We use the product to store system accounts.

CyberArk is a good and adaptive solution. It is easy to adopt and install. It is easy for every use case.

The challenge with the product is pricing since it's expensive. It also needs to improve the customization. We encountered some stability issues as well.

I have been working with the product for more than 10 years.

I would rate the solution's stability a seven out of ten.

My company has more than 20,000 users for the product. I would rate the product's stability an eight out of ten.

We have a direct connection with the CyberArk leadership. However, the tool's support is not user-friendly. They will charge you for premium support and push you towards it.

I have used BeyondTrust before.

The solution's setup is easy. There were some challenges while managing from environment to environment. We experienced some glitches during the installation process.

The product's licensing is yearly. I would rate the solution's pricing a six out of ten.

I would rate the product an eight out of ten. We only have the licensing contract with the product and everything else is managed in-house with a team size of four members.

We currently employ CyberArk Privileged Access Management, which involves extremely complex processes for ensuring the secure management, verification, and guarantee of credentials. Implementing the professional installation tool represents another challenging aspect of this task.

The most valuable feature of CyberArk Privileged Access Manager is privileged threat analytics.

The support could improve for CyberArk Privileged Access Manager.

I have been using CyberArk Privileged Access Manager for approximately three years.

The solution has high availability.

CyberArk Privileged Access Manager is highly scalable. When compared to other solutions it scales well.

I plan to use the solution more in the future.

The issue of technical support is crucial, as there are not many specialized partners available in Brazil to provide this service. While English language support is of good quality, there is a significant shortage of partners capable of meeting the demand locally.

The initial setup of CyberArk Privileged Access Manager is easy.

We have received a high ROI using CyberArk Privileged Access Manager.

The price of the solution is reasonable.

I rate the price CyberArk Privileged Access Manager a seven out of ten.

Individuals who wish to utilize CyberArk should be cautious when selecting a partner to implement the solution, as proper architecture design is essential to ensure a streamlined and effective implementation.

I rate CyberArk Privileged Access Manager a nine out of ten.

CyberArk vouches for access to domain controllers in Unix and Windows Server.

CyberArk makes our environment more secure and prevents possible attacks by compromised accounts.

The price is high compared to Azure Key Vault. It's the most expensive solution.

I have used CyberArk for about three months.

We have 98 percent uptime.

CyberArk is scalable. We have around 4,000 users.

We previously used Telos. We switched to CyberArk because it has features to deal with a large company that has a complex structure and many partners.

Deploying CyberArk was moderately difficult. It isn't too hard, but it isn't easy. One person is enough to install it. It took about one month to select the product and deploy it.

CyberArk is more expensive than other solutions, but it's necessary when the company has contacts with other branches and partners.

I rate CyberArk Enterprise Password Vault eight out of 10. It's more expensive than Azure Key Vault, but Key Vault doesn't have CyberArk's analytics and user tracking. I recommend CyberArk if you need those features. However, it's costly in the Brazilian market because of the conversion fro reals to dollars.

Our main use cases for CyberArk Privileged Access Manager are privileged access management and privileged session management. Another use case of the solution is password rotation.

CyberArk Privileged Access Manager improved our organization by identifying the owners of the service accounts. Each service account should be associated with an owner because without an owner, that account becomes an orphan account that nobody can take ownership of, so this means nobody would know what that account is doing. When we brought in CyberArk Privileged Access Manager, it helped us have a roadmap that allowed account ownership and account onboarding. CyberArk Privileged Access Manager gave us a roadmap, a plan to follow, and a guide on how to manage privileged access, and this is very important because we don't want privileged access to be compromised or breached.

Realizing the benefits of CyberArk Privileged Access Manager was a long journey. It was not an easy journey. It was a long journey to put things in place and get them onboarded because not all applications were compatible. It took six months to a year at least, to start the process properly.

The applications which were in Active Directory were easy, for example, it was easy to onboard the accounts and rotate the passwords because that meant only running scheduled tasks. There were a few accounts, however, where the applications weren't compatible with password rotation, particularly old applications or legacy applications that would break if the passwords were changed. To get all those sorted and to get all those in place, and explain what those changes were, took a lot of time, but for accounts that were just running scheduled tasks or services, those were onboarded easily and had their passwords rotated, particularly those which had identified owners.

One of the features I found valuable in CyberArk Privileged Access Manager is privileged session management. It's a feature that allows you to record the session, so if there's a risk, that risk can be highlighted.

I also found it valuable that CyberArk Privileged Access Manager can be integrated with PTA, and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature.

Another good feature is the CPM because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain.

Integration is also a valuable feature of CyberArk Privileged Access Manager. It has an application access module function that allows you to integrate and manage applications, including BOT accounts. It also allows you to manage ServiceNow and many other applications.

What could be improved in CyberArk Privileged Access Manager is the licensing model. It should be more flexible in terms of the users. Currently, it's based on the number of users, but many users only log in once in four months or once in five months. It would be great if the licensing model could be modified based on user needs. We even have users who have not logged in even once.

Another area for improvement in CyberArk Privileged Access Manager is the release of vulnerability patches because they don't release it for all versions. They would say: "Okay, you should upgrade it to this point. The patches are available", but sometimes it is not feasible to do an upgrade instantly for any environment, because it has to go through the change management process and also have other application dependencies. If that can be sorted out, that would be nice.

I've been using CyberArk Privileged Access Manager for around seven years now.

CyberArk Privileged Access Manager is a stable solution.

CyberArk Privileged Access Manager is deployed on-premises in the company, so I'm unable to comment on scalability, but they do have a software as a service model, so that's scalable.

Technical support for CyberArk Privileged Access Manager is responsive. As for their timelines for completing tickets, it would depend on the process. Sometimes it takes them less time to respond, and sometimes it takes them longer. They have different levels of support, so if level one is not able to resolve it, they escalate the issue in due time to the next level of support. They're mostly able to help.

On a scale of one to ten, with ten being the best, I'm giving their support an eight. There's always room for improvement, and in their case, in terms of support, what they could improve is their response time, especially their response to business-critical activities or issues.

The company was probably using LockBox before using CyberArk Privileged Access Manager, but I'm not sure about that.

Installing CyberArk Privileged Access Manager was easy. It's only the firewall you need to introduce into the environment that takes time, particularly if you're doing an on-premises model.

I saw a return on investment from using CyberArk Privileged Access Manager. It's a good privilege access management solution and identity and access management solution as a whole. It's a really good product.

The solution was definitely implemented because it saves you time and money, for example, access management and privileged access management are now automated when in the past, those processes were done manually. The new feature CyberArk DNA was also given free of charge, so that DNA tool can scan the environment for all the vulnerable accounts for password hash attacks, for accounts where the passwords were not changed. That definitely saves time, because that type of scanning would be very difficult for someone to do manually, and the report that comes out of that scan is very objective.

I'm not involved in the purchase of the CyberArk Privileged Access Manager licenses, so I'm unable to comment.

I was not part of the evaluation process.

I recently switched jobs, so I was working with CyberArk Privileged Access Manager in my previous organization, and also using it in my current organization. I'm using version 12.2 of the solution.

In terms of maintenance, it can be monitored through SCOM Monitoring, but the vault is standalone. CyberArk Privileged Access Manager can enable SNMP Traps so that the vault can be monitored automatically and it can trigger an incident to the ticketing tool the teams are using. It has the ability for automated monitoring.

My advice to others looking into implementing CyberArk Privileged Access Manager is to know their network properly. If they're doing an on-premises deployment, they should know their network properly, and they should first audit their environment in terms of the accounts they're going to manage on CyberArk Privileged Access Manager. They should also assign the owners and assign everything beforehand to help make implementation faster.

I'm rating CyberArk Privileged Access Manager nine out of ten.