TrustRadius

CyberArk Privileged Access Management vs. HashiCorp Vault

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
CyberArk Privileged Access Management
Score 9.2 out of 10
N/A
CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.N/A
HashiCorp Vault
Score 8.9 out of 10
N/A
HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.
$0.03
Pricing
CyberArk Privileged Access ManagementHashiCorp Vault
Editions & Modules
No answers on this topic
Cloud - HCP Vault
$0.03/hr
Open Source
Free
Enterprise
Contact sales team
Offerings
Pricing Offerings
CyberArk Privileged Access ManagementHashiCorp Vault
Free Trial
YesNo
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsCyberArk offers a variety of Identity Security packages for different user types within an organization.
More Pricing Information
Community Pulse
CyberArk Privileged Access ManagementHashiCorp Vault
Considered Both Products
CyberArk Privileged Access Management

No answer on this topic

HashiCorp Vault
Jeffrey Severance | TrustRadius Reviewer
Jeffrey Severance
Senior Solutions Engineer
Chose HashiCorp Vault
We evaluated Symantec as an existing partner within our enterprise. We found that the API provided by Vault is superior and that was a critical use case in our organization. We also found that Vault has more engine types which allow different types of data to be stored. This …
Best Alternatives
CyberArk Privileged Access ManagementHashiCorp Vault
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies
ManageEngine ADManager Plus
ManageEngine ADManager Plus
Score 9.3 out of 10

No answers on this topic

Enterprises
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 10.0 out of 10

No answers on this topic

All AlternativesView all alternativesView all alternatives
User Ratings
CyberArk Privileged Access ManagementHashiCorp Vault
Likelihood to Recommend
8.0
(9 ratings)
8.0
(6 ratings)
Likelihood to Renew
-
(0 ratings)
10.0
(1 ratings)
Usability
-
(0 ratings)
7.0
(2 ratings)
Support Rating
7.2
(4 ratings)
6.3
(3 ratings)
User Testimonials
CyberArk Privileged Access ManagementHashiCorp Vault
Likelihood to Recommend
Cyberark
The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
CL
Craig Lockley
VP of IT & Innovation
Read full review
HashiCorp
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
Verified User
Anonymous
Read full review
Pros
Cyberark
  • Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
  • Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
  • Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.
Verified User
Anonymous
Read full review
HashiCorp
  • The HTTP API you use to write and read secrets is open and can be used by any application.
  • It keeps our sensitive data/credentials out of our GitLab repositories.
  • Sealing and unsealing the Vault on demand adds an additional layer of security.
Jeffrey Severance | TrustRadius Reviewer
Jeffrey Severance
Senior Solutions Engineer
Read full review
Cons
Cyberark
  • GUI - right now everything is on one page/dashboard. Some level of folder/Safe type view would be great
  • More options when storing passwords - especially for network based passwords
  • Better integrations with vendors like Cisco so that admins dont need to really get the password from the vault (think Last Pass type add on)
Verified User
Anonymous
Read full review
HashiCorp
  • Session Management is terrible to manage
  • Monitoring is hard and not enough information
  • User management
  • Configuration is too complex
  • More user friendly UI
FZ
Fabricio Zubelli
DevOps Engineer
Read full review
Likelihood to Renew
Cyberark
No answers on this topic
HashiCorp
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
Verified User
Anonymous
Read full review
Usability
Cyberark
It’s very usable once the complexity of deployment has completed. It is a useful tool that is easy to learn and the user interface is laid out well. It works with SSO for our organization which makes secure login very fast as well. It works well across our need of on premises systems and cloud very quickly.
Verified User
Anonymous
Read full review
HashiCorp
We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
Erlon Sousa Pinheiro | TrustRadius Reviewer
Erlon Sousa Pinheiro
DevOps Engineer
Read full review
Support Rating
Cyberark
I've been an engineer and architect in the Identity space for many years and CyberArk is the #1 tool I've found to help me secure accounts and credentials. I've architected CyberArk and built the implementation from the ground up twice in previous roles and found it here upon my arrival at my current job. I wouldn't want to have to live without it as it helps me sleep at night
Verified User
Anonymous
Read full review
HashiCorp
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Jeffrey Severance | TrustRadius Reviewer
Jeffrey Severance
Senior Solutions Engineer
Read full review
Alternatives Considered
Cyberark
These other vendors have most of the safe features, but there were some things that I think CyberArk performed better while evaluating the other solutions. AWS secret manager was not available in one of the products and this was definitely needed in my environment. Also, bulk loading of accounts had a lot more flexibility in CyberArk than the other solutions. They offer both API and GUI options where the other vendors may not offer both.
Verified User
Anonymous
Read full review
HashiCorp
HashiCorp Vault is way better than Azure Key Vault; it has more features and it goes beyond a key-value secret store.
Marco Urrea | TrustRadius Reviewer
Marco Urrea
DevOps Engineer
Read full review
Return on Investment
Cyberark
  • Decreased the probability of an external cyber attack to privileged accounts..
  • Management can control privileged account life cycle management more effectively
  • Recording privileged sessions allows our organization to play back exactly the point of a breach or malicious behavior
  • Automated system to manage and verify passwords, as privileged accounts are constantly created and deleted
  • Automatic PWD change functionality will substantially decrease probability of PWD theft or misuse.
Sujeet Swain | TrustRadius Reviewer
Sujeet Swain
Senior Consultant
Read full review
HashiCorp
  • Helped us reach our security compliance goals.
  • Helped us strengthen our security position in our infrastructure by improving on poor secret management practices.
Verified User
Anonymous
Read full review
ScreenShots

CyberArk Privileged Access Management Screenshots

Screenshot of ISPSSScreenshot of Privilege CloudScreenshot of Identity Security IntelligenceScreenshot of Identity Security Intelligence

HashiCorp Vault Screenshots

Screenshot of Example of writing a secret to Vault. Secrets are always encrypted and written to backend storage. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-first-secretScreenshot of Secrets menu to manage integrated secrets engines. Secrets Engines are components which store, generate, or encrypt data and are enabled at a path in Vault. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-uiScreenshot of Vault identity has support for groups. A group can contain multiple entities as its members. A group can also have subgroups. To learn more: https://developer.hashicorp.com/vault/docs/concepts/identityScreenshot of HCP Vault provides all of the power and security of Vault, without the complexity and overhead of managing it yourself. To learn more: https://cloud.hashicorp.com/products/vaultScreenshot of View entity client and non-entity client counts.Screenshot of MFA is built on top of the Identity system of Vault. To learn more: https://developer.hashicorp.com/vault/docs/auth/login-mfa