CyberArk Privileged Account Security Reviews

28 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.7 out of 101

Do you work for this company?

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-7 of 7)

Larissa Ruelas profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source
We currently use CyberArk across the whole organization. We use it to manage our privileged accounts and our service accounts. It is also used for recording sessions that our Non-IT staff use when remoting into a server.
  • Managing Service Accounts. We like using CyberArk for using it when we need to remote into certain systems and the password is stored on CyberArk.
  • Managing Privileged Accounts. It allows our IT personal to use their privileged accounts without having to remember their passwords. It also keeps our staff compliant with complexities with passwords.
  • Using CyberArk as a jump host has saved us on licensing issues. It's also easy to use when needing to remote in and automatically signing you in.
  • I'm not sure what could be done differently. There are some things that were once an issue that are no longer an issue. For instance, creating a short cut on the desktop for RDP through CyberArk. Since the upgrade and updates, we are now able to save shortcuts to our desktop.
CyberArk is great when you're making changes to a system on a server. You can record your session and if anything was done in error, you can replay the session to see what was done. I especially like this feature when we're doing system upgrades.
Read Larissa Ruelas's full review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
We utilize CyberArk for privileged account management for sensitive and shared accounts across our technology organization. We utilize it for local admin passwords across multiple datacenters as well as any other set of credentials that might be utilized by multiple people. We use it to control, monitor and govern sensitive account usages and to ensure that nobody knows the password as much of the time as is possible.
  • Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server.
  • Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc.
  • Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage.
  • It can be hard to work with the native back end vault which is reduced and hardened OS with minimal operating capabilities.
  • Reporting could be better.
I always recommend CyberArk based on my experiences at several different jobs and industries. It does a great job of helping you create all kinds of use cases and approval flows for accessing and using privileged accounts. It also does a great job securing local admin passwords on servers. End-users of the system are able to quickly and easily start utilizing the more secure method of obtaining credentials in minimal time with minimal overhead/tax on their work time.
Read this authenticated review
No photo available
Score 7 out of 10
Vetted Review
Verified User
Review Source
CyberArk Privileged Account Security helps a lot to maintain security by automatically changing passwords for our supported systems.

It also stores and manages passwords company-wide. That's really making admins lives' much easier. Also rarely used passwords are in one place and you don't have to search for them a long time. CyberArk itself can be secured by AD authentication combined with RAS two-factor authentication.
  • storing password safely
  • storing passwords in one central place
  • "remembering" a password for a whole team and/or single persons
  • securing access to certain passwords by groups or team
  • performance is sometimes not very fast, but acceptable
  • look and feel is a bit "old looking"
CyberArk keeps all the local and domain passwords for us. They are changed regularly. That ensures that they are stored company-wide and accessible for approved persons. At the same time, because they are changed as example on a weekly or monthly basis, the passwords and the admin access is better protected against hacking.
Read this authenticated review
Sujeet Swain profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are using CyberArk to manage the privilege accounts in our organization. It is being used by a specific department that deals with critical data sources.
  • Identify and reduce the number of privileged accounts
  • Eliminate shared/service accounts having non-expiring passwords
  • Automatically changing privileged account passwords
  • Automate password verification and reconciliation
  • Frequently identify, change and verify hardcoded passwords
  • Connect Target Systems directly without displaying passwords to users
  • The initial product cost is a little on the higher side, which might turn off small & medium enterprises.
  • As it talks about security, it has a lot of hardware/software requirements for the initial setup, which might make the rollout timeline a little lengthy.
  • Product should be easy to customize based on different industry's needs.
It should be used by organizations who are dealing with customer- or finance-related data, where there is a lot of focus on managing regulatory compliance. Organizations who outsource their IT/Marketing activities to vendors must use CyberArk to control any potential data leakage or theft, which can reflect a very negative brand image.
Read Sujeet Swain's full review
Craig Lockley profile photo
Score 8 out of 10
Vetted Review
Verified User
Review Source
CyberArk is a great means to access and securely store passwords for a remote support team or third-party vendors. The version control and access controls help with analyzing who is accessing what and when, while having strong delegation controls. This is particularly helpful with providing access to other users or administrators to systems that may require temporary access or to a vendor to access when troubleshooting.
  • The user interface is intuitive and easy to use.
  • The local server/workstation account management is great with the ability to remove local admin accounts but still leverage admin privileges.
  • Prevents unauthorized access and meets security requirements and allowing for robust and detailed reporting and audit logs.
  • The copy button in a web-browser requires an add-on to the browser. The feature should be included without the add-on.
  • Forced purchase of re-branded dell servers as account vaults is terrible.
  • Reports are ok but requires some expertise to export data into a better reporting DB.
The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks.

It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
Read Craig Lockley's full review
No photo available
Score 9 out of 10
Vetted Review
Verified User
Review Source
Cyber Ark is being used across the entire enterprise. It is used for administration credential protection and application integration to protect secrets and service accounts. This solution is solving the business problem of ensuring our most sensitive access is protected and we have a strong audit tool for when credentials are used.
  • Credential Vaulting
  • Application Integration
  • Auditing
  • There needs to be a better strategy and integration on the application development secret protection
  • High availability needs to be a constant focus
Cyber Ark is well suited for protecting all privileged accounts and auditing the usage of those accounts. It is an integral part of protecting sensitive credentials.
Read this authenticated review
No photo available
Score 8 out of 10
Vetted Review
Verified User
Review Source
It is used to check out highly privileged accounts with a randomized password. Being scaled to entire organization. It solves the problem of highly privileged accounts with a static password. If one of the accounts is compromised the password has an expiration and minimizes the amount of damage that can be done by limiting the time the account is active.
  • Randomizes passwords
  • Scales to enteprise level
  • Keeps admins in check
  • License model
  • The vault is difficult to patch, because it cannot have your normal patching agents on it
  • On going costs are high
It works well when an organization needs to keep track and randomize admin accounts. Also, it works better than LAPS for local workstation admin account management. It will allow for more than just one account. The auditing is robust vs. LAPS. Not a good solution for a small business. Too big of a tool for that scenario.
Read this authenticated review

CyberArk Privileged Account Security Scorecard Summary

Feature Scorecard Summary

ID-Management Access Control (3)
7.7
ID Management Single-Sign On (SSO) (1)
9
Multi-Factor Authentication (2)
8.5
Password Management (3)
8.0
Account Provisioning and De-provisioning (2)
6.5
ID Management Workflow Automation (1)
8
ID Risk Management (2)
7.0

About CyberArk Privileged Account Security

CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.

CyberArk Privileged Account Security Technical Details

Operating Systems: Unspecified
Mobile Application:No