continue to evolve with that threat landscape to make sure that they're still protecting those credentials that are owned by those that have privileged accounts in the firms."

How has it helped my organization?

From an industry perspective, you continue to see the headlines in the media about how bad actors have been able to take advantage of weak policies and security controls around access management within companies.  In these cases, the focus has been around employees that can access the most sensitive information, or have access to the very controls that operate and protect the firm.  Products like CyberArk, that provide controls for privileged access, have helped mitigate the threat of taking over those accounts that have the greatest amount of risk to an organization, particularly for those who are system administrators and have the highest powers in being able to access all levels of the technology infrastructure.

When it comes to the product's ability to standardize security and reduce risk across the entire enterprise, standardization is all about simplifying the complexity of IT threats and risks and it's all about the standardization of the controls that you have in place. If you have a product set that enables you to provide security, and it is consistently applied across a specific user base, then you have standardization which drives both enhanced security through the privileged access controls, and efficiency through the standardization of your operating model.

Availability is an interesting challenge, but it is part of an IT Risk Strategy.  When it comes to Cybersecurity, Privileged Access control is the ability to manage IT risk associated with the most powerful access to your infrastructure services.  This IT Risk can manifest itself as compromised information, manipulated data, or disruption of your IT based services. A Privileged Access Security product reduces the threat of stolen credentials and account takeovers of those profiles that would have the power to take down your enterprise.   Therefore, it not only reduces the risk to your firm, but also drastically improves availability. 

What is most valuable?

The most valuable features are its simplicity and the ease of implementation. When you think about privileged access management and the complexity of solving privileged access for those system administrators in your organization, CyberArk is a product that helps you simplify that problem and implement a standard set of security controls to protect the enterprise.  

In terms of the products ability to manage Privileged Access control requirements at scale; scale is really a function of two influences, which would either be the size of your infrastructure, or the complexity of your organizations operating model for those that have privileged access to your infrastructure services.  CyberArk scales quite readily across a large organization and through proper design and engineering is capable of expanding across a variety of use cases.  Like any technology control implementation however, it is always important to ensure you review and optimize the organizations support operating model, in order to ensure that you have the most optimal design and implementation of CyberArk.  

What needs improvement?

CyberArk has captured the individual privileged access space well. They've captured the application-to-application and DEVOPS space quite well.. They should continue to invest in optimizing the services, and help companies drive down risk associated with application based passwords, as this is an industry that is being closely watched by external regulators. 

CyberArk continues to stay close to the industry and are always looking for ways to improve  their products and service offerings accordingly.  There are 3 areas that I would call out, that CyberArk should continue to focus on:

1) Continue to help organizations understand how they align their strategies and roadmaps to industry trends and the overall cybersecurity threat landscape. 

2) Continue to help the industry innovate on talent , and position customers to be more successful in supporting their CyberArk implementations. 

3) Continue to help customers understand the Risk reduction capabilities and scorecards associated with their deployments.  Initiatives like the CyberArk Blueprint will help enable enable informed customers. 

What do I think about the stability of the solution?

The perceived stability of CyberArk is quite dependent on the complexity of the environment it is implemented in, and the overall design of the infrastructure, including both PSM and Vault technologies.  As an infrastructure it is quite stable; however, in complex network infrastructure environments, sporadic network disruptions could create issues accessing the various CyberArk network devices.

What do I think about the scalability of the solution?

Scalability is a function of both technology growth, and integration capability.  CyberArk has not only continued to advance the infrastructure robustness of their software solutions, but through the C3 alliance they have also created integration opportunities with other IT Security and Access Mgmt products that allow companies to provide a full ecosystem of IT controls within their organizations.    This also provides an opportunity for companies to consider best of breed products, like CyberArk, and not have to restrict their decisions to a small set of technology tools that do not provide comprehensive Privileged Access Services.

How are customer service and technical support?

CyberArk is a growing company and their technical support has continued to grow and mature across the organization. The one thing I'll say that CyberArk has been able to do is to continue to keep in touch with its customers and look into areas where there's opportunity to continue improving their technical support across the organization. CyberArk works with an integrated model: They have integrators within firms that will implement the product. But at some point, you always need to refer back to the software owners of the product to make sure that you're comfortable that what you've designed and implemented is in keeping with what their blueprint would have recommended in the first place. In addition, their technical support has continued to mature and grow to help customers become successful in their deployments.

How was the initial setup?

What is complex is privileged access management. When companies look at implementing a software solution for privileged access management, if they actually haven't looked at the complexities of privileged access within their own organization — and I'm speaking more in terms of the business processes for that type of access across the organization — then any software tool is going to look complex because it's not going to solve the problem.

If a firm focuses on understanding their existing Privileged Access operating model, the inherent business processes, and the risk & pervasiveness of Privileged Access across their enterprise, then they will be better positioned to understand the business problem they need to solve.  CyberArk will then become a capability that enables them to solve their IT Risk issues with privileged access, and capitalize on the efficiencies with their new operating model.  The complexity seldom ever lies in the technology. It always lies in how well it integrates with the business processes that the firm is trying to solve as part of its deployment.

What's my experience with pricing, setup cost, and licensing?

Privileged Access Management is a business transformation program.  It forces business to look at their overall operating model for system administrative and application based access, and develop a strategy that reduces risk overall to the enterprise. Once this strategy is completed, and a new operating model is conceived, CyberArk software and services becomes a very effective series of controls that enable the business to secure the most sensitive access to services, and allows the organization to operate within their risk tolerance. 

Far too often companies will treat the CyberArk product set as a software implementation, that becomes overly complex and evolves into a multi-year program. This is due in part to the legacies of technology programs, where the implementation will force business to rethink their operating model, and therefore delays, scope changes and cost of overall program becomes associated with the software implementation initiative. This is a consequence of positioning a Privileged Access program as a security software implementation, and not a true business transformation initiative. 

While CyberArk continues to adjust its licensing costs and continues to look at the comparisons in the industry and the ability to effectively and affordably help companies and firms solve their privileged access problems, companies also have to look at the overall cost of what a privileged access program means to their firm, and what shareholder value they gain as a result of implementing those types of products or services or business processes. In that context, they should start to look at what the comparison is against the software that they're using to enable those very controls they're trying to implement.

Which other solutions did I evaluate?

I've spent some time with BeyondTrust. I've spent some time with Centrify. I've had their products in for different instances and different purposes. They play an interesting concentric role in some of the areas that they focus on, but I wouldn't say I have one-to-one experience in other product sets.

What other advice do I have?

CyberArk continues to innovate, as they refine strategies based on industry research and trends in the cyber security landscape, and incorporate the necessary updates to both their roadmaps as well as their product sets. The creation of the customer implementation roadmap, acquisition of Conjur for DEVOPS and the development of  Alero to address 3rd party secured access, are examples of product innovation to address  emerging risks within the  industry.  

I would rate CyberArk 8 our of 10;  although I do remain impressed with their existing set of product offerings, their cyber security roadmap & strategy, and their overall corporate philosophy, I do feel it is necessary for them to ensure they remain vigilant and maintain pace with an evolving cyber industry.  Significant disruption in the technology industry brought on by advancements in Machine Learning / AI, commoditization of cyber attack tools, and rapid deployment of IoT based technologies, summon the need to ensure companies do not become complacent in the agility of their security tools.

I have several passions. One of the passions I've always had is in organizational transformation and leadership. A second is really around the space for identity and access management. CyberArk has allowed me to continue, even after I've retired from the industry after 35 years, to still live that passion through their customers. I've been given the opportunity to provide some keynotes around organizational transformation. It's an exciting industry to be in and CyberArk has allowed me the benefit of still continuing to enjoy that experience.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner.
Learn what your peers think about CyberArk Privileged Access Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
554,676 professionals have used our research since 2012.
KunalChandel
Corporate Vice President at a insurance company with 10,001+ employees
Real User
Top 10Leaderboard
PSM has taken care of all the deficiencies that we had

Pros and Cons

  • "When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution."
  • "The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time."

How has it helped my organization?

An example of one of the ways CyberArk has benefited our company is one of the simplest. And this one is something that a lot of companies struggle with: domain administrators and server administrators. These are among the top accounts that most companies need to protect. As part of our deployment, we decided to go with these first when we deployed PSM.

What we found out was that there's always that friction with operational teams where they don't want to do this kind of work because it is another thing they have to do. But once the product was deployed and we were able to give them all the tools that they have today, and they did not have to go through attestations and audits anymore and, when team members were coming in and leaving, all they had to do was put in a ServiceNow request to complete all the work, it was just something so different for them that all that friction just went away. It was one of those simplest things, but one of the biggest things that you can do in your company to protect it.

I don't know if CyberArk really helps with meeting our availability requirements, but it definitely helps a lot with managing the accounts and managing the credentials. Availability? It helps to an extent. If there is an event of some sort, yes, you can always go back and look at the logs and you can figure out through recordings what happened. But it's more about manageability than availability.

In addition, when we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle. We use standard products for RPA and all credentials are managed through CyberArk. All bots are protected via CyberArk, through PSM, and also through CCP calls. We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution. From a cost perspective, this was something that was a requirement, so cost was never really an issue here.

The solution's ability to secure robots’ privileged access is pretty good. We've been able to secure our bots. In fact, we take care of our bots right from a development environment, using our development instances. So when our developers are building the scripts around those bots, they're already aware of what's going to happen when things finally go into production. Obviously, the level of security doesn't need to be the same, but we do it through the complete lifecycle.

What is most valuable?

PSM has been one of the most valuable features. We started on this journey a while back. Initially, when we did not have PSM, we started with AIM and that was our first use case. But an audit came along and we had to go towards something a little bit better and we had to migrate more applications. PSM came along and did exactly what we needed it to do. To take care of all the deficiencies that we had, PSM was the right thing to do.

What needs improvement?

We work with CyberArk's customer success team and we work with its engineering team back in Israel. We've been doing things on CyberArk which a lot of its customers, we know, have not been doing.

The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing SaaS products, SaaS vendors, and SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming, but these are the major places where CyberArk definitely needs to invest some more time. Because this is what the future is. You're not going to have a lot of on-prem applications. Most stuff is going to the cloud.

What do I think about the stability of the solution?

Not every product is 100 percent stable. CyberArk does have some issues once in a while. But the core product, the vault system, has been extremely stable. We haven't had a single problem since we got this thing deployed, and it's been more than six years now. We've not had a single problem with the vault. 

Related to the software, there are other things that can cause problems. You could have clusters going down or you could have issues with hardware, but the product itself has been very stable. 

There are the usual quirks you have sometimes with PSM, but it's been a very stable product for what we need it to be.

What do I think about the scalability of the solution?

In terms of the product's ability to manage all our access requirements at scale, about 80 percent of it can be managed. There is no product in the market which can say, "We can do 100 percent, we can do everything." Or, they say that they can, but when it comes to it, it doesn't really happen. But with CyberArk, we've had the benefit of it being a little scalable, plus very easy to configure for the different use cases we have. So we can cover around 80 percent. But then we have to put some compensating controls around the other 20 percent.

It has scaled for our use cases. We built it according to the very large specification and it has scaled. It has done exactly what we need it to do. We've not yet had a performance issue to date.

How are customer service and technical support?

We've had good relationships with their technical department. My team usually does more engineering. We work with CyberArk's customer success team more often than the regular technical support. My operations team usually deals more with tech support.

When it has really come down to major issues, if we've ever had a Sev 1, they've been on point. They have picked up the phone, they've called us and they've helped us.

Which solution did I use previously and why did I switch?

We did not use a different product. We had an in-built vaulting system for managing our own credentials. We've been a CyberArk customer for a while. We had the document vault. Privileged Access had just come out and CyberArk was one of the easiest choices we could make at that time. That's how we decided to go with it.

How was the initial setup?

The initial setup was not straightforward. The very first setup that we did was specifically for AIM, which was obviously simpler. We had an in-built vault which we replaced with the AIM setup. 

Our PSM setup was very complex. We had about 450 applications that we had to onboard over a period of one year, and we had to remove close to 16,000 accounts. It was a very complicated setup. We built close to 35 different connection components to get this product in.

What was our ROI?

The total cost of ownership, over credentials, is definitely something that goes down if you have a vaulting system. But if you have deployed it correctly, that's the only time you can get that. We've definitely seen some improvements. There are additional costs associated with getting every application onboarded, but in the long run, it keeps the company secure and I don't think you can put a price on that.

What other advice do I have?

We use the solution with AWS. In fact, we set up a custom setup for AWS. We worked with the CyberArk engineering team to get it working, to come up with a custom solution to integrate our AWS EC2 instances. There were some limitations, as I mentioned earlier, with how the product integrates with AWS, so we had to make some major changes to how the integration works. As far as monitoring is concerned, it's standard CyberArk monitoring. We don't see anything specific to AWS, as far as the monitoring is concerned. This is the one place where CyberArk can improve.

Privileged access management is one part of IM. Anything that goes through has to get approved through the IM team, and our product of choice for privilege access is CyberArk. When we decided to go to the cloud, this was the natural choice because this was the product that the enterprise uses. We've had challenges. We've had to customize the product to meet our requirements. It might not be the same for every customer because our requirements are a little unique. But it eventually worked out. We've been able to meet most of our use cases.

CyberArk is an eight out of 10. It can do a lot. But there is definitely scope for improvement.

I come from the IM world, but I was more into access management. CyberArk was just one of those products which was thrust on me. Now I'm head of privileged access management, so CyberArk has been pretty good for me, going from the access management space to privileged access management. It's definitely had an impact on my career.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
DavidPoints
Associate Director of IAM at INTL FCStone Inc.
Real User
Top 10Leaderboard
DNA scan makes it fast and easy to find out who owns accounts

Pros and Cons

  • "Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
  • "It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."

How has it helped my organization?

We're a small IT shop of a few hundred people and the company has only a couple of thousand employees. We had some SharePoint workflows that people had used to get access via submitting a ticket. We had updated those processes by using some DevOps, some JAMS jobs that run in Azure, and they were breaking frequently. We have gotten people to understand now that they can just go to CyberArk. They don't have to submit a ticket, they don't have to go through a workflow, they don't have to put in the right server name or wait for an approval. It's just there. People really like that.

The solution standardizes security and reduces risk-access across the company. It's what the solution does. It's just a requirement. Standardizing access is taking away the "onesie-twosies." With the DNA scan, you're running a full report of everything on all your servers that you're targeting, or all the servers period, and finding those onesie-twosies accounts and getting rid of them. Standardizing and making local accounts on the servers, accounts that have least privilege and that don't have access to anything else, and giving people only that access when they log onto a box; that's pretty cool standardization.

In terms of being able to have a quick win using the solution, we were given a ridiculous deadline to meet an external customer requirement to have privileged access management in place within a couple of months. That was to include signing the purchase order, getting it installed, and having it up day one to take in what we thought were 17 servers. Actually, we found out it was 53 and, two weeks after we had it running, we found out there were upwards of 60 to 70 servers. Getting all those servers in, the accounts in place, by the deadline — even just installing it — was all an immediate win. People said it couldn't be done.

What is most valuable?

Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control.

We're quite new with CyberArk. We've just installed it this past summer and we've taken off with the Microsoft tier model. Tier 0 is our domain admin accounts and our local admin accounts on some applications are specific to SOX requirements. That's been amazing. It's basic-use PAM, but it's been really fast and easy because of the DNA scan. We knew what was there and we were able to go find who owned those accounts. Step one, step two, step three are really easy.

What needs improvement?

We're pretty excited about Alero, the third-party access management. As a small company we lean on vendors quite a bit and we do that in multiple areas. That's going to be a big one for us. It's just gone from beta to production. It's one of those things that's on our roadmap, but being so new to the toolset, we're just growing into the tool. We're not quite there yet.

What do I think about the stability of the solution?

The product has been around forever. In a way, it's a bit old-school. I came from a Windows Server environment, so I get how it's built. It's INI files, it's apps that run on Windows Servers. I'm sure there are other ways that it runs, such as in the cloud as well. There are other directions. But the base of the product is old-school. It just works. So the stability is there. My new engineers can do the install, they can understand how it works. It's quite stable.

What do I think about the scalability of the solution?

In terms of scaling, we're not there yet. We have a number of offices, we're a small company but we're spread globally and we're installing servers in Brazil. We also have servers in London, so we can scale geographically quite easily because it's applications running on servers. There's also a DR capability, having those vaults where needed, so we can scale that way.

There are a lot of new things coming out about endpoints, and third-party management is going to be big. We can scale geographically and we can scale outside of our borders and that's going to be cool.

Which solution did I use previously and why did I switch?

We had no PAM program when I came to this company.

How was the initial setup?

The initial setup is very straightforward. It's well-documented. We sought to have external advisors and third-party consultants help, in addition to CyberArk's help, because we had such tight deadlines. We were installing multiple environments with a turnaround in weeks and had to complete the training at the same time. Junior engineers were coming in and they could walk through it. We found out that it's almost self-doable. But that's probably not advised in any solution. The help was appreciated but it's straight-away easy.

Which other solutions did I evaluate?

In a previous life, I worked with TPAM, Quest products, and Safeguard. We evaluated five different toolsets when it came to my new role here — all the major players. The last two were Quest and CyberArk and I had a strong relationship with both groups. A lot of it came down to dollars and cents, but CyberArk also had that marketplace that told us that we could do certain things out-of-the-box. That was very important to us, enabling us to get stakeholders' buy-in: strategic alliances within our customers or the companies that we own. We got them bought-in to the idea that they were going to be using this tool. It came down to the marketplace.

What other advice do I have?

I'd never ever rate anything a 10. I'd probably never rate anything a one. I'd rate CyberArk as 7.5 out of 10. We actually did surveys of all the people that saw all the demos of all the new solutions we looked at. CyberArk was a seven or eight consistently, from all the people who watched it. The benefit of it is it's stable, it's old-school, it just works. The downside is that it's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers. Those are the highs and lows. It could be amazing if it all ran in the cloud, but that wouldn't be possible.

I started as a PAM engineer eight years ago. Learning PAM and understanding how it protects people and being the liaison who needs to take passwords away from engineers is really tough. But it put me in a good spot. I grew from a PAM engineer to an identity engineer to identity team lead to identity manager. Within the last year-and-a-half, I came into this company because of a PAM role. They hired me as an identity manager because I knew PAM and because I had a relationship; I was working on bringing CyberArk in as part of my previous role and they wanted me to come in and do that same evaluation here. So knowing CyberArk got me my job and, within three months, they said, "We don't need just one team like this doing these assessments. We need multiple teams. So you're an associate director." I said, "Thanks, I don't want to do that. I just want to play with PAM."

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
ABHILASH TH
Managing Director at FOX DATA
Reseller
Top 5Leaderboard
A perfect solution with good integration with the ecosystem, excellent stability, and fair pricing

Pros and Cons

  • "Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
  • "Their post-sale support area requires a big improvement. Customers cannot automate tickets directly with CyberArk. They have to come through the distributor or bring in partners who have access to the support portal. Basically, the support for post-sales implementation is there, but the role of CyberArk is very minimal. Customers have to rely on partners, which sometimes creates issues. Some of the vendors help you during the implementation process, but the CyberArk support team does not do that. They have 24/7 support for our region, but they help only if there is an emergency or there is a problem with their system. If the password vault is down or the system is down, they provide immediate attention. For almost everything else, they take more time to respond. They give low priority to service-related or migration-related questions."

What is our primary use case?

We are a system integrator. We are selling its latest version to customers who are new to PAM or are coming from an older PAM. 

How has it helped my organization?

The respected partnership and portfolio with CyberArk are highly valuable to our organisation, as it helps to open doors with Enterprises and Financial organisations, on serious discussions on Identity and PAM projects. CyberArk PAS solutions bring good services revenue and long terms relationships with customers.

What is most valuable?

Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong.

In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows, LINUX Server, DOMAIN CONTROLLER protection etc. They have also further advanced it with the security on the cloud and DevOps environment.

They have a bundle licensing model, which really helps, unlike competitions complex licensing. Even though in our market, few customers have the perception that CyberArk is expensive as compared to some of the other new PAM providers, but in terms of overall value and as a bundling solution, it is affordable and also CyberArk is highly scalable platform.

What needs improvement?

Their post-sale support area requires a little more attention to our region ( ME/UAE. The current support model does not allow the end customers to open a ticket directly with CyberArk. Customers have to inform the distributor or bring in partners who have access to the support portal to open support cases. The support teams liability is limited to product issues and they usually do not get into configurations and integrations, unless estimated and paid for PS services.  This indirectly helps Service providers like us to make extra revenue. The default 24/7 support to our region, is effective when there is an emergency like a serious software issue, or if password vault is down etc, for such cases they provide immediate attention. For the rest of the low priority like migrations, upgradations, backups etc ( in some site it shall be considered high ), they take more time to respond.

Looking forward to new features line API security 

For how long have I used the solution?

I have been engaged with CyberArk solutions for about five years.

What do I think about the stability of the solution?

A very stable platform for small to extremely large and complex organisations and distributed networks.

In one of the projects for global MNC, we had successfully executed projects with distributed Vault in 16 countries spread across 5 continents. This is done with a centralized primary vault( on HA )- HQ Datacenter, which connected distributed local vault and PSM, along with DR in the cloud. 

All these years in none of our projects haven't come across product stability or system crash isuses due to cyberark software

What do I think about the scalability of the solution?

For customer and service provides (like us ), PAM is a journey with continues improvement and hygiene practices to protect the critical system. CyberArk offers many solutions for endpoint privilege management, Domain Controller protection, DevOps security which helps in upselling and expanding the security measures. Also, the solution is capable of handling a distributed and heterogeneous environment 

How was the initial setup?

CyberArk PAS setup needs expertise and experience. Based on my experience, a small deployment of 10 or 20 PAM users takes one week to set up the PAM infrastructure and another one week to go live with basic modules and standard out of box integrations. The rest of the rollout has customer dependencies.  Ideally, the PAM system needs 3-6 months to get mature in an organisation.

What about the implementation team?

We do inhouse.

What's my experience with pricing, setup cost, and licensing?

Overall, bundle pricing and sales team support are really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules required in PAS, except the add-on advance technologies like agent-based endpoint, Win/Linus server protection, domain controller protection etc. When it comes to agent-based advanced technologies the overall cost is not cheap. However, the values it brings is highly critical to customers who are paranoid about targeted attacks.

Vendor PS BOQ are expensive like usual OEMs rates, but they do the Scope effectively within less time, which help the large customers ( like banks ) to run without any downtime 

What other advice do I have?

I would recommend CyberArk solution even for small customers, who have critical application and internet presence in their business. The licensing model support to start with even 5 privilege users, this really helps. We haven't experience Idaptive ( Identity Saas ) solution yet, however, it looks promising

I would rate CyberArk PAS a ten out of ten. They are sharp focused on privilege access security for more than 21 years. This highly remarkable.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Mateusz Kordeusz
IT Manager at a financial services firm with 1,001-5,000 employees
Real User
Top 20
Helps us to automate our jobs and administrative tasks

Pros and Cons

  • "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."
  • "We don't often contact technical support, but when we do it, the response could be faster and better."

What is our primary use case?

In our company, CyberArk is used to manage passwords for IP use. We use CyberArk for managing and automatically changing passwords in our managed system and environment.

We use it for coding privileged sessions, but we also use another solution for that, and CyberArk is the backup for this.

We are using the latest version.

How has it helped my organization?

It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes according to the internal security policies in our bank.

CyberArk PAM gives us a single pane of glass to manage and secure identities across multiple environments. This is quite important for compliance reasons.

CyberArk PAM provides quantitative risk analysis for every human and machine identity in our environment. This has a big impact on reducing risk. 

What is most valuable?

The PAM feature is the most valuable. It helps us to automate our jobs and administrative tasks. 

It also gives us a lot of features for compliance. Using this type of software is required by Polish law in finance and business in Poland.

We use CyberArk’s Secrets Manager to secure and manage secrets and credentials for mission-critical applications. The newest GUI is much better than the older version. Now, it is quite good.

CyberArk PAM provides an automated and unified approach for securing access to all types of identities that we use. This is very important to us.

What needs improvement?

I would like advanced RPA in the basic license. CyberArk has RPA, but we would need to buy additional licenses. It is not out-of-the-box.

I would like better support.

For how long have I used the solution?

I have been using it for five years.

What do I think about the stability of the solution?

So far, we don't have any problems. We have implemented higher availability in CyberArk. So, maintenance or updates don't have an impact on our environment. We don't have performance problems or anything like that. The stability is very high.

I have had no problem with agility in this solution. Everything works fine and gives us an opportunity to act as we want.

What do I think about the scalability of the solution?

According to the information that I have, we simply add more servers if we need it or have additional business requirements. So, scalability is high.

There are about 155 users. Mostly, they are our IT administrators and developers.

This tool is used daily in our bank. We don't have plans to increase usage right now.

How are customer service and support?

We don't often contact technical support, but when we do it, the response could be faster and better.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We didn't previously use another solution.

How was the initial setup?

The initial setup was complex. Our deployment took three months.

We needed to scale our environment and implement the correct number of servers to prepare for a working environment.

What about the implementation team?

Implementation of our CyberArk instance was done by an external company. It covered all our needs and requirements.

What was our ROI?

We have not seen ROI directly in money. However, we have seen ROI in quality. It increases security in our IT environment and provides the highest SLA for our systems.

CyberArk PAM helps save us time when it comes to onboarding new employees and providing them secure access to SaaS apps and IT systems. It is saving us about two to three days per new employee.

What's my experience with pricing, setup cost, and licensing?

We use an old model for pricing. The new model is a subscription model on the cloud. 

The price of CyberArk support could be a little bit less. Otherwise, pricing is fine.

Which other solutions did I evaluate?

We did some benchmarking, without the tools, to compare the cost of maintenance and functionality. We compared CyberArk to Password Manager Pro from ManageEngine. CyberArk has more functionality and better stability, in our opinion. The price was very similar between the two solutions. 

What other advice do I have?

CyberArk is a good technology partner. They help us a lot with maintenance and our security process management.

I don't have experience in the cloud using CyberArk. However, for on-premises environments, it works very well. I recommend it. 

I would rate the solution as a nine out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
BridgitAmstrup
Cyber Security Manager at a hospitality company with 10,001+ employees
Real User
Top 5Leaderboard
Improved our processes in terms of efficiency when it comes to creating accounts

Pros and Cons

  • "CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies."
  • "There is a bit of a learning curve, but it's a pretty complex solution."

What is our primary use case?

So far, CyberArk has done everything that we've needed it to. We are growing and moving into the cloud. We have a pretty complex environment. Everything that we've needed it to do in terms of managing our privileged accounts, it has done.

How has it helped my organization?

We have been able to really transform how all of our sysadmins manage all our infrastructure. Before, it was like the Wild West. Everybody was way over privileged and had access to everything all the time. Now, we finally have everybody into least privileged and auditing through PSM, which has been fantastic. We also have implemented dual control and just-in-time. So, it's moved the ability to manage a lot of our privileged users to where we need them to be.

CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies.

What is most valuable?

I like how thorough and complex it is. We have a solution, and it meets the needs that we need.

The most recent improvement with the user interface upgrade was really nice. It makes the end users very happy. It is way more intuitive. The information that they need to have is now available to them. So, I appreciate that as an update.

What needs improvement?

The user interface was a previous problem that has been overcome. 

What do I think about the stability of the solution?

We have implemented our own redundancy into the product. That has worked for us very well.

What do I think about the scalability of the solution?

We have been able to find a nice process for implementing CyberArk in terms of user adoption and onboarding. It's been pretty slick, and it works very well for us.

Which solution did I use previously and why did I switch?

We were lucky to have a board of directors who really embraced security. With their support, we were able to establish the need for a PAM solution. 

How was the initial setup?

When we originally implemented CyberArk, we did so incorrectly. With the help of CyberArk Professional Services, we were able to reorganize, reinstall, and upgrade within a week, then apply best practices to the implementation of CyberArk. So, I would say that it took us about a week to get setup correctly.

At first, the integration of CyberArk into our IT environment was a bit rough. People didn't want to give up the rights and privileges that they had. But, we were able to show them how easy it was for them. We even layered in multi-factor authentication to access the accounts that they needed, which were privileges for appropriate functions. Once we were able to show them how they could quickly and smoothly get the access that they needed, it was not a bad thing, as they found out.

What was our ROI?

The return of investment for the CyberArk implementation within our organization has come from the reduction of risk. That is a little tricky to quantify, but it's definitely there. 

We have improved our processes in terms of efficiency when it comes to creating accounts, managing the privileged ones and providing the correct access at the right time.

Which other solutions did I evaluate?

After evaluating several vendors, we found that CyberArk met our needs.

What other advice do I have?

I would rate CyberArk an eight point five on a scale of one to 10 because it has done everything that we have asked of it. There is a bit of a learning curve, but it's a pretty complex solution. They do have ways to make it easier, but it's easy to fall down the rabbit hole when you're going into a deep dive. However, if you follow the trail, you will find some pretty cool stuff.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
YP
Threat Protection Architect at a consumer goods company with 10,001+ employees
Real User
Top 5Leaderboard
Guarantees the password is known by no one or for a maximum of eight hours

Pros and Cons

  • "The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,"
  • "It needs better documentation with more examples for the configuration files and API/REST integration"

What is our primary use case?

Our primary use case is to control the technical accounts used in our DevOps environnment. The primary goal was to automate to the maximum all privileged accounts used by applications. It was a big issue because al dev guys were always using the same account/password couple. CyberArk is doing this for them transparently. Through time the scope was extended to all interactive users with the target to avoid them knowing the password. The automated password change was implemented to 99% of all accounts inside the company.

How has it helped my organization?

Before the CyberArk implementation passwords were never changed and known by everyone. We were also not able to track who is supposed to have access to what and who did what. With the successful CyberArk implementation, we are able now to:

- Guarantee the password is known by no one or for a maximum of eight hours.

- Full visibility about who is doing what.

- Full control about who is supposed to access what.

The risk of lost password and forbidden access to resources has been drastically reduced which increased the security level for the entire company,

What is most valuable?

In order to reduce the attack surface, the automated password change was pushed to the maximum. This way we know that no password is known or not for more than eight hours. It simplified the life of the operational teams because they do not need to take care of the secrets and keep their attention to maintain the infrastructure.

What also helped is the ability to constantly track who accessed which object. We took the opportunity to change our process in order to comply it. Now the activities can be done faster with better user experience.

What needs improvement?

CyberArk lacks the following functions for a better IAM like solution:

- Provision accounts for systems and directories.

- Create access to the systems.

- Monitor if any new account has been created into the system.

- Better GUI for the end-user and also for administrators. The learning curve is quite long and requires lots of training for good usage.

- More automated process for account provisioning into CyberArk. For example when a new DB is created.

- Better documentation with more examples for the configuration files and API/REST integration.

For how long have I used the solution?

I have been using CyberArk PAS for eight years.

What do I think about the stability of the solution?

The stability is very good. We never had any crash in eight years.

What do I think about the scalability of the solution?

Scalability is good because of the big variety of modules. Except for the redundancy which is quite limited with the not live replication. Also, the speed is quite slow for application accounts.

How are customer service and technical support?

Very good always reactive. The commercial part was more difficult.

How was the initial setup?

The initial setup is complex because it requires a clear company structure which was not the case. Technically also CyberArk is hard to address at the start because of its technical complexity and abilities.

What about the implementation team?

In house. Very good.

What was our ROI?

Not calculated. Users and administrators more happy than before which is the best RIO.

What's my experience with pricing, setup cost, and licensing?

CyberArk is quite expensive and they should have a better pricing model.

Which other solutions did I evaluate?

BeyondTrust, Hitachi ID, CA.

What other advice do I have?

Hard to implement and to get acceptance from the users and management. But when installed the solution is rock solid.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free CyberArk Privileged Access Manager Report and get advice and tips from experienced pros sharing their opinions.