Sold by: Zilla Security
Zilla Security solves the #1 security problem organizations face today - preventing identity related data breaches. Zilla enables organizations to establish a security and compliance best practice to eliminate access risk. We've combined comprehensive identity and access governance, and cloud security in a single platform. Zilla monitors and gives you control over all your identity paths to data access. You get least-privilege security with total visibility, ongoing monitoring, and remediation for identity vulnerabilities. Zilla's fully automated, easy-to-use access reviews help you achieve compliance, demonstrate audit readiness, and provide robust evidence of your organization's security measures.
4.3
Overview
Zilla Security delivers an identity security solution focused on comprehensive security and compliance that is automated and easy to use. The platform combines identity governance with cloud security to deliver access visibility, compliance reviews, user lifecycle management, segregation of duties, and policy-based security remediation.
Zilla's no-code integration with SaaS applications like Salesforce, cloud infrastructure like AWS, and cloud databases like Databricks, is unparalleled. Robotic automation enables the platform to monitor and configure all web-based applications, even those that don't have security APIs.
Zilla's self-learning, intelligent automation easily handles cloud scale and dramatically reduces the cost of ownership via a simple user experience that enables collaboration between app owners, IT, security teams, and auditors.
Zilla delivers:
Extensive library of out-of-the-box app Integrations Fast onboarding of any app - no coding or scripting - including custom and legacy apps without APIs Fully automated access reviews campaigns and compliance assessments for multiple reviewer types Simple user experience for frictionless collaboration between stakeholders Continuous and audit-ready compliance with all the supporting evidence in one place Advanced search and reporting for the compliance audit purposes Complete visibility into who has access to what
Highlights
- Automated monitoring and remediation of access - who has access to what and any access risks. Zilla enables organizations to easily monitor all permissions, infrastructure entitlements, and security settings that give users, machines, and APIs access. We deliver insight into critical access risk and then remediate inappropriate access via integration with an organization's ITSM systems for ticketing workflows.
- Comprehensive integrations with Zilla Universal Sync (ZUS) - we haven't met an app we can't support. Zilla makes it easy to integrate the tools, systems, and platforms organizations use every day. The platform includes robotic automation that enables customers to integrate with all applications, including legacy and homegrown apps, and ones that offer no security APIs or file exports for security data.
- Simple, automated User Access Reviews (UAR) - go from months to days for reviews and audits. Zilla automates the entire UAR process and delivers an auditable system of record. The platform generates permissions relevant to a campaign, invites reviewers to complete work, and enables administrators to track reviewer progress. Reviewers can maintain, revoke, change, re-assign, or delegate permissions, while campaign administrators have complete control over the review process.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Comply 500/25 | Zilla Security - Comply for 500 Identities and 25 applications | $45,000.00 |
Comply 2500/100 | Zilla Security - Comply for 2500 identities and 100 applications | $90,000.00 |
Comply additional app | Zilla Security - Comply Additional App | $1,000.00 |
Vendor refund policy
No refunds are available
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
The Zilla Customer Support Team is dedicated to providing you with a best-in-class support experience. Our goal is to exceed your expectations and make you successful. Support@ZillaSecurity.com address
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Zilla Security
By Veza
Top
25
In Data Security and Governance
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Access Monitoring and Remediation
Automated monitoring of all permissions, infrastructure entitlements, and security settings with identification of access risks and remediation through ITSM system integration for ticketing workflows.
Universal Application Integration
No-code integration capability with SaaS applications, cloud infrastructure, and cloud databases using robotic automation to support legacy applications, custom apps, and systems without security APIs.
Automated Access Reviews
Fully automated user access review campaigns with permission generation, reviewer invitation, progress tracking, and capabilities for permission maintenance, revocation, reassignment, and delegation.
Identity Governance and Lifecycle Management
Comprehensive identity governance platform combining user lifecycle management, segregation of duties enforcement, and policy-based security remediation across cloud and on-premises environments.
Compliance Visibility and Reporting
Advanced search and reporting capabilities providing complete visibility into access permissions, audit-ready compliance documentation, and supporting evidence collection for compliance assessments.
Application Discovery and Integration
Integrates with Identity and SSO platforms, financial systems, and direct integrations; includes browser agent and desktop agent capabilities for comprehensive application discovery.
Access Provisioning and Deprovisioning Automation
Enables bulk access provisioning and deprovisioning for user lifecycle events including joiners, movers, and leavers through automated workflows.
Access Review Automation
Automates access reviews and streamlines access management processes through a centralized interface.
Identity and Access Governance
Enforces compliance controls mandated by SOX, HIPAA, and SOC 2 standards to ensure appropriate access rights assignment.
License and Cost Optimization
Identifies and eliminates application redundancy and unused licenses to optimize software spending.
Multi-Cloud and SaaS Identity Integration
Unifies and visualizes identity and entitlement data across AWS, Azure, GCP, Okta, Active Directory, Snowflake, Oracle, Salesforce, and additional cloud and SaaS platforms.
Least Privilege Enforcement and Permissions Management
Enforces least privilege access policies and reduces permissions sprawl across cloud and SaaS environments for both human and non-human identities.
Non-Human Identity and AI Workload Governance
Discovers, secures, and governs service accounts, secrets, automations, and AI agents, with capability to control access for AI models and pipelines to ensure only authorized identities can invoke, train, or deploy AI systems.
Automated Access Reviews and Policy-Driven Governance
Automates user access reviews and replaces manual processes with policy-driven access governance across cloud and SaaS environments.
Compliance Reporting and Audit Readiness
Delivers audit-ready reporting for regulatory requirements including SOX, HIPAA, PCI, and supports alignment with Zero Trust and modern compliance frameworks.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
-
-
-
-
Standard contract
No
Customer reviews
Isaac-Hammond
Centralized access has strengthened security and simplified auditing for sensitive environments
Reviewed on Mar 30, 2026
Review provided by PeerSpot
What is our primary use case?
CyberArk IGA Powered by Zilla is used across various sectors including financial services, mining, oil and gas environments, as well as manufacturing and SMBs that require access to specific sensitive environments.
What is most valuable?
The best features of CyberArk IGA Powered by Zilla include the hardening of the solution, which involves access to the vault being restricted to one way in and one way out.
The functionalities of CyberArk PAM include monitoring of activities, which are recorded live for auditing purposes, and it integrates into almost every environment seamlessly.
After implementing CyberArk IGA Powered by Zilla, it puts the organization at a very high security level by reducing risk and threats to platforms. It helps protect the identity of individuals in the environment and simplifies auditing, making it straightforward for organizations pursuing ISO certifications.
What needs improvement?
Improvement suggestions for CyberArk include addressing the on-premises deployment processes, which require a very skilled engineer to handle because of the complexity of the environments involved.
For how long have I used the solution?
I have been working with CyberArk from 2019 to 2024.
What do I think about the scalability of the solution?
For larger environments using CyberArk IGA Powered by Zilla, scalability depends on the integration environment being implemented and the skill set behind it.
PAM involves all identity management across whole departments. My most recent projects span across two to three months because they involve other stakeholders including senior network engineers to understand how the integration will proceed, which impacts the timeframes needed for implementation.
How are customer service and support?
For the technical support of CyberArk, I rate them nine out of ten. While my experience from a partner perspective has been outstanding, the SLAs differ greatly from those of normal users.
What about the implementation team?
I personally participated in the deployment of CyberArk IGA Powered by Zilla and was the lead engineer on most of the projects that I have encountered.
I completed the implementation of CyberArk IGA Powered by Zilla all in-house. Most things are out of the box, but understanding every environment remains essential for smooth integration.
What's my experience with pricing, setup cost, and licensing?
My experience with the licensing cost shows that CyberArk is never reasonable on pricing. It goes per administrator user rather than per integrated environment, making it essential to manage access strictly.
What other advice do I have?
Implementation for CyberArk IGA Powered by Zilla is quite a complex procedure. My experience with the automation provided by CyberArk IGA Powered by Zilla involves tweaking here and there, as the same device that will create security might also affect your performance.
In terms of automation, CyberArk places all your access points centrally, so if you are a network engineer wanting to access your devices, it is centralized for you, automating and orchestrating your access while placing security measures in place.
Regarding measurable improvements after starting to use CyberArk IGA Powered by Zilla, this PAM solution does more than multi-factor authentication by providing additional layers of security through session recording and monitoring, which is critical compared to identity governance, which is mostly for authentication. I rate this product eight point five out of ten.
Ebin_Abraham
Automated access reviews have reduced hidden bot risks and create audit evidence seamlessly
Reviewed on Mar 17, 2026
Review from a verified AWS customer
What is our primary use case?
CyberArk IGA Powered by Zilla serves as our main tool for access review, certification, and governance of non-human accounts.
We handle non-human accounts, which refers to all the RPA bots that use service accounts, and we were able to review the access of these unattended RPA bot service accounts and SaaS users. When a bot is retired, CyberArk IGA Powered by Zilla can immediately find that account and review the access, making it a great tool for managing a large number of accounts.
What is most valuable?
CyberArk IGA Powered by Zilla's access reviews, audit report generation, and compliance features are excellent. It creates audit and compliance evidence easily, which previously required substantial manual effort, but now the process has become very straightforward.
The best feature is definitely the AI component, which includes evidence generation for audit and compliance, addressing one of our biggest challenges. We are able to easily gather all the details required by the audit team, and that is one of the best aspects. Additionally, being cloud-based means it is very easy to scale up without much downtime compared to our previous on-premises solution.
CyberArk IGA Powered by Zilla has positively impacted our organization by significantly reducing manual effort. We previously had many unnoticed non-human accounts that we could not deactivate due to their large number, but now that timeframe has drastically decreased, which is one of the greatest advantages. The AI-driven access reviews and automatic generation of compliance and audit documents are among the best features.
What needs improvement?
For improvement, I would suggest enhancing the reporting functionality of CyberArk IGA Powered by Zilla, as it could benefit from more customization or advanced filtering for auditing purposes. I have heard from colleagues that for some advanced policies, they are still approaching an Accenture vendor, likely due to existing difficulties.
The user interface could also be enhanced.
For how long have I used the solution?
I have been using the solution for the past one and a half years now.
What do I think about the stability of the solution?
CyberArk IGA Powered by Zilla is stable.
What do I think about the scalability of the solution?
CyberArk IGA Powered by Zilla demonstrates amazing scalability as a SaaS product in the cloud without any scalability issues.
How are customer service and support?
The support team of CyberArk IGA Powered by Zilla is very helpful; as soon as we create a ticket, they reach out quickly and provide immediate solutions, which is excellent.
Which solution did I use previously and why did I switch?
We previously used SailPoint, which was an on-premises solution.
How was the initial setup?
The deployment of CyberArk IGA Powered by Zilla took approximately two weeks in our organization.
This deployment was significantly faster compared to our previous on-premises solution.
What was our ROI?
I heard from the automation CoE team that we were able to save approximately $75,000 from that specific area, though I am uncertain if that is considered annual savings.
What's my experience with pricing, setup cost, and licensing?
I am not familiar with the pricing and licensing costs, but the setup of CyberArk IGA Powered by Zilla was straightforward since it was cloud-based compared to the previous on-premises tool, SailPoint.
What other advice do I have?
I would advise others considering CyberArk IGA Powered by Zilla that it is best for large enterprises with many accounts and a focus on compliance; if compliance is a significant concern for your organization, then it is definitely worth choosing. I provided this review with a rating of 9.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
James Quansah
Automated access governance has simplified onboarding, mobility, and secure remote work
Reviewed on Feb 04, 2026
Review provided by PeerSpot
What is our primary use case?
The main use cases for CyberArk IGA Powered by Zilla include onboarding users when they are being recruited, as well as managing the moving and exiting processes. When a user like James moves from department A to department B, the IT team no longer needs to manually change roles and permissions to the resources James has access to. Instead, the system automatically provisions James with the new role he has been appointed with. Similarly, when James leaves the organization, all his privileges and resources are automatically revoked without the need to search and manually remove each access point.
Users also want to have a single sign-on capability so they do not have to log into multiple applications. They can sign in once and have access to all their applications such as Outlook, Salesforce , CRM solutions, and ERP solutions without logging in individually. The system logs them in automatically to each application.
Additionally, CyberArk IGA Powered by Zilla helps users work from anywhere, regardless of their location or country. Users do not need to be in their office geo-location to access applications or resources, which provides flexibility for accessing applications wherever they are. Furthermore, if an account gets locked, users can reset their password themselves by answering security questions instead of going through the admin process for approval and re-enabling the account.
What is most valuable?
CyberArk has a plethora of solutions including PAM, IGA , Secrets Management, and Remote Access. I personally participate in the deployment process.
The deployment time for CyberArk IGA Powered by Zilla is based on the size of the organization, whether it is an enterprise organization or a small medium business. For an organization looking at 1,005 to 2,000 users, the process begins with a scoping phase where information is gathered from the customer, which typically takes two to three days for the customer to populate the documentation. After the customer submits the scoping documents, I and the customer review what they submitted. Once the review is complete, we conduct a kick-off meeting and provide the project timelines to both the customer project manager and our project manager. The entire process should fall within four to five weeks, approximately one month to one month and a week. During the fourth week, the system is fine-tuned. The fifth week involves training and user acceptance testing (UAT) with the customer to confirm that what was requested has been delivered as promised. After UAT, the solution is handed over to the customer.
What needs improvement?
The challenges I face with the implementation of CyberArk IGA Powered by Zilla involve legacy applications and legacy systems, which sometimes present issues. Additionally, custom-built APIs that are not properly structured can be problematic, though CyberArk can help redefine them according to the customer's demands.
Integrating CyberArk IGA Powered by Zilla with banking applications such as T24 is very tough to accomplish. When working with the T24 core banking application, the T24 support team is not able to assist much, so I have to find a way to fix the issue myself. The difficulty is not related to the price but rather to the technical integration challenges with these specialized banking systems.
For how long have I used the solution?
I have worked with CyberArk IGA Powered by Zilla for the past three years, and I have worked with PAM for six years.
How are customer service and support?
The primary issue I have experienced with CyberArk IGA Powered by Zilla is related to support. Getting the right support in the right jurisdiction is somewhat challenging. Although CyberArk has resource people to work with, the time to resolve issues is problematic. When I send a request, they respond, but getting an actual time slot to work with the customer to resolve the issue sometimes delays. Occasionally, the customer becomes frustrated and seeks support from us, and we experience issues with the first level of support they receive. I rate CyberArk support at a six out of ten.
What about the implementation team?
I personally participate in the deployment process.
Which other solutions did I evaluate?
CyberArk IGA Powered by Zilla is expensive compared to One Identity IGA and BeyondTrust.
What other advice do I have?
CyberArk IGA Powered by Zilla is expensive when compared to One Identity IGA and BeyondTrust. My overall review rating for this product is an eight out of ten.
reviewer2795934
Identity governance has strengthened privileged access controls and supports ongoing compliance
Reviewed on Jan 11, 2026
Review provided by PeerSpot
What is our primary use case?
My use cases for CyberArk IGA Powered by Zilla are identity and access management and governance, focusing on identities and identity governance.
What is most valuable?
CyberArk IGA Powered by Zilla is primarily known for managing privileged access identities, including all privileged users such as admins and system admins. It has a very good record in management of these identities, as well as password management and access to other applications.
What needs improvement?
The first downside is that the central admin console can be improved. Additionally, there is a need for more access to customization.
CyberArk IGA Powered by Zilla is lacking in the governance side of identities compared to competitors. More risk management governance policies and features would be beneficial.
What do I think about the stability of the solution?
CyberArk IGA Powered by Zilla is a very stable product, and I do not see a lot of issues with it most of the time. As long as you are maintaining the patches and upgrades in time, the vault, which is the main central component, is very good. If it is implemented or deployed correctly, it is very good.
What do I think about the scalability of the solution?
CyberArk IGA Powered by Zilla is quite scalable, and it would depend on a good architect who has done the implementation correctly. You could definitely scale up or scale down.
How are customer service and support?
Maintenance has to be on your end. CyberArk will not do that unless you sign up for their support agreements. The type of support agreement or contract you have with them determines the level of support provided. They provide a lot of support resources such as a lab, discussion forums, and good documentation, which should cover most issues.
The quality of support is quite good. The type of support contract you have determines the response you receive. CyberArk probably has an SLA of within one business day for priority tickets. They have a good support team.
Which solution did I use previously and why did I switch?
I have used a lot of other products in the market, and there are definitely better leaders in this space. Such products include SailPoint, Saviynt , and Ping One. Those products are better than CyberArk IGA Powered by Zilla in some areas or overall.
How was the initial setup?
The initial deployment of CyberArk IGA Powered by Zilla is somewhere in the middle. CyberArk has a policy of having only certified individuals who are certified in the product working on deployments, so even though the person is new, they will be able to install this without any problems. However, it could be challenging if it is spread over a large installation or a complex architecture.
What about the implementation team?
A team is needed who will go into the requirements, understand the infrastructure, and come up with a project plan for the implementation. At least two to three people should be on the team initially.
What was our ROI?
Any deployment takes time to mature, and CyberArk IGA Powered by Zilla does provide benefits immediately in terms of quick adoption of finding out the privileged access identities by running through their crawler. Using crawler tools like DNA may help ease the effort quickly. However, some of the complex use cases will take time.
Which other solutions did I evaluate?
I am trying to compare CyberArk IGA Powered by Zilla with other IGA solutions and grading them. It is definitely a very good product, but at the same time, the IGA may require some improvement in some areas, which is why I am ranking it to eight.
What other advice do I have?
Customization involves making changes to fit customer requirements. Maintenance usually involves sometimes having issues with different connectors, mostly the Active Directory and LDAP connectors. Periodic aggregation of accounts and applications sometimes go through issues with firewalls. Sometimes they do not work, and you need to make sure your connectors are all in sync, especially your LDAP and AD connectors. Sometimes there could be some issues occurring between these two connectors, so there will be maintenance on that side, making sure they are working on a regular basis based on your monitoring plan. Taking backups regularly and periodic backups are essential.
Both the support rating and the overall product rating for CyberArk IGA Powered by Zilla is eight out of ten. Eight means they have complete processes in place to help support, they have resources available, and there is a method to contact them and get response quickly. In that regard, eight is appropriate because they reuse some of their main PAM components which is very good, and compared to other products which I ranked around nine, they should be at eight.
reviewer2517972
The interface is highly intuitive and much easier for non-technical users than other tools
Reviewed on Jul 24, 2024
Review provided by PeerSpot
What is our primary use case?
We are a financial services company that's regulated by the FDIC, so we must complete a SOC 2 report showing evidence that we regularly review our high-risk applications.
How has it helped my organization?
The solution has been a lifesaver. It has given us a unified platform that allows us to easily demonstrate what we need to do regarding user access reviews for compliance.
Before Zilla, we were using fairly complicated spreadsheets, and it took a long time for the information security team to update these and send them to the business lines every quarter. We wanted something that was automated and easier for the business lines to review. Ultimately, it ended up saving the InfoSec team 60 hours per quarterly review and the business lines well over 100 hours.
We had these spreadsheets all over the place, but now we have a library of evidence to consult when needed. Zilla keeps everything in one place. It's not scattered all over anymore.
Because we must adhere to the SOC 2 framework, we need to manage our user permissions to the least privileged level. Since the spreadsheets were so complicated, many people rubber-stamped permissions. They weren't going to dive into this rat's nest, so they would just say everything is fine. With Zilla, people were able to see more clearly into their permissions, and I feel confident that we're drilling down and adhering to the least privileged rule.
The manual work needed to track everything on spreadsheets was becoming unsustainable as we added applications. We can import permissions directly into Zilla instead of juggling the data and massaging it so it fits into the spreadsheets. It's probably saved my team about 40 hours per quarter.
Zilla saves us money. We did some calculations during the first quarter and found that some people doing user access reviews were at the VP level, so their time is worth a ton of money. We also found that these folks were spending unnecessary time combing through these spreadsheets. Something that typically took an hour could be completed in 15 minutes with Zilla.
What is most valuable?
The interface is highly intuitive, and that helps in many ways because we don't need to explain things to the business lines. It's much easier than other identity and management tools. We were looking for something clear-cut that makes sense to non-technical people. It has greatly improved the controls on our audit procedures by giving people something that's clean and makes sense.
It's extremely important that Zilla provides us with a single pane of glass. When the FDIC asks us for a review, it's easier to have it in one portal than to go to all these spreadsheets scattered over SharePoint. Spreadsheets can also be manipulated, but Zilla has an audit trail that we can follow and show without a doubt that we've done what was required.
What needs improvement?
Maybe this is coming with their AI module, but I would like to see a feature that performs baseline analysis of permissions that may not fit into a role, and it attempts to group them into a role. We've run into problems with applications where someone has not created a role but assigned ad hoc permissions to a user. We still need to do some manual work to identify the group that the user belongs to. It would be amazing to have Zilla streamline that.
For how long have I used the solution?
I have used Zilla for a year and a half.
What do I think about the stability of the solution?
Zilla is highly stable. We've had zero problems with it.
What do I think about the scalability of the solution?
When we were using spreadsheets, we reviewed about eight applications, but since we added Zilla, we've scaled up to more than 40 and we continue to add to it quarterly.
How are customer service and support?
I haven't needed support since the initial setup, but we have a monthly meeting with our customer success rep. We discuss our needs and upcoming features on the roadmap.
Which solution did I use previously and why did I switch?
I have seven years of experience with SailPoint. It had the role-analysis feature and was a full-blown IAM solution, but we were looking for something we could use of the InfoSec team and GRC specifically that would enable us to do user access reviews. If I did an apples-to-apples comparison between Zilla and SailPoint regarding user access reviews, I would say Zilla comes out ahead for intuitiveness. It's easier to import permissions and it's simpler for non-technical people to use.
We use a tool called Saviynt that's run in-house by our identity access and management department. That also has user access management, but they hope to move away from it because support hasn't been great. Rather than wait for the IAM team, we decided to go for our own solution. While doing a deep dive into Saviynt, we came across Zilla. Our IAM team told us that if we wanted to switch, it would take only a week or two to get it set up.
How was the initial setup?
Deploying Zilla was easier than I expected, based on my experience with SailPoint and Saviynt. With those, it was an arduous process. The initial deployment was short, but it took us a quarter to get the solution up to usability. It doesn't require much maintenance aside from regularly updating permissions. It's more administration than maintenance.
What about the implementation team?
We received support from Zilla's team, which was very helpful.
What's my experience with pricing, setup cost, and licensing?
The Zilla license is what we expect to pay for a product like this.
What other advice do I have?
I rate Zilla Security nine out of 10. I recommend that new users follow the advice of their solution engineer. They knew what they were doing and guided us through the installation.