CyberArk Privileged Access Management vs. HashiCorp Vault

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
CyberArk Privileged Access Management
Score 8.2 out of 10
N/A
CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.N/A
HashiCorp Vault
Score 8.5 out of 10
N/A
HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.
$0.03
Pricing
CyberArk Privileged Access ManagementHashiCorp Vault
Editions & Modules
No answers on this topic
Cloud - HCP Vault
$0.03/hr
Open Source
Free
Enterprise
Contact sales team
Offerings
Pricing Offerings
CyberArk Privileged Access ManagementHashiCorp Vault
Free Trial
YesNo
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsCyberArk offers a variety of Identity Security packages for different user types within an organization.
More Pricing Information
Community Pulse
CyberArk Privileged Access ManagementHashiCorp Vault
Considered Both Products
CyberArk Privileged Access Management

No answer on this topic

HashiCorp Vault
Chose HashiCorp Vault
We evaluated Symantec as an existing partner within our enterprise. We found that the API provided by Vault is superior and that was a critical use case in our organization. We also found that Vault has more engine types which allow different types of data to be stored. This …
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Best Alternatives
CyberArk Privileged Access ManagementHashiCorp Vault
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies
Delinea Secret Server
Delinea Secret Server
Score 8.7 out of 10

No answers on this topic

Enterprises
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 8.7 out of 10

No answers on this topic

All AlternativesView all alternativesView all alternatives
User Ratings
CyberArk Privileged Access ManagementHashiCorp Vault
Likelihood to Recommend
8.0
(9 ratings)
8.0
(5 ratings)
Likelihood to Renew
-
(0 ratings)
10.0
(1 ratings)
Usability
-
(0 ratings)
7.0
(2 ratings)
Support Rating
7.2
(4 ratings)
6.3
(3 ratings)
User Testimonials
CyberArk Privileged Access ManagementHashiCorp Vault
Likelihood to Recommend
Cyberark
The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
Read full review
HashiCorp
HashiCorp Vault, in my opinion, is a defacto standard for any cloud or automation implementation. They're the best of the best as far as products for secrets management and the ability to use it against relatively any service you have is unheard of for other products. HashiCorp has really taken out all the stops when it comes to creating a nice, extensible tool that people can use to suit their needs.
Read full review
Pros
Cyberark
  • Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
  • Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
  • Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.
Read full review
HashiCorp
  • The HTTP API you use to write and read secrets is open and can be used by any application.
  • It keeps our sensitive data/credentials out of our GitLab repositories.
  • Sealing and unsealing the Vault on demand adds an additional layer of security.
Read full review
Cons
Cyberark
  • GUI - right now everything is on one page/dashboard. Some level of folder/Safe type view would be great
  • More options when storing passwords - especially for network based passwords
  • Better integrations with vendors like Cisco so that admins dont need to really get the password from the vault (think Last Pass type add on)
Read full review
HashiCorp
  • Documentation could be better.
  • The multiple key unseal process can be a problem if the need arises.
  • It would make more sense if HashiCorp Vault combined with HashiCorp Consul to create a unique product.
Read full review
Likelihood to Renew
Cyberark
No answers on this topic
HashiCorp
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
Read full review
Usability
Cyberark
No answers on this topic
HashiCorp
We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
Read full review
Support Rating
Cyberark
Customer support and technical support have always been great when we require assistance. Especially when we come across issues that we're not familiar with.
Read full review
HashiCorp
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Read full review
Alternatives Considered
Cyberark
It is known as one of the safest products in the market. It has good support and is also available as on-premise. You can run it virtually on VMWare (and probably on other hypervisors as well). You can have a second instance on bare metal and that makes it a very safe system.
Read full review
HashiCorp
HashiCorp Vault is way better than Azure Key Vault; it has more features and it goes beyond a key-value secret store.
Read full review
Return on Investment
Cyberark
  • Decreased the probability of an external cyber attack to privileged accounts..
  • Management can control privileged account life cycle management more effectively
  • Recording privileged sessions allows our organization to play back exactly the point of a breach or malicious behavior
  • Automated system to manage and verify passwords, as privileged accounts are constantly created and deleted
  • Automatic PWD change functionality will substantially decrease probability of PWD theft or misuse.
Read full review
HashiCorp
  • Helped us reach our security compliance goals.
  • Helped us strengthen our security position in our infrastructure by improving on poor secret management practices.
Read full review
ScreenShots

CyberArk Privileged Access Management Screenshots

Screenshot of ISPSSScreenshot of Privilege CloudScreenshot of Identity Security IntelligenceScreenshot of Identity Security Intelligence

HashiCorp Vault Screenshots

Screenshot of Example of writing a secret to Vault. Secrets are always encrypted and written to backend storage. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-first-secretScreenshot of Secrets menu to manage integrated secrets engines. Secrets Engines are components which store, generate, or encrypt data and are enabled at a path in Vault. To learn more: https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-uiScreenshot of Vault identity has support for groups. A group can contain multiple entities as its members. A group can also have subgroups. To learn more: https://developer.hashicorp.com/vault/docs/concepts/identityScreenshot of HCP Vault provides all of the power and security of Vault, without the complexity and overhead of managing it yourself. To learn more:  https://cloud.hashicorp.com/products/vaultScreenshot of View entity client and non-entity client counts.Screenshot of MFA is built on top of the Identity system of Vault. To learn more: https://developer.hashicorp.com/vault/docs/auth/login-mfa