CyberArk PAS Reviews

Session monitoring and isolating, Password management (automated rotation, reconciliation). Remedation capabilities are one of the strongest points in CyberArk PAM

Administration could be quite difficult and requires a lot of experience.

Monitoring and Recording of privileged sessions across the organization

There is no limit to the integrations as you can implement all sort of bespoke plugins and integrations.

Can be deployed in hybrid self-hosted on-prem and private cloud environments.

Supports the cross-border restrictions by allowing the deployment of as many satellites as required.

It's based on a vaulting passwords approach, which is a perfect use case for last resort accounts.

However for business as usual tasks it's better to implement fine grained just in time solutions.

To cover all the security use cases, it has to be combined with additional solutions like CyberArk Identity or CyberArk Conjur.

Vaulting of last resort accounts.

Agentless temporary access with password based accounts (Quite useful in those scenarios where agents cannot be implemented, or when temporary access elevation is not an easy to implement option).

Flexible architect design and powerful function with lots of plugins in market place.

Configuration is a bit too compliated. It will need a good experienced team to support it.

Secure the accounts and automate the process realting to accounts.

Very advanced security. Wide selection of marketplace integrations.

It is complex to install and upgrade. Vendor engagement is a must for install.

Securian our credentials, isolated sessions, application credential retrievals, vendor access.

Hundreds of standard integrations that are available out of the box without additional cost.

All documentation is open and free to use, if necessary support can help.

Partner ecosystem that can help in providing the right support.

The downside is since there are so many different technologies which need protecting it is difficult to get all stakeholder aboard.

Standing Access

Lack of visibility

Session recording

Approval workflows

Vendor Access

wide possibilities and very good support, ease of updating

nesting some options that are sometimes hard to find

- identity management

-automation of changing and replacing passwords in services and tasks

- recording user sessions

Utilizing the Accounts Discovery function within CyberArk, along with its REST API, we have automated the detection, sorting and onboarding of new privilaged accounts freeing up man hours that used to be spent tracking down and manually adding accounts.

I believe the single thing that I have disliked about CyberArk was the product documentation. As an administrator, trying to use the past documentation methods, finding specific procedures was difficult. This issue has been much inproved with the web-based documentaiton.

Initially, the CyberArk PAS suite was implemented to reduce the risk of privileged passwords being stored in multiple spreadsheets around the enterprise. These spreadsheets were impossible to keep track of, as employees were forewver making local copies which created both a security issue, but also a support issue. When the Security Operations team would initiate a password change project for a specific segment, all of the "stored" passwords on the employee-copied spreadsheets would be wrong, resulting in an increase in SOCC calls for assistance with account lockouts.

CyberArk can manage passwords and sessions of a huge number of devices/endpoints. It is highly customizable, but it may require extensive product and scripting/programming knowledge.

As configuration options are very extensive, it is sometimes hard to find the correct and complete way of customization or specific configuration. The documentation is rather basic and it is missing may use cases.

It's a privileged access management tool so it helps in making sure that all privileged accounts are compliant. It's an important measure against credential theft.

Password rotation and abilities to track account usage.

Upgrades aren't easy. Also, reporting could be better.

The biggest issue for us was password rotation.

Fortifying Security Infrastructure is the vital role of CyberArk PAM

The Project time takes bit longer because of various complex componets

The firest important asspects of Cyberark PAM is addressing critical Security Gaps , Operational efficiency , Auditing and Montioring