The main use cases for CyberArk Identity help us to strengthen security to protect sensitive data centers and systems. We can store sensitive credentials, user credentials, and privileged accounts inside our CyberArk PAM tool. This helps us rotate passwords for privileged account credentials and monitor sessions. It is very useful for audit purposes. If there are any unsuspected activities happening, we can review the log files and identify where issues are occurring. It is very helpful for monitoring and strengthening security levels.

The best features in CyberArk Identity that I appreciate most are the recent updates that have added features in the cloud privilege environment. In the SAS solutions, they have added connectors. Except for PSM and CPM, they have included SIA, Secure Infrastructure Access, Secure Cloud Access, and Secure Web Sessions. These are additional features I have seen in the recent updates.

For multi-factor authentication, we use CyberArk Identity's multi-factor authentication integrations, LDAP integration and SSO, Azure SSO, LDAP and SIM. These authentication mechanisms we implement. Mostly, we use LDAP and Azure SSO.

Just-in-time access, also called ephemeral access, is especially beneficial, particularly with SIA and SCA features. The recent updates from CyberArk Identity have been impressive. If a requester needs access to a platform, such as Windows, Linux, or any database, the request goes to the approval level for a particular time period. The approver can approve the request within that set time frame, granting just-in-time access to the end user.

Session monitoring is beneficial as it detects if the user is trying to log in and records all activities stored in the vault. It gives us more insights into what activities are happening inside. If there are any breaches or issues arise, I can go back to the log report and check all those activities that are captured, where it failed exactly, and what the issue was. From there, I can find and fix it.

On the identity product side, it is awesome. However, they can improve in the documentation parts. For example, if there is a migration process, I can see the maximum customers are moving from self-hosted to on-premises or from on-premises to the cloud. It would be helpful if they released a generalized document for processes such as migration. A clear overview document would assist us in understanding more about the tool, configurations, and automations to enhance our security.

Regarding the initial setup of CyberArk Identity, I faced some challenges. At some points, I could not find proper documentation for deploying, enhancing, or integrating with other components. I could not find the proper documentation in the community portal.

I have been working with the identity product using CyberArk PAM tool for more than two years.

When it comes to performance and stability, I find it very reliable.

CyberArk Identity is highly scalable as there are many things to learn. There is no limitation. When delving deep into the concepts, there is a lot to address and learn, especially when facing real-time scenarios. It may seem simple at first glance but once you get into the depth of the concepts, you realize how much there is to learn and there are no limitations in that regard.

My experience with technical support has been very good. When I reached out to them, I received prompt responses and support, which I would rate as very good.

I faced some challenges during the initial setup of CyberArk Identity. At some points, I could not find proper documentation for deploying, enhancing, or integrating with other components. I could not find the proper documentation in the community portal.

If I can share advice or recommendations for other companies considering CyberArk Identity, I would highlight the most powerful features in CyberArk PAM such as password rotation, session recordings, and just-in-time access as the best aspects of this product. On a scale of one to ten, I would rate this solution an eight.

The solution is mostly used for financial services.

The solution covers all key pillars of Identity security and governance. It reduces IT team workload by managing employee transitions, allocating rights, implementing least privilege, and ensuring people have only the necessary access rights. The role-based access and secure resource access principles are automated within organizations, especially when integrated with HR systems, enabling quick resource provisioning and decommissioning.

Once the solution is deployed, the customer can immediately see benefits. Typically, the first phase involves securing high-risk areas. Once the protection for privileged access identities is in place, the customer can then focus on securing the rest of the workforce, as well as protecting sensitive communications between machines, endpoints, and workstations. The time to realize value from this solution is quite short because it is a comprehensive solution. As soon as it is implemented, it fundamentally changes how users access systems, providing immediate security benefits. In summary, the value becomes apparent right away.

CyberArk Identity offers Single Sign-On, Adaptive MFA, Web Password Manager, and Secure Web Sessions for recording sessions from web applications. It also provides federated services, Directory Service integration with popular IDPs, and management of joiners, leavers, and movers in an organization.

They have been working to improve areas such as Identity Governance and Assurance (IGA), but integration with new acquisitions into a single stack could be enhanced. While CyberArk Identity is a leader in Identity Security, the integration of multiple components could be improved.

I would suggest focusing on the integration of the multiple components. Currently, we have a unified platform, but with the recent acquisitions, I would like to see more seamless integration of those new entities. Additionally, I’m curious to see how the recent acquisition by Palo Alto will play out. I am interested in understanding how both companies can benefit from each other moving forward.

Additional improvements could include more out-of-the-box plugins for key systems. Though they are the largest privileged access company with numerous integrations, coverage could be expanded for certain database clients and other systems.

I have been using CyberArk Identity for a year and a half.

Their support is very good, with a huge community. I would rate it as a nine out of ten.

The subscription licensing model, which provides identity features within the privileged access license, is quite affordable for most customers. The full stack available through one subscription license works particularly for customers in Africa, where the acquiring rate remains healthy.

I would rate CyberArk Identity an eight out of ten.

We are using CyberArk Identity for user provisioning, and we have integrated multiple applications, most of them being SAML-based authentication ones.

We are also provisioning users to target applications and using CyberArk Identity as an authentication method for two-factor authentication.

I have worked on multiple projects where we have integrated external IdPs with CyberArk Identity. We have also implemented AD integration to get users from Active Directory to CyberArk Identity. We are using the reporting functionality and role-based access control.

We have created several roles for one client where I was working. It was an all-suite ISPS model that CyberArk has where CyberArk Identity, Privileged Cloud, and all those applications were present. In this case, we were using roles from CyberArk Identity to grant users access to their respective safes in the Privileged Cloud.

The UI is very simplified, and the documentation of CyberArk Identity is very crisp and clear. The support of CyberArk Identity is also really good.

From the support perspective, there is an excellent feature for identity verification.

When someone calls with identity issues, CyberArk Identity has provided one of the best features where we can use MFA verification. It sends a code to the user and validates the caller.

CyberArk Identity can be integrated with applications such as Secure Hub, Secrets Hub, Conjur, and Privileged Cloud. However, getting usage reports for specific applications is difficult. Tracking user activity across different integrated applications is challenging as the logs don't provide detailed information about which application users accessed.

The reporting functionality is somewhat complicated. While I would rate CyberArk Identity and Okta on the same level, Okta's reporting is crisper and clearer. For CyberArk Identity, you need knowledge of their scripting language to pull different sets of reports.

Though the out-of-the-box reports are good, they should simplify the reporting process to make it easier to pull all reports. The documentation for the reporting functionality is not very clear, which creates conflicts.

Additionally, CyberArk Identity needs to enhance features such as import scheduling and document clarity for new aspects such as Flows.

I have been using CyberArk Identity in my career for almost four years.

As part of maintenance, we haven't faced any downtime with CyberArk Identity. If there are any outages, CyberArk is responsible, and they usually address them very quickly. The services were operational 24/7.

Previously, we faced some issues where when users were provisioned and we tried to delete them, the entry was deleted from the back end, however, a ghost entry still existed in CyberArk Identity. We did not have an option to delete that particular user, which caused issues when trying to provision the same user again from AD.

The quality of support is really good. They respond immediately when requests are raised, and they are always available for priority one tickets. The only requirement is having access to their community portal to raise cases. The support is comparable to other SaaS products such as Okta.

The initial deployment was straightforward. CyberArk provides the tenant, and the documentation for integrating with Active Directory is clear. You need to build the server and set up the agent. The AD integration itself takes about ten minutes, but the complete process, including server build and approvals, takes a couple of days. If all resources are ready, the actual integration is very straightforward and takes only five to ten minutes.

We are partners providing services to other clients. I am an implementation engineer responsible for designing, architecting, and deploying solutions for clients.

I am not certain about CyberArk Identity's exact pricing model. For comparison, Okta was around five dollars per user. CyberArk Identity offers good discounts to some clients, which influences their decision to choose the solution.

Okta is a more mature product compared to CyberArk Identity. Policies and customization are easier with Okta. Integration with different applications through the Okta Integration Network is straightforward, with clear guides and steps. CyberArk Identity could improve in these areas. The main difference is in the UI and some features.

The reporting functionality in Okta is superior. In Okta, you can control imports and manually import users from AD, applications, or CSV files. These options and the ability to schedule periodic imports are not available in CyberArk Identity.

Comparing CyberArk Identity with products such as Ping, Okta, and RSA, CyberArk Identity still needs product development, as Okta offers additional features. Some features of CyberArk Identity are excellent, however, Okta is more user-friendly. The reporting functionality and Flows are areas for improvement. Since Flows is a new product, it needs to mature. They should conduct training, educate people, and provide clear documentation for better utilization.

In the Identity user portal, you can create secure notes, upload passwords or keys, and create bookmark applications. We have encountered some glitches when sharing applications with others, where users face issues despite having correct permissions.

I rate CyberArk Identity eight out of ten.

Essentially, our use case for CyberArk Identity involves automating customer interactions and engagement, as well as onboarding new clients.

Being in retail and marketing, CyberArk Identity has made it easier to onboard new customers online, making the process much faster and efficient.

Interaction with customers has improved greatly through CyberArk Identity software through automation of most of our processes, thus freeing our time to concentrate on other key strategic activities of the company.

Cyber Identity has improved our workflow processes and seamlessly enhanced our client engagement, as well as streamlining our operations and interdepartmental collaboration. Tasks we used to perform manually are now automated, thus increasing efficiency and productivity.

Additionally, we no longer have any fear of our data being infiltrated by an unauthorised person because of the security features it comes with. Tracking processes, workflows and audit trails works perfectly well.

It has a user friendly interface and dashboard.

The best feature of CyberArk Identity is the single sign-on (SSO) feature that offers quick and one-click access.

The second feature that I enjoy so much is the endpoint privilege security, which safeguards our sensitive information and protects against security threats.

One benefit of the software is the enhanced security. It provides strong authentication, improving our operations and access controls. Additionally, it streamlines operational processes, reducing the administrative burden on our IT experts and security teams.

The value of the software was immediate, especially for the onboarding of clients.

One area for improvement is the complexity of learning how to use the software for new users. It requires training.

I have been using CyberArk Identity for two years.

Very stable. Our data is safe with CyberArk Identity.

Very positive and promising. I give it a nine.

Satisfactory and knowledgeable.

I have not used many other solutions to compare it to.

Straightforward.

We spent 2-3 weeks deploying.

Vendor.

High.

We have saved over 50% of our time to concentrate on other strategic activities since we deployed CyberArk Identity.

The pricing for the solution is fair.

No

I would highly recommend this product without hesitation due to its numerous advantages, features, and benefits, such as unified access management and high-level security.

I am a user. I am available for reference anytime.

On a scale of 1 to 10, I give CyberArk Identity 9.

CyberArk Identity is mainly used for accessing servers, partition management, and rotating passwords, especially in sensitive sectors such as banking and to protect patient data. It's crucial for complying with regulations and ensuring that administrative tasks such as encryption key management are streamlined.

CyberArk Identity provides an easy identity portal, single console, log capture for GRC compliance, and efficiently rotates passwords unknown to users, enhancing security. These features aid in reducing the attack surface by blocking unauthorized access and preventing exposure of internal solutions in sectors such as banking.

Some areas experience slowness based on the workload. There's a need to enhance network performance despite the good user experience with access management.

We have been working with CyberArk Identity for more than five years. Previously, I worked with other PAM management tools. Currently, most customers are choosing it as a premier product, which is why we are focusing more on CyberArk Identity.

They charge reasonable money for the features they provide. The price is reasonable for the product.

While Arkon PAM is a competitor, that product is not as good nowadays. CyberArk Identity is at the top. When it comes to premium products, CyberArk Identity stands alone.

The setup process for CyberArk Identity is singular, but it differs for all customers. Customers provide the data for implementation, based on which we receive payment. From a product perspective, it's easy, but we need to gather customer data and implement according to their requirements.

Other vendors include CrowdStrike and SentinelOne.

Customers in the banking sector don't expose what solutions they have inside their systems for security reasons. My overall rating for CyberArk Identity is nine out of ten.

If I have a core banking application platform with users or privileged users accessing that particular environment, I have to ensure that the right people are accessing what they're supposed to access. I need to have proper monitoring on them, ensuring that privileged accounts are not being shared and that generic accounts are not in use. For instance, if someone accesses the core banking application and performs changes or transactions, this solution enables me to track who did what in that session and even monitor or replay the session of that person's actions.

CyberArk provides identity governance. It gives you control of who, how, and what is accessing your environments. It provides simplicity for privileged users to access the environment.

When using IAM and PAM, CyberArk Identity is the best choice. If it is just one model, for IAM, I prefer others like One Identity. For PAM, CyberArk Identity is the best.

Furthermore, CyberArk Identity provides identity governance and gives me control over who and how access to environments occurs, offering significant confidentiality in what is accessed.

Initially, people find it challenging to adjust to these changes, however, over time, it becomes time-saving as there's no need to access each device individually. Instead, there is a single pane of glass or platform that administrators can log into to manage environments efficiently.

The partner portals are and support portals are very good.

CyberArk Identity's ability to safeguard financial services infrastructure is good. If you have your core banking application transformed, and have privileged users accessing the environment, you can control who and what is accessing where and generic accounts cannot be used. If some accesses core banking functionality, you will be able to track what a person is doing.

Its ability to help meet compliance requirements is good. It covers ISO standards. We easily integrate password policies. It helps us protect access within an organization.

It's helped us to comply with PCI DSS.

There are a lot of time savings. There's a single pane of glass to log into to access the environment. We don't have to go through individually.

We've reduced risk exposure. Instead of logging into different platforms, you just log in to one single platform. You have your resources being allocated to you. In this way, it also identifies you, with a single sign on privileges. It gives you protection in terms of not using generic accounts or administrative accounts that everybody uses. All credentials are saved in a particular system known as a vault, and only a particular port and a particular IP address can access the vault. Now, there is one way in or one way out. It doesn't create any vulnerabilities whereby people or unknown entities can enter easily.

It impacts zero trust security strategies. It prevents lateral movements in the organization. You cannot be gaining access to a privileged account.

The solution helps with operational efficiency as it provides a very secure mode of access.

Integration or deployment is extremely difficult for CyberArk Identity. For example, vault integration and deployments are very tedious and involve components like HSMs, requiring extensive skill sets and knowledge. This complexity is especially true when integrating into various environments, service applications, and session monitoring setups. It is very demanding.

I've deployed two solutions so far. I've worked with the solution for about three years, since 2021. I haven't worked with the projects this year. I've done some POCs.

With respect to stability, I find that stability is very good. It is very stable.

The solution is very scalable.

I'm also aware of One Identity.

The initial setup was complex. It was very complex when it was my first time handling an implementation.

We were the partner deploying for a customer.

CyberArk Identity is slightly expensive compared to others. That said, it offers value for money. It comes with additional resources that I need to spin up on-premises. So, if I am not going fully cloud, there are additional resources I will need to purchase, such as spinning more VMs or acquiring an HSM device to encrypt the vault.

I would probably give the solution a seven out of ten.

It offers the best PAM solution you can get compared to others, compared to One Identity.

Deployment is complex. If you are deploying CyberArk Identity, you should have the skill sets, knowledge, and resources to manage it. It is not easy to manage or deploy CyberArk Identity.

We use it to protect our login credentials within the computers and tablets that we provide to our team for field tasks.

Being able to integrate CyberArk Identity with Microsoft Defender is valuable. This integration feature is integral to maximizing the security benefits we get from the system.

To enhance the product, they can consider improving the user interface of the software and possibly the customer support team. Sometimes, there is a delay in handling my inquiries via email, which could be addressed for better service.

I have used the solution for one year and a half.

We have never experienced downtime or crashing. I have not encountered such issues.

The solution can be scaled. If we have subscribed, we are able to use it on different laptops and tablets. It does not limit us, even if I have ten or more devices. We can use it on different phones and computers, demonstrating its scalability.

There are times when there is a delay in handling my inquiries via email. I would rate them an eight out of ten.

We have not used other solutions. This is the first software that we are using to protect our data and access information within the organization.

It was very easy because after we developed an interest, we went through the training on how to install it best, so while installing, we found things very easy.

It took us one day for us to become familiar with everything. We were able to realize its benefits immediately after the deployment.

It does not require any maintenance.

We had three people involved in the deployment.

The pricing is acceptable. It is worth considering what we are protecting with the amount charged.

A simple advice would be to have an IT person on the team for the software installation.

Overall, I would rate CyberArk Identity a nine out of ten.