With CyberArk Privileged Access Manager, the main idea is to control third parties of the organizations. A lot of banks usually work with integrators abroad, and they want to control those connections from the third party to their infrastructure, including the ability for the CISO or security officer to watch online the session of technical support provided by the integrator. That was the most common use case.

Another use case is to control IT personnel, where the information security team manages what actions they perform at higher privilege levels in the infrastructure. So, those two use cases are the most common.

The most valuable features in CyberArk Privileged Access Manager are session recording, role management, and access control division. Different groups can use all the abilities of the administrative role, and customers can divide their teams into auditors, administrators, and CISOs.

The storage of passwords is also brilliant. Everything is stored in a highly protected area, allowing customers to use a single sign-on approach to connect to infrastructure servers necessary for their daily activities.

The impact of CyberArk Privileged Access Manager on customer operational efficiency is quite positive. While we cannot provide exact figures, the effectiveness is apparent, though we lack specific data.

Assessing CyberArk Privileged Access Manager's ability to prevent attacks on financial services infrastructure is quite complicated, as customers usually do not share information about attacks or prevention. During POCs, before selling the solution, we run common attack simulations that typically occur in the financial sector, such as lateral movement. We have tested various attack scenarios in testing mode where CyberArk is installed, and we have shown to our customers that CyberArk successfully mitigates those attempts.

CyberArk Privileged Access Manager has helped reduce the number of privileged accounts to a minimum over the years. When we start working with CyberArk in customer infrastructure, the first thing we do is run the Discovery feature, which shows all the administrative accounts in different information systems. The next step involves addressing accounts that are unnecessary or could be used for malicious activities, so reducing administrative accounts is typically the second or third step after integrating the system.

CyberArk Privileged Access Manager indeed helps meet compliance and regulatory requirements for customers, especially in the financial sector, by aligning with PCI DSS standards. Consequently, customers are very satisfied when auditors evaluate their compliance. When assessing CyberArk Privileged Access Manager for ensuring data privacy, the focus mainly lies on password management. I have not encountered customers using the storage solutions for anything other than passwords, making it challenging to discuss broader data privacy. The primary data customers prefer to store consists solely of passwords.

Areas of CyberArk Privileged Access Manager that can be improved include offering clearer configuration options. Due to its advanced and complex nature, sometimes it is not obvious where to find specific parameters for configuration. Enhancements, such as video tutorials within the product, would be beneficial, as the text documentation is often insufficient.

It would be very useful to have predefined configuration wizards. For instance, if templates are available for third-party support teams, it would allow users to click through the configuration process with checkboxes, significantly simplifying the setup.

I have been working with CyberArk Privileged Access Manager for eight years, with technical hands-on experience for three years.

I became a project manager of the projects for implementation, education, and technical support of CyberArk. In terms of technical experience, it was three years, and for the management of CyberArk projects in general, it has been about five years.

CyberArk Privileged Access Manager is easy to scale and accommodates various infrastructure models. Any component, including licenses, can be duplicated and scaled across hybrid infrastructures, such as when a customer uses both on-prem and cloud solutions.

My impression of their technical support team is that it is very bad. The support team's response time is quick, however, the resolution process takes too long.

This inefficiency leads us to maintain a highly trained and experienced internal team, which is costly yet necessary since the vendor support response time is often inadequate.

The typical deployment process for CyberArk Privileged Access Manager starts with ensuring organizational prerequisites are met. We begin by sending prerequisites required for the environment, and the customer provides feedback that the environment is ready.

After we establish remote connection capabilities, we initiate the installation process following the agreed scope of work. This process includes integrating with Active Directories, second-factor authorization services, and email systems.

Next, we configure role-based access control, set up reporting, and automate email notifications for predefined activities.

Finally, we utilize a Threat Intelligence system to establish a baseline of regular behavior for administrative users.

Regarding measurable benefits after deploying CyberArk Privileged Access Manager, customers often ask about return on investment. One measurable benefit is the reduction of engineering resources in the IT staff since they do not need as many administrators to manage numerous services.

Additionally, they reduce the number of personnel in the information security team, as fewer controllers or auditors are needed to oversee the activities of IT staff. These benefits can certainly be measured.

CyberArk Privileged Access Manager has helped customers save on costs primarily by reducing the number of engineering and information security personnel. This includes salaries and bonuses; although they do not fire these individuals, they reallocate them to other activities.

If a colleague believes they do not need a Privileged Access Management tool since they are already using other security tools, I might explain the core idea of PAM solutions. The main purpose of a PAM solution is to prevent malicious activities involving administrative accounts. Hackers need to exploit these accounts to cause harm, and according to a recent Gartner report, approximately 80% of all attacks are directed through administrative accounts. This is why PAM solutions, including CyberArk, must be implemented to effectively manage and monitor those administrative accounts.

On a scale of one to ten, I rate CyberArk Privileged Access Manager an eight out of ten.

I'm using CyberArk Privileged Access Manager in the telecom industry, specifically for one of the clients. The main use case for CyberArk Privileged Access Manager is the Endpoint Privilege Management part, where privileged access needs to be managed, monitored, and recorded as part of SOX compliance. Other major use cases involve event management, trigger management, and notifications for break glass scenarios for various customers.

CyberArk Privileged Access Manager offers various exposed REST APIs, allowing for quick onboarding and reporting from the SOX compliance perspective, which wasn't available before. The exposed APIs give us the flexibility to perform scripting using Python and other languages to develop native tools.

CyberArk Privileged Access Manager integrates with various incident management tools, enabling automated actions through triggers for generated events. The integration with Ignimission provides operations teams with a dashboard for compliance management more efficiently.

CyberArk Privileged Access Manager offers customers good visibility of accounts to onboard. The DNA tool provides an overview of their network entity, thereby helping them streamline their network from a privilege management perspective. They can see how many assets there are, how many assets have different accounts, and which accounts are currently active or not. From the dashboard, the customer has clear visibility.

Its integration is seamless with out-of-the-box connectors. You just need to provide the input in a configuration file. It can be integrated very easily.

The most valuable features of CyberArk Privileged Access Manager include quick access, ease of use, and a variety of connection methods beyond the web portal. The Just-in-Time functionality within CyberArk is very important, and recent features such as the MFA gateway allow external customers to perform their work while being monitored seamlessly. Any events not adhering to SOP trigger notifications to admins for prompt action.

Improvements in CyberArk Privileged Access Manager should focus on simplifying installation and upgrade times, and also consider making professional services training more accessible to implementers and partners. Free training for implementers should be offered, and the installation and upgrade process should take less time.

In addition to that, CyberArk should communicate their Impact events to customers and SI partners, and consider making them free, as these events showcase their roadmap and new features.

I have been working with CyberArk Privileged Access Manager for more than eight years.

I find CyberArk Privileged Access Manager to be a stable solution and would rate its stability a nine out of ten.

I would rate the scalability of CyberArk Privileged Access Manager an eight out of ten.

I would rate CyberArk's customer support as a seven out of ten. The rating stems from the fact that sometimes critical issues require follow-ups, as the support team doesn't always recognize the urgency of a critical ticket immediately. There is a need for more dedicated support for some customers moving forward.

The previous versions were a bit difficult, but the newer versions have improved. They have done some scripting for the installation part, which has improved the overall installation very much. There is still some scope for improvement. I'm looking for an automated script where all the entities or inputs can be provided. Once that script runs on a particular server, CyberArk gets installed without any user interruptions. Currently, we have to be very specific with prerequisites and everything else. If the prerequisites are not met, there are some issues, and you have to sometimes rebuild that particular server. To avoid such things, an automated script should be there to check the overall prerequisites. After installation, there should be a global script that checks all the functionalities to see whether every entity and every component has been installed correctly or not.

I am the implementer for CyberArk. As an implementer, my customers are from various industries, currently managing customers from the healthcare, telecom, and semiconductor industries.

Since CyberArk is at the top of the Gartner list, the cost is indeed on the higher side, but customers must discern which entities are essential to purchase. They should weigh the cost against the quality received.

The setup cost for CyberArk depends upon the customer's infrastructure, and while it may be on the expensive side, the quality and support provided justify the investment, along with documentation and training that add value.

CyberArk Privileged Access Manager is the best solution for safeguarding sensitive patient data in healthcare, providing visibility and traceability that enhance compliance. Its strong design offers security and visibility for events across all industries, showcasing its robust capabilities. CyberArk Privileged Access Manager is crucial for safeguarding credentials in healthcare organizations.

I would recommend CyberArk Privileged Access Manager to those looking to use it. The biggest benefit is its versatility, providing comprehensive flexibility across various operational needs, while also offering expert support to resolve any issues encountered.

It stands out as the best tool on the market. It deserves a nine out of ten overall.

We use CyberArk Privileged Access Manager for all kinds of privileged accounts, comprising personal accounts, service accounts, and different database accounts. We manage the administrator account for Windows, the root account and reconcile accounts for Unix servers, and system administrator accounts in databases. Personal accounts are also managed along with some shared service accounts.

I work for a cybersecurity reseller company, which is US-based, and we provide managed services to all kinds of industries. Currently, I am working with a natural resource and a healthcare company.

Many things have improved with CyberArk Privileged Access Manager. All privileged accounts are now secured.

The password management keeps the passwords rotated, and these have different sets of policies, which keep the passwords in compliance. Compliance-wise, it is good to have a PAM solution in the organization. I believe CyberArk Privileged Access Manager is the best one available at this point in time.

The best thing about CyberArk Privileged Access Manager is that they keep on upgrading it. They continually conduct research and development from their end, and we get immediate support from CyberArk whenever OEM support is required for any task. Support-wise, they are the best, and the way they conduct research and analysis and upgrade the tool often is excellent.

They keep on improving regularly. As of now, it does not manage all of the IDM practices. It is only good as a PAM solution. If they could work more on Privileged Threat Analytics, it would be beneficial. It has limitations, so improvements on PTA would be fine.

I first used CyberArk Privileged Access Manager in 2016, and since then, I have worked on different tools as Cloakware, CA PAM, but I am now again working on CyberArk Privileged Access Manager, so it has been approximately seven years.

If implemented properly, the stability for CyberArk Privileged Access Manager is very good.

I would rate the scalability for CyberArk Privileged Access Manager as nine out of ten. It is very scalable, and you can manage more than 100,000 accounts, as I have worked in environments where we managed that volume and more.

We are partners with CyberArk Privileged Access Manager. Our clients are medium and small businesses. The number of accounts we manage in CyberArk Privileged Access Manager is approximately 10,000 in one client and 5,000 in another.

Support-wise, they are the best. I would rate the technical support for CyberArk Privileged Access Manager a nine out of ten.

I have used a very old tool called Cloakware before CyberArk Privileged Access Manager, created by CA Technologies. It later got upgraded to merge with CA Technologies, and we had a product called CA PAM, which later got improved into what we see in the market today, called BeyondTrust. Cloakware was not that organized. There were many issues with provider IDs, the interface was very old, and hardly any companies use it these days. When I was using it, I was working for a US-based bank. Comparing that with CyberArk Privileged Access Manager is impossible, as they are poles apart.

We have had cloud and on-premises deployments. Its deployment is easy. They have provided all kinds of documents. They are available in the community portal. You can get all kinds of help from the community or people using CyberArk and the OEM.

The duration of the deployment for CyberArk Privileged Access Manager completely depends on the environment. If it is a big environment, it may take up to one or two months sometimes. It depends on the collaboration of the teams. If the infra teams, the network side, and the OS side do not collaborate properly with the CyberArk team, it can take longer. However, if everything is in place and the environment is not huge, it takes less than a month, around 20 days.

The solution requires regular maintenance. You need to keep upgrading when updates are released by CyberArk Privileged Access Manager, and they do it quite often. Server patching is very important, and you need to be aware of the services running all the time. They have provided a system health feature to check if there are any component services that stop. All maintenance is required regularly, not daily but perhaps weekly, depending on the size of the environment. A good thing is that all of these can be automated. It saves a lot of time there.

We have eight specialists in one team working with CyberArk Privileged Access Manager in my MSS team. There are other teams as well that have many CyberArk specialists, though I do not have an actual count.

It saves financially, though I cannot provide specific numbers. It is vital to have a PAM tool in your organization because it protects you from all kinds of malicious attacks, both insider and outside threats.

Regarding time-saving, many things are automated on CyberArk Privileged Access Manager, which helps us save considerable time work-wise and is very efficient for users. The end users have the authority to reconcile the password or verify it before using session isolation, which is one of the unique features that can be enabled through Privileged Session Manager, preventing any attacks from happening within the organization when connected with sessions through CyberArk Privileged Access Manager.

The pricing for CyberArk Privileged Access Manager is quite expensive, and the pricing varies from region to region. In APAC, CyberArk Privileged Access Manager can be obtained for less than in North America, according to my understanding. Pricing-wise, they could improve by trying to sell their product in bulk licenses. You need to have a service provider or a reseller as the mediator company building the CyberArk Privileged Access Manager. Pricing-wise, they could definitely do a little better.

I would recommend CyberArk Privileged Access Manager to other users for all the reasons discussed. It has been number one on Gartner's quadrant for several years. Considering all those factors and being the best tool in the market for Privileged Access Management, it is recommended.

I would rate CyberArk Privileged Access Manager a nine out of ten.

My use cases as of right now include configuration, implementation, and developing a PowerShell report.

By implementing CyberArk Privileged Access Manager, we wanted to secure the password data and password accounts. We could see the benefits of CyberArk Privileged Access Manager immediately after we deployed it and started using it.

They could improve CyberArk Privileged Access Manager by providing more reports. If I need to know the 10 most-used accounts for this week, that functionality can be made available in the reports.

I have been using CyberArk Privileged Access Manager for seven years.

It is stable. The environment is stable, with no lagging, crashing, or downtime.

I cannot say much about scalability because we did not have any need for it.

I have contacted their technical support plenty of times. I would rate CyberArk's support a seven out of ten. They are always good.

I have not used any alternatives to CyberArk Privileged Access Manager in my career.

The initial deployment was easy because I went to training first. The training was set up by CyberArk. From design to implementation, it took close to six months.

In terms of maintenance, it requires OS upgrades and patches. It doesn't take a long time.

We did not use any help from a third party, such as an integrator or consultant. The number of people required depends on the environment. I don't see how one person can manage it because there is a lot of information to collect before even doing a design.

My company always complains about the cost of CyberArk Privileged Access Manager because it's too high.

For a new user, I would advise them to try to configure CyberArk Privileged Access Manager a couple of times before starting to use it in a production environment.

I would rate CyberArk Privileged Access Manager a nine out of ten.

We use CyberArk Privileged Access Manager to manage privileged access, so all the privileged accounts are vaulted in CyberArk, and that's our control method to manage privileged access. We also manage access for developers, so we have dual control to give approval to developers.

CyberArk Privileged Access Manager has made our operations more streamlined. There is an approval process, so it helps us keep tabs on who's working on what and for how long. We also have to give a reason when we're using privileged accounts, which helps keep track of whether they're being used correctly.

It's been good so far in safeguarding the infrastructure, but we've not used additional features of CyberArk Privileged Access Manager. Modern PAM with secure web sessions or secure infrastructure access is something that I learned about at the conference. I am curious about how we can use it.

It has not helped to reduce the number of privileged accounts. Whatever we find privileged in the environment, we want to control that by using CyberArk Privileged Access Manager. That's how we're able to control it. It has helped us identify privileged access better because we discovered users who didn't need privileged access. There have been cases where users with privileged access don't want their accounts in PAM because they need to pick up the password on a daily basis to perform their actions. There have been cases where they've gotten their privileged access off the account because it's not needed.

The user interface needs some training, but with a guide telling the user how to go about it, we have received positive feedback from whoever has used it.

It took us some time to realize its benefits because any new tool needs a proper understanding of how it can be used. A lot of testing was done on the engineering side, and demos were given. It took some time, but it is going smoothly.

Given that this is the only tool that I've worked with for the control process of privileged access, I don't have anything to compare it with. However, it's helped us keep our privileged access in check. We're able to get logs as to when the user checks out an ID and for how long, so it's a good monitoring tool.

They covered a lot at the conference. I don't have visibility into what product we've bought. It would be nice for them to approach us with what we have bought versus the new features being added. We need clarity on whether new features come included in the package that we already have, or if it's something that we need to have over and above.

Occasionally, there are lagging issues. Sometimes users have to re-login. When users copy passwords, there is sometimes a lag, so they have to log out and log in, but these are very rare cases.

I've been using it for about 5 years.

Occasionally lagging occurs. I've not heard about crashing, but there is a lag. Sometimes users will have to re-login and get it right.

The team that I work with is our in-house engineering team. I've had a conversation with CyberArk once last year revolving around efficiently generating the inventory reports. I contacted the technical support, but I didn't get a very straightforward solution that I was expecting.

We were developing a dashboard to find all the privileged accounts that weren't vaulted in CyberArk. We wanted the inventory report to be generated on a daily basis, but were having some trouble. We reached out to their technical support. The solution that they proposed was not straightforward because of the backend processes of CyberArk. We had to approach it in a different way.

I would rate CyberArk Privileged Access Manager a seven out of ten.

We're using CyberArk Privileged Access Manager to manage our service accounts, privileged service accounts, and password rotation. We also use Conjur.

CyberArk Privileged Access Manager has helped our organization remain compliant in the privileged access management space. It is very helpful for meeting compliance and regulatory requirements such as SOC, SWIFT, and PCI DSS.

CyberArk Privileged Access Manager has helped us become more efficient in managing these service accounts.

CyberArk Privileged Access Manager feels quite secure in ensuring data privacy.

CyberArk Privileged Access Manager has a very strong potential for preventing attacks and lateral movements, but it has not had an impact one way or the other on the number of privileged accounts in our organization. They are just managed differently.

CyberArk Privileged Access Manager makes it easy for users to retrieve and manage their passwords.

I have been using CyberArk Privileged Access Manager for a few months. I am still learning, and I appreciate all the networking and education at the CyberArk Impact in Boston, which is going to set me up for success as I take on my role.

In CyberArk Privileged Access Manager, the UI has room for improvement, as does the dashboard reporting, which could be made better or easier to use. The interface needs to be more intuitive in CyberArk Privileged Access Manager. There should be dashboards in CyberArk Privileged Access Manager with more data and reporting capability for the non-compliant scenarios.

My company has been using it for a long time; I have been using it only for a few months.

I have not had any support experience with CyberArk at this point in my journey.

I found the CyberArk Impact event to be much more effective as an educational experience.

The time-to-value for CyberArk Privileged Access Manager was recognized pretty quickly after implementing it.

I hope to learn how the pricing works so that I can understand it better, but I am certain it is not inexpensive.

It is absolutely necessary to have a PAM tool like CyberArk Privileged Access Manager, even if someone is using other security tools.

Based on my experience thus far, I would recommend CyberArk Privileged Access Manager to other users.

I would rate CyberArk Privileged Access Manager as an eight out of ten. It is early in my journey with this solution.

My use cases for CyberArk Privileged Access Manager are specifically for privileged access management. We are using it along with other products. They have access management, their own certificate manager, and other managers. CyberArk Privileged Access Manager is for privileged access for users who require more than normal access, such as administrators and engineers. We can rely on this tool to manage that access.

You can see the benefits of CyberArk Privileged Access Manager immediately. This is risk management. You are not getting any features from the tool. It's not something that you are installing because you want it, for example, ChatGPT. With CyberArk Privileged Access Manager, you're getting control. You're not getting any additional features for your platform or systems. You are just controlling the risk. Users can't do what you aren’t allowing them. They can't make any change without approval, so it controls risks. Once you see that value, you're controlling what the privileged users in your system are doing.

The most valuable feature I find in CyberArk Privileged Access Manager is that we can record the sessions. It provides flexible workflows. I can change the workflow to specify if it needs one approval or two approvals, and I can approve my peer. We can record sessions for external people who want or require privileged access to our systems. That is very flexible. We can record what people are doing in the platform.

I find it hard to mention a point of improvement because I'm happy with the platform. The only thing I would say is that they can improve their price.

I have been using CyberArk Privileged Access Manager for three years.

Regarding the stability of CyberArk Privileged Access Manager, I have seen a couple of times that the server was not available. In three years, it has only been a couple of times. It has high availability and low impact. In terms of the platform, it is stable.

The scalability of CyberArk Privileged Access Manager has been good; the only thing is the license. The platform is very scalable, but you need to get more licenses in terms of users.

I don't handle that kind of interaction, but my engineer does. Sometimes it requires escalation, but I have not heard of any complaints from him in terms of the support received. It is good.

I have used Delinea but not in this company. I prefer CyberArk over Delinea.

It is not that easy. You need to load the users and platforms that you will be using. You need to teach the users how to do it. It requires some change management. It is a bit complicated, but it is expected. It is not just plug-and-play.

Its maintenance depends. You can have an on-premise solution or you can have a cloud solution. We have an on-premise solution, so it requires some maintenance on the infrastructure.

Its implementation requires a team effort

With the current model of licensing, for my use cases, sometimes it's hard to convince the management and get budget approvals for it. It's expensive and you're not getting anything new. It's just a control, but in terms of risk, you are covering a big impact on the company. Improvement in the licensing prices is something I would want to have.

I would rate CyberArk Privileged Access Manager as an eight out of ten.

We use CyberArk Privileged Access Manager for privileged access management (PAM) escalation, securing our website, and applications. Our cybersecurity team actively utilizes its features.

The PAM escalation is valued. The access control feature and privilege and role-based assignment are outstanding. Dividing the user admin for security protection is the best feature. Additionally, its remote access allows easy connection for my team, and it efficiently manages identity.

Initially, it was challenging to understand and use all the features incrementally. Having a better user journey with a support team to connect would improve the product and services.

I have been using CyberArk Privileged Access Manager for about eight months in our company.

The solution is quite stable. We have not faced any issues related to stability since using CyberArk Privileged Access Manager for eight months.

CyberArk Privileged Access Manager is scalable. As a startup, it initially handled fewer users, but it scaled well as we grew.

Technical support was fast in its replies and always supportive, helping to resolve any issues efficiently.

We used miniOrange, an Indian-based cybersecurity product for access management and PAM escalation. We also used one more product, which I don't remember the name of.

The initial setup was straightforward due to well-documented resources and tutorials.

Our cybersecurity team, comprising two to three people, worked on the deployment and feature implementation.

The pricing is quite well-structured with monthly and weekly plans.

I evaluated miniOrange and one other product.

New users should watch the YouTube channel, read the documentation, check the resource section including CyberArk University, and see if it works well with their product. I rate the overall solution a nine. My overall product rating is 9 out of 10.

We use CyberArk Privileged Access Manager to manage our privileged accounts because it protects against cyberattacks and prevents unnecessary or illegal access.

It provides a centralized management system, making it easier for us to enforce policies and monitor access across our organization. Additionally, we can monitor sessions and record and detect suspicious activities that are harmful to our systems and organization.

The AI capabilities, including advanced threat detection features, are very helpful for us. They reduce human effort and errors, allowing us to quickly identify and respond to threats. This solution scales up our IT environment and resolves almost every issue that poses a threat to our organization.

Pricing is a concern for me because it is not very user-friendly for startups, new users, or very small organizations. It might be better if the price was reduced. Sometimes, the maintenance cost can also be high.

I have been using CyberArk Privileged Access Manager for the last one and a half to two years.

Every application has downtime. However, it remains stable overall. I would rate it a nine out of ten for stability.

It is scalable. I would rate it a ten out of ten for scalability.

Sometimes, when I face issues or want to understand some features, or it is difficult to identify activities in our system, I contact the support team. They are very helpful, always available, and try to resolve our issues as soon as possible.

This is the first PAM solution that I implemented in our organization.

The initial setup is not very easy, nor very difficult. It is moderate to deploy.

It does not require any maintenance from our side.

We have a team of three to five members, and they deployed it in a minimum of one week.

Its price can be reduced.

I researched some solutions and found CyberArk Privileged Access Manager to be one of the good solutions. I am very happy with the product.

I am happy with this product. If someone is looking for a PAM solution, I recommend it because it has a large developer community and good customer support. It is more stable than the others, and I am very happy with it.

Overall, I would rate it a ten out of ten.