Skip to main content
TrustRadius
CyberArk Privileged Access Management

CyberArk Privileged Access Management

Overview

What is CyberArk Privileged Access Management?

CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an…

Read more
Recent Reviews

TrustRadius Insights

Users have reported that CyberArk is a valuable tool for securely storing and accessing passwords for remote support teams and third-party …
Continue reading

Cyber Ark - Quality PAM

9 out of 10
March 01, 2018
Incentivized
Cyber Ark is being used across the entire enterprise. It is used for administration credential protection and application integration to …
Continue reading
Read all reviews
Return to navigation

Product Details

What is CyberArk Privileged Access Management?

CyberArk offers Identity Securitycentered on privileged access management. CyberArk provides a security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle, and their solutions are used to secure all identities and critical assets.

CyberArk PAM solutions protect sensitive access across on-premises, cloud, and hybrid infrastructures. Designed from the ground up for security, PAM solutions help organizations by measurably reducing cyber-risk. This is accomplished by managing privileged account credentials and access rights, proactively isolating and monitoring privileged account activity, and quickly responding to threats. CyberArk PAM solutions can work with CyberArk Identity Single Sign-On and Multifactor Authentication tools, to securely access to on-premises, cloud, mobile and legacy apps. CyberArk PAM also works with third party MFA and SSO solutions as well.

Customers have 350+ OOTB software integrations available in the CyberArk Marketplace, with over 235 technology vendors, ranging from security technologies, cloud service providers, IoT, OT, and web applications.

CyberArk Privileged Access Management Features

  • Supported: Manage Privileged Credentials
  • Supported: Isolate & Monitor Sessions
  • Supported: Threat Detection & Response
  • Supported: Manage Nomadic Devices
  • Supported: Remote Access to PAM
  • Supported: Adaptive MFA & SSO

CyberArk Privileged Access Management Screenshots

Screenshot of ISPSSScreenshot of Privilege CloudScreenshot of Identity Security IntelligenceScreenshot of Identity Security Intelligence

CyberArk Privileged Access Management Videos

CyberArk Privileged Access Management Integrations

CyberArk Privileged Access Management Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux
Mobile ApplicationApple iOS, Android, Mobile Web
Supported CountriesAmericas, Israel, UK, Canada, France, GMBH, Spain, Netherlands, Italia (Milan), Italia (Rome), Turkey, Australia, Asia Pacific, Japan, India, Denmark
Supported LanguagesArabic, German, English, Spanish, French, Italian, Japanese, Korean, Dutch, Portuguese, Brazil Portuguese, Russian, Serbian, Swedish, Thai, Vietnamese, Chinese, Simplified Chinese - Traditional

Frequently Asked Questions

CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.

BeyondTrust Privileged Remote Access, Delinea Privilege Manager, and Broadcom DX Unified Infrastructure Management are common alternatives for CyberArk Privileged Access Management.

Reviewers rate Support Rating highest, with a score of 7.2.

The most common users of CyberArk Privileged Access Management are from Enterprises (1,001+ employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(59)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Users have reported that CyberArk is a valuable tool for securely storing and accessing passwords for remote support teams and third-party vendors. It offers version control and access controls that allow users to analyze and track who is accessing what and when, providing strong delegation controls. Organizations rely on CyberArk to manage privileged accounts, service accounts, and non-IT staff sessions when remoting into servers. For instance, one department in an organization effectively uses CyberArk to manage privileged accounts dealing with critical data sources.

CyberArk addresses the need for password rotation while ensuring complexity requirements are maintained, making it useful for managing passwords to privileged accounts and non-rotating passwords for applications that require administrator-level access. It solves the problem of password storage for different applications by utilizing safes. Users find it helpful for managing local admin passwords, credentials used by multiple people, and other privileged account management tasks.

One key advantage of CyberArk is its ability to control, monitor, and govern sensitive account usage. It automatically changes passwords, reducing the risk of compromise, and provides a centralized location for rarely used passwords, simplifying administrators' tasks. To enhance security further, it can be secured through AD authentication combined with RAS two-factor authentication.

With its wide range of functionalities, CyberArk is used across entire enterprises to protect secrets, service accounts, and administration credentials. It serves as a robust and resilient solution that works well with both Windows and Linux systems, making it suitable for enterprise-level deployments. Additionally, it provides a strong audit tool for credential usage, addressing the business problem of protecting sensitive access.

By implementing features such as password expiration and limiting account activity, CyberArk scales effectively to meet the needs of the entire organization while mitigating risks associated with highly privileged accounts with static passwords.

Attribute Ratings

Reviews

(1-9 of 9)
Companies can't remove reviews or game the system. Here's why
Score 8 out of 10
Vetted Review
Verified User
Incentivized
CyberArk Privileged Account Security provides robust and resilient for enterprise level deployments and it is one of the nice PAM solutions out there. It works well with both Windows and Linux systems.
  • Product capabilities
  • Integration & deployment
  • Services and support
  • Upgrades are not easy
  • Deployment wouldn't be easy for complex environment
Its well suited to improve compliance & risk associated in the environment. CyberArk Privileged Account Security have robust product functionality and strong customer focus.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use CyberArk across our IT department to manage passwords to privileged accounts. We also use it to manage non-rotating passwords to applications that require administrator-level access.

It solved for:
1. Rotation of passwords while maintaining the minimum requirements for the password. We automatically rotate admin-role passwords after x number of days and maintain complexity.
2. Password storage: Due to the cross-collaborative environment, we needed a location to store passwords for different applications.
3. Different Safes: Not all passwords should be seen by others - the concept of safes in Cyberark helped with RBA type control.
4. Monitoring/Alerting/Reporting
  • Password segregation via RBAC
  • Rotation of passwords
  • View/reconcile/Verify passwords
  • Options to store passwords
  • GUI - right now everything is on one page/dashboard. Some level of folder/Safe type view would be great
  • More options when storing passwords - especially for network based passwords
  • Better integrations with vendors like Cisco so that admins dont need to really get the password from the vault (think Last Pass type add on)
Well suited where you have cross collaboration among admins/users. This enables the storage of passwords in one place without being stored on notepads. It integrates with Okta SSO for an additional layer of security.
It has minimum complexity requirements and has detailed monitoring - you need to state a reason to see the password.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We utilize CyberArk for privileged account management for sensitive and shared accounts across our technology organization. We utilize it for local admin passwords across multiple datacenters as well as any other set of credentials that might be utilized by multiple people. We use it to control, monitor and govern sensitive account usages and to ensure that nobody knows the password as much of the time as is possible.
  • Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
  • Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
  • Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.
  • It can be hard to work with the native back end vault which is reduced and hardened OS with minimal operating capabilities.
  • Reporting could be better.
I always recommend CyberArk based on my experiences at several different jobs and industries. It does a great job of helping you create all kinds of use cases and approval flows for accessing and using privileged accounts. It also does a great job securing local admin passwords on servers. End-users of the system are able to quickly and easily start utilizing the more secure method of obtaining credentials in minimal time with minimal overhead/tax on their work time.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We currently use CyberArk across the whole organization. We use it to manage our privileged accounts and our service accounts. It is also used for recording sessions that our Non-IT staff use when remoting into a server.
  • Managing Service Accounts. We like using CyberArk for using it when we need to remote into certain systems and the password is stored on CyberArk.
  • Managing Privileged Accounts. It allows our IT personal to use their privileged accounts without having to remember their passwords. It also keeps our staff compliant with complexities with passwords.
  • Using CyberArk as a jump host has saved us on licensing issues. It's also easy to use when needing to remote in and automatically signing you in.
  • I'm not sure what could be done differently. There are some things that were once an issue that are no longer an issue. For instance, creating a short cut on the desktop for RDP through CyberArk. Since the upgrade and updates, we are now able to save shortcuts to our desktop.
CyberArk is great when you're making changes to a system on a server. You can record your session and if anything was done in error, you can replay the session to see what was done. I especially like this feature when we're doing system upgrades.
Score 7 out of 10
Vetted Review
Verified User
Incentivized
CyberArk Privileged Account Security helps a lot to maintain security by automatically changing passwords for our supported systems.

It also stores and manages passwords company-wide. That's really making admins lives' much easier. Also rarely used passwords are in one place and you don't have to search for them a long time. CyberArk itself can be secured by AD authentication combined with RAS two-factor authentication.
  • storing password safely
  • storing passwords in one central place
  • "remembering" a password for a whole team and/or single persons
  • securing access to certain passwords by groups or team
  • performance is sometimes not very fast, but acceptable
  • look and feel is a bit "old looking"
CyberArk keeps all the local and domain passwords for us. They are changed regularly. That ensures that they are stored company-wide and accessible for approved persons. At the same time, because they are changed as example on a weekly or monthly basis, the passwords and the admin access is better protected against hacking.
Sujeet Swain | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We are using CyberArk to manage the privilege accounts in our organization. It is being used by a specific department that deals with critical data sources.
  • Identify and reduce the number of privileged accounts
  • Eliminate shared/service accounts having non-expiring passwords
  • Automatically changing privileged account passwords
  • Automate password verification and reconciliation
  • Frequently identify, change and verify hardcoded passwords
  • Connect Target Systems directly without displaying passwords to users
  • The initial product cost is a little on the higher side, which might turn off small & medium enterprises.
  • As it talks about security, it has a lot of hardware/software requirements for the initial setup, which might make the rollout timeline a little lengthy.
  • Product should be easy to customize based on different industry's needs.
It should be used by organizations who are dealing with customer- or finance-related data, where there is a lot of focus on managing regulatory compliance. Organizations who outsource their IT/Marketing activities to vendors must use CyberArk to control any potential data leakage or theft, which can reflect a very negative brand image.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Cyber Ark is being used across the entire enterprise. It is used for administration credential protection and application integration to protect secrets and service accounts. This solution is solving the business problem of ensuring our most sensitive access is protected and we have a strong audit tool for when credentials are used.
  • Credential Vaulting
  • Application Integration
  • Auditing
  • There needs to be a better strategy and integration on the application development secret protection
  • High availability needs to be a constant focus
Cyber Ark is well suited for protecting all privileged accounts and auditing the usage of those accounts. It is an integral part of protecting sensitive credentials.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
It is used to check out highly privileged accounts with a randomized password. Being scaled to entire organization. It solves the problem of highly privileged accounts with a static password. If one of the accounts is compromised the password has an expiration and minimizes the amount of damage that can be done by limiting the time the account is active.
  • Randomizes passwords
  • Scales to enteprise level
  • Keeps admins in check
  • License model
  • The vault is difficult to patch, because it cannot have your normal patching agents on it
  • On going costs are high
It works well when an organization needs to keep track and randomize admin accounts. Also, it works better than LAPS for local workstation admin account management. It will allow for more than just one account. The auditing is robust vs. LAPS. Not a good solution for a small business. Too big of a tool for that scenario.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
CyberArk is a great means to access and securely store passwords for a remote support team or third-party vendors. The version control and access controls help with analyzing who is accessing what and when, while having strong delegation controls. This is particularly helpful with providing access to other users or administrators to systems that may require temporary access or to a vendor to access when troubleshooting.
  • The user interface is intuitive and easy to use.
  • The local server/workstation account management is great with the ability to remove local admin accounts but still leverage admin privileges.
  • Prevents unauthorized access and meets security requirements and allowing for robust and detailed reporting and audit logs.
  • The copy button in a web-browser requires an add-on to the browser. The feature should be included without the add-on.
  • Forced purchase of re-branded dell servers as account vaults is terrible.
  • Reports are ok but requires some expertise to export data into a better reporting DB.
The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks.

It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
Return to navigation