Privileged Access Management

My main use case for CyberArk Privileged Access Manager  is installing it to prevent direct access to the users. For the privileged account, we are using the PAM, and all sessions have been monitored, with all logs shared and logged on the vault.

I have more to add about my main use case for CyberArk Privileged Access Manager , specifically our Privileged Threat Analysis, which detects any suspicious event and alarms us.

The best features CyberArk Privileged Access Manager offers are PTA, Privileged Threat Analysis, and Alero, Remote  Access Management , and these features are essential for enhancing security.

PTA and Alero have made a difference for my team by providing a predefined rule assigned and implemented on the PAM; for example, it sends us an email if there is any suspicious activity or threat credential loss, offering feedback related to user behavior. For Alero, Remote  Access Management , it is a very wonderful Identity and Access Management  with biometric MFA, mobile access, location tracking, and a small RBAC role-based matrix access that defines user roles, serving as a replacement for VPN.

CyberArk Privileged Access Manager has positively impacted my organization, showing significant improvement since all sessions are monitored and isolated using isolated RDP sessions, which are created temporarily and expire if not used.

In terms of specific metrics or outcomes, the time savings have been noticeable, and while it is not direct access, the PAM works efficiently between servers and end users, preventing users from running or installing unauthorized applications through the AppLocker application created on the PSM.

CyberArk Privileged Access Manager can be improved because I have experienced one issue where a user connected through RDP to a Linux server and the PAM could not fetch any commands or key store logging from the Linux server, which works fine on Windows servers. If they could combine both into one keylogger solution, it would be great, and increasing the number of CPM  plugins for password retention while providing common web portal applications out-of-the-box would also help.

I have been using CyberArk Privileged Access Manager for more than five years.

CyberArk Privileged Access Manager is stable in my experience, with no issues of downtime or reliability due to our disaster recovery (DR) and high availability (HA) servers in place.

CyberArk Privileged Access Manager's scalability is good, as it can handle more users or workloads with our five-year roadmap indicating that the PSM server can manage around 20 sessions per hour, which is sufficient for our organization.

I would rate customer support a nine on a scale.

I previously used BeyondTrust and Delinea, but I did not switch because I noticed many features in CyberArk that are not available in other solutions.

I did not evaluate other options before choosing CyberArk Privileged Access Manager, as I had good experience with another live product.

My advice for others looking to use CyberArk Privileged Access Manager is to pay attention to the vaulting part, which is essential for every organization, as each server has a secured vault that connects over TLS with a lot of encryption details. The product is consistently enhanced, and the latest release is 14.6. I rate this solution 9 out of 10.

On-premises

The use cases for CyberArk Privileged Access Manager  include access to Windows, Windows servers, Linux servers, firewalls, clouds, GCP, AWS , and Azure , but I do not administer the clouds. I only administer CyberArk.

CyberArk Privileged Access Manager  helps us maintain an inventory of our privileged credentials and manage password rotation easily for our organization. It provides a secure way to access and monitor.

CyberArk Privileged Access Manager has positively impacted visibility into the PAM accounts. It has a very good dashboard that provides visibility into our accounts and password information.

CyberArk Privileged Access Manager's abilities to safeguard the infrastructure are important, as protecting credentials provides us with security and visibility.

CyberArk Privileged Access Manager is effective for preventing attacks and threats. It's very effective since it connects to a SIEM , such as Splunk and ArcSight. The functionality called PTA, Privileged Threat Analytics, is very good.

CyberArk Privileged Access Manager integrates well with other products.

CyberArk Privileged Access Manager improves operations because it's all centralized. When you have CyberArk to gain access to the admin console and other applications, it's the easiest way to configure your firewall rule because everything comes from CyberArk.

It's user-friendly and very configurable. We can do many things with it, especially with password management. It's easy to manage, and the controls are straightforward. It's a specialized solution for which it's hard to find professionals to work with, but it's very effective.

It's a very good solution for data privacy.

The reports could be more editable. I want to be able to edit a dashboard to see other information or graphics. Making the reports more editable would be beneficial.

I've been using this solution for at least five years.

I would evaluate the customer service and technical support of CyberArk Privileged Access Manager as very good.

Positive

I worked with Senhasegura, which is a Brazilian application for password security. We switched to CyberArk Privileged Access Manager because it is recommended for larger environments.

The initial setup is easy. I was involved in the setup process and was part of it.

It takes six months for the full implementation in a big company.

The deployment team consisted of approximately 10 people. While I don't know the exact job titles, a manager and at least two engineers on the CyberArk team were required.

CyberArk Privileged Access Manager has helped our organization save on costs. CyberArk Privileged Access Manager is expensive, but it helps protect us from losing money. 

Its benefits are visible immediately after the deployment, but in Brazil, people generally implement CyberArk Privileged Access Manager after an incident.

It's not a cheap application. It's very expensive.

Don't wait to be attacked or lose your data. Protect your credentials, even if you use other security tools. 

I would rate this solution a nine out of ten.

On-premises

What do you like best about the product?

What I love the most is that it provides a secure connection for end users without revealing the credentials. It also has integrated MFA, and we can define policies accordingly.

What do you dislike about the product?

Everything is good but classical UI should be more effective. It's looking old fashion.

What problems is the product solving and how is that benefiting you?

CyberArk understands the biggest security challenge protecting against threats — and provides a secure way to manage it. It ensures that users get exactly the level of access they need, nothing more, nothing less.

What do you like best about the product?

It is SaaS based tool, where all other major PAM leaders and tools were working as on prem solution. And workflow automation and integration with IDP solution in cloud benefits us more.

There are few I liked,

Session recording and live monitoring
Audit logs for any activity done within the PAM session and by PAM administrator.
Integration with SIEM
UBA is also presented

What do you dislike about the product?

While security features are top class with cyberark, the UI might feel intuitive for administrators and users.All the initial set up require significant time and technical expertise.

And there are more I could say as dislike points,

1. Not be able to use their administration PAM IOS or android app
2. PAM password automation often causing issue with switches
3. Integration with jumpcloud password automation has major risk and challenges
4. VPN less security open nee risk to organisation

What problems is the product solving and how is that benefiting you?

Primarily, it helps secure, manage and monitor privilege account. Few of specific areas would be below,

1. Centralising all privilege credentials within untouchable vault
2. Manual credential managements
3. Session monitoring on limited visibility privileged accounts
4. Compliance and gaps

With CyberArk Privileged Access Manager , the main idea is to control third parties of the organizations. A lot of banks usually work with integrators abroad, and they want to control those connections from the third party to their infrastructure, including the ability for the CISO or security officer to watch online the session of technical support provided by the integrator. That was the most common use case. 

Another use case is to control IT personnel, where the information security team manages what actions they perform at higher privilege levels in the infrastructure. So, those two use cases are the most common.

The most valuable features in CyberArk Privileged Access Manager  are session recording, role management, and access control division. Different groups can use all the abilities of the administrative role, and customers can divide their teams into auditors, administrators, and CISOs. 

The storage of passwords is also brilliant. Everything is stored in a highly protected area, allowing customers to use a single sign-on approach to connect to infrastructure servers necessary for their daily activities.

The impact of CyberArk Privileged Access Manager on customer operational efficiency is quite positive. While we cannot provide exact figures, the effectiveness is apparent, though we lack specific data.

Assessing CyberArk Privileged Access Manager's ability to prevent attacks on financial services infrastructure is quite complicated, as customers usually do not share information about attacks or prevention. During POCs, before selling the solution, we run common attack simulations that typically occur in the financial sector, such as lateral movement. We have tested various attack scenarios in testing mode where CyberArk is installed, and we have shown to our customers that CyberArk successfully mitigates those attempts.

CyberArk Privileged Access Manager has helped reduce the number of privileged accounts to a minimum over the years. When we start working with CyberArk in customer infrastructure, the first thing we do is run the Discovery feature, which shows all the administrative accounts in different information systems. The next step involves addressing accounts that are unnecessary or could be used for malicious activities, so reducing administrative accounts is typically the second or third step after integrating the system.

CyberArk Privileged Access Manager indeed helps meet compliance and regulatory requirements for customers, especially in the financial sector, by aligning with PCI DSS standards. Consequently, customers are very satisfied when auditors evaluate their compliance. When assessing CyberArk Privileged Access Manager for ensuring data privacy, the focus mainly lies on password management. I have not encountered customers using the storage solutions for anything other than passwords, making it challenging to discuss broader data privacy. The primary data customers prefer to store consists solely of passwords.

Areas of CyberArk Privileged Access Manager that can be improved include offering clearer configuration options. Due to its advanced and complex nature, sometimes it is not obvious where to find specific parameters for configuration. Enhancements, such as video tutorials within the product, would be beneficial, as the text documentation is often insufficient.

It would be very useful to have predefined configuration wizards. For instance, if templates are available for third-party support teams, it would allow users to click through the configuration process with checkboxes, significantly simplifying the setup.

I have been working with CyberArk Privileged Access Manager for eight years, with technical hands-on experience for three years. 

I became a project manager of the projects for implementation, education, and technical support of CyberArk. In terms of technical experience, it was three years, and for the management of CyberArk projects in general, it has been about five years.

CyberArk Privileged Access Manager is easy to scale and accommodates various infrastructure models. Any component, including licenses, can be duplicated and scaled across hybrid infrastructures, such as when a customer uses both on-prem and cloud solutions.

My impression of their technical support team is that it is very bad. The support team's response time is quick, however, the resolution process takes too long. 

This inefficiency leads us to maintain a highly trained and experienced internal team, which is costly yet necessary since the vendor support response time is often inadequate.

Positive

The typical deployment process for CyberArk Privileged Access Manager starts with ensuring organizational prerequisites are met. We begin by sending prerequisites required for the environment, and the customer provides feedback that the environment is ready. 

After we establish remote connection capabilities, we initiate the installation process following the agreed scope of work. This process includes integrating with Active Directories, second-factor authorization services, and email systems. 

Next, we configure role-based access control, set up reporting, and automate email notifications for predefined activities. 

Finally, we utilize a Threat Intelligence system to establish a baseline of regular behavior for administrative users.

Regarding measurable benefits after deploying CyberArk Privileged Access Manager, customers often ask about return on investment. One measurable benefit is the reduction of engineering resources in the IT staff since they do not need as many administrators to manage numerous services. 

Additionally, they reduce the number of personnel in the information security team, as fewer controllers or auditors are needed to oversee the activities of IT staff. These benefits can certainly be measured.

CyberArk Privileged Access Manager has helped customers save on costs primarily by reducing the number of engineering and information security personnel. This includes salaries and bonuses; although they do not fire these individuals, they reallocate them to other activities.

If a colleague believes they do not need a Privileged Access Management  tool since they are already using other security tools, I might explain the core idea of PAM solutions. The main purpose of a PAM solution is to prevent malicious activities involving administrative accounts. Hackers need to exploit these accounts to cause harm, and according to a recent Gartner report, approximately 80% of all attacks are directed through administrative accounts. This is why PAM solutions, including CyberArk, must be implemented to effectively manage and monitor those administrative accounts.

On a scale of one to ten, I rate CyberArk Privileged Access Manager an eight out of ten.

Hybrid Cloud

Other