Sold by: CyberArk
Deployed on AWS
CyberArk Secure Cloud Access implements Zero Standing Privileges to secure identities at every layer of your multi-cloud environment without impacting native cloud user experience. Cloud admins, start a 30-day free trial today to protect cloud access and meet compliance requirements in a native, secure manner.
4.5
Overview
CyberArk Secure Cloud Access, part of the CyberArk Identity Security Platform, delivers Just-in-Time (JIT) access with zero standing privileges, allowing developers secure access across AWS, Azure, and GCP environments without interruption. Designed with a developer-friendly approach, CyberArk dynamically provisions access to reduce risk and maintain developer productivity.
The Critical Need for Developer Access Security With the rise of digital transformation, overprivileged developer identities are increasingly targeted in attacks, often leading to prolonged breaches and data theft. Traditional standing access in cloud environments opens paths for attackers to misuse credentials, creating risk. CyberArk mitigates this by enabling JIT access, reducing the attack surface and safeguarding organizations from long-term breaches.
Developer-Centric Access for Enhanced Efficiency CyberArk recognizes the operational demands developers face. Developers can launch sessions natively, using their own federated identity across cloud services, APIs, and infrastructure without jump servers or extensive approvals. This seamless approach enhances productivity while preserving security.
Key Benefits for Developers Zero Standing Privileges (ZSP): Developers get temporary, session-based access without standing permissions, reducing unauthorized access risk while maintaining workflow continuity. Time, Entitlement, Approval (TEA) Model: CyberArk's TEA model ensures developers receive access when needed, minimizing delays in time-sensitive situations and restoring functionality faster. Attribute-Based Access Control (ABAC): Permissions are granted based on identity, role, and context, aligning with security requirements without compromising developer efficiency. Prioritizing Developer Experience CyberArks approach offers:
Native Tool Access: Developers use familiar tools like SSH clients and web consoles directly, reducing fatigue and allowing agile response times. Fast Incident Resolution: On-demand access for critical scenarios helps minimize downtime, accelerating issue resolution. Centralized Access Across Clouds: With a unified platform, developers manage access to all environments consistently, boosting speed and productivity. Empowering Developer Velocity and Security CyberArk enables a frictionless experience by securely granting JIT access, preventing delays in high-pressure situations. By allowing developers native access to cloud consoles, CyberArk reduces credential management burdens and risk, supporting developer velocity and secure innovation.
Adaptive Controls for Multi-Cloud Security CyberArk's Insight to Action framework centralizes oversight of access rights across cloud environments. Integrated with AWS IAM, AWS IAM Identity Center, Slack, and ServiceNow, it simplifies privilege management, enhancing both security and operational efficiency.
Protecting Against Identity-Based Threats CyberArk's ZSP and JIT access model ensures no standing credentials, reducing credential exposure and unauthorized access. Layered, identity-based controls help secure developer access without hindering productivity, empowering continuous innovation.
Measurable Benefits with CyberArk Secure Cloud Access Accelerated Cloud Transformation: Provides developers secure, JIT access to SaaS, APIs, and infrastructure in a unified, compliant platform. Efficient Compliance Management: Detailed audit trails and ITSM tool integrations ensure secure scaling and compliance. Enhanced Developer Efficiency: JIT access via the TEA model streamlines access, reducing delays and improving user experience. CyberArk: Secure, Fast Developer Access for Innovation The CyberArk Identity Security Platform ensures secure, JIT access at cloud speed, offering the only identity security solution with Zero Standing Privileges. It reduces attack risks, drives operational efficiency, and supports developer innovation.
For custom pricing or offers, contact AWS-Marketplace@cyberark.com .
Highlights
- Provide Temporary Elevated Access, Just-in-Time with Zero Standing Privileges to Resources across your cloud estate
- Secure, Native access requiring no change in workflow, tooling or configuration for end users. This is provided to accelerate adoption
- Access workflows provide a rapid and clear route to elevated entitlements with close integration to ITSM and ChatOps tooling
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Secure Developer Users, Standard Edition, QTY 5 users | Secure Cloud Access - 5 users: Multi-cloud, zero SP, CLI/web, monitor | $2,400.00 |
Vendor refund policy
Contact CyberArk for support related questions: <www.cyberark.com/customer-support/ >
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
Contact CyberArk for support related questions: <www.cyberark.com/customer-support/ > Contact CyberArk for support related questions: <www.cyberark.com/customer-support/ >
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By CyberArk
By BeyondTrust Corporation
By Barracuda Networks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Just-in-Time Access Provisioning
Delivers temporary, session-based access to cloud resources across AWS, Azure, and GCP environments without standing privileges, dynamically provisioning permissions when needed.
Zero Standing Privileges Architecture
Eliminates permanent elevated access by implementing zero standing privileges model, reducing credential exposure and unauthorized access risks across multi-cloud environments.
Attribute-Based Access Control
Grants permissions based on identity, role, and contextual attributes, enabling fine-grained access control aligned with security requirements.
Multi-Cloud Integration
Integrates with AWS IAM, AWS IAM Identity Center, Slack, and ServiceNow to provide centralized access management and oversight across multiple cloud environments.
Native Tool Access Support
Enables developers to use familiar tools such as SSH clients and web consoles directly without requiring jump servers or extensive approval workflows.
Centralized Identity and Access Visibility
Provides centralized view of identities, accounts, entitlements, and privileged access across IT estate with threat detection capabilities for compromised identities and privileged access misuse
Privileged Credential Management
Manages privileged passwords, accounts, credentials, secrets, and sessions for human and machine identities with complete control and security enforcement
Privileged Remote Access Control
Enables granular control, management, and auditing of remote privileged access for employees, vendors, developers, and cloud operations engineers with zero trust enforcement
Endpoint Privilege Management
Enforces least privilege on Windows, macOS, and Linux systems by removing local admin rights, replacing sudo with centrally managed solutions, and preventing malware and phishing attacks
Threat Detection and Analytics
Delivers advanced discovery, intelligence, and deep contextual analytics to detect threats across entire identity estate and identify hidden attack paths
Zero Trust Access Model
Implements rule-based and condition-based access control requiring continuous verification of user and device identity and trust before granting access to resources
Multi-Cloud and Hybrid Infrastructure Support
Provides secure remote access across AWS workloads, on-premises resources, and other cloud environments without requiring VPN
Conditional and Contextual Access Control
Delivers remote conditional and contextual access to resources with capability to reduce overprivileged access and associated third-party risks
Device and Endpoint Management
Supports instant provisioning of company-owned devices, employee-owned devices, and unmanaged contractor endpoints for remote access
Seamless Access Provisioning
Enables instant provisioning and seamless access experience for remote workers without requiring awareness of underlying zero trust security implementation
Standard contract
No
No
No
Customer reviews
Syedbasha Basha
Centralized access has simplified secure cloud migrations and boosted daily team productivity
Reviewed on May 20, 2026
Review from a verified AWS customer
What is our primary use case?
CyberArk Secure Cloud Access is being used in this project, and I have been involved for approximately 20 months.
I am using CyberArk Secure Cloud Access for accessing resources such as virtual machines and microservices, which are integrated with both on-premises services and cloud-based environments.
The main use case for CyberArk Secure Cloud Access is to access servers that should be logged into the AWS cloud and authorize for ourselves. These tasks previously required passing through vault gateways or providing assigned single sign-on credentials. However, with CyberArk Secure Cloud Access, the process has been made easy and very secure. I simply provide my hostname or host ID, and the necessary files, whether RDP files or SSH login files, are automatically downloaded. This approach is very secure and manages all accessibility and identity management in the backend.
What is most valuable?
CyberArk Secure Cloud Access offers the best feature of providing no need to search extensively for access points. If I want to access resources on a private cloud or even public clouds, it provides a single access point or single source where I can access everything without any hurdles or vault complications, which is excellent.
In terms of security, the impact is definitely very positive on team productivity on a daily basis. The activities and tasks we perform save significant time and effort for the teams, allowing the team to focus on core areas and their goals without being burdened by security concerns because we can trust CyberArk as one of the leading security and management identity management providers. This is definitely positively impacting our day-to-day tasks and activities, enabling the team to increase their productivity in their respective core areas.
CyberArk Secure Cloud Access has positively impacted our organization significantly within projects where we are migrating from on-premises to AWS clouds, with CyberArk playing very important roles. It provides single accessibility or a single access point for all resources, allowing us to focus on automation tasks. It directly provides all securities and passwords in a digital secured vault system where we can integrate our automation codes and directly execute them, leading to significant improvements in our current projects.
What needs improvement?
For Microsoft or some other third-party authentication, the main area I want to highlight is that login time could be improved, which would help any engineers using CyberArk Secure Cloud Access.
Depending on organizational requirements, I would highlight that the login session time, if increased, would be helpful.
Regarding user experience, the dashboard looks somewhat outdated. I think it needs improvement in terms of interface and visual appeal to enhance user experience and make it more attractive. Otherwise, I believe everything else is good.
For how long have I used the solution?
I have been working in my current field for approximately seven years overall.
What do I think about the stability of the solution?
CyberArk Secure Cloud Access is stable in my experience.
What do I think about the scalability of the solution?
CyberArk Secure Cloud Access is very scalable. We use CyberArk APIs to automate tasks and fetch resource credentials, reducing the need for manual or human interaction. This has been evident in our automation tasks during migration projects, making it very scalable.
How are customer service and support?
During my 20 months of experience with my current organization, I have not directly contacted CyberArk customer support. My team lead has handled support inquiries, so I have not been involved in that aspect.
Which solution did I use previously and why did I switch?
Before switching to CyberArk Secure Cloud Access, we previously used HashiCorp Vault based on client demands and project needs, as well as AWS-provided secret management services. In my current organization, we are now using CyberArk Secure Cloud Access.
What was our ROI?
There has definitely been a return on investment from using CyberArk Secure Cloud Access. We confidently rely on CyberArk to manage and securely store our credentials. We have reduced approximately 70 to 75 percent of our time when accessing resources through CyberArk Secure Cloud Access. If we are saving time, we are indirectly reducing workforce needs, which is a negative consideration, but the productivity has significantly increased with respect to CyberArk Secure Cloud Access.
Which other solutions did I evaluate?
We evaluated HashiCorp for its features before choosing CyberArk Secure Cloud Access.
What other advice do I have?
CyberArk Secure Cloud Access is currently a paid licensed product. While I would not suggest making it completely open source or free of cost, I recommend that CyberArk should provide some form of open-source access or trial for small startup companies or organizations wanting to implement CyberArk Secure Cloud Access. If they realize the value of CyberArk Secure Cloud Access in increasing efficiency and productivity, they would likely be inclined to purchase licenses.
I rate CyberArk Secure Cloud Access at a nine out of ten on a scale of one to ten. I chose a nine out of ten because if CyberArk Secure Cloud Access becomes open source for small teams or organizations, they could experience using the platform and improve productivity in their business. Additionally, the dashboard could be updated as mentioned previously, and if improvements are made there, it would reach a perfect ten.
I definitely recommend others to explore and experience CyberArk Secure Cloud Access, especially for small organizations looking to advance in securing their resources. CyberArk is one of the leading secure cloud providers from a security perspective, and I would definitely recommend it. If someone asks me, I would recommend using CyberArk Secure Cloud Access for any organization in the future. My overall rating for this product is nine out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Rajeshk Kumar Nayak
Access control has reduced attack surface and supports secure remote work across multi-cloud
Reviewed on May 20, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for CyberArk Secure Cloud Access is that we have multiple clusters. We use CyberArk Secure Cloud Access with one of our clusters to reduce the attack surfaces, so a user cannot get access to the full network, and access is specific to approved resources. It also provides single sign-on as well as Zero Trust Network Access , which is called ZTNA .
In my day-to-day work, single sign-on and Zero Trust Network Access function as follows: instead of opening the whole corporate network through any VPN, CyberArk gives only specific applications or systems. For example, a developer only gets access to a particular Kubernetes or OpenShift cluster or any particular applications or database, not the full internal network, which reduces security risk significantly.
I would add that CyberArk Secure Cloud Access gives IT-based access control, privileged access protections, session monitoring, and recording. These are the most important features and use cases that we are using.
What is most valuable?
The best features CyberArk Secure Cloud Access offers include secure remote access, identity-based access control, privileged access protection, and support for cloud and hybrid environments. These are the main features.
Out of those features, support for cloud and hybrid environments has made the biggest impact for my team because we have multi-cloud clusters for AWS , Azure , GCP , as well as some on-premises data centers. This feature is available for all of the platforms, making it very useful for us.
CyberArk Secure Cloud Access has positively impacted my organization by reducing attack surfaces and improving compliance; it has helped us with ISO, SOC 2, and PCI DSS requirements. We have better visibility, and it has reduced VPN dependencies, which addresses many challenges that we face.
When I mention improved compliance and reduced VPN dependencies, I have noticed that traditional VPNs expose a large part of the network, so ZTNA is much safer, and that is how it reduces the VPN dependency.
What needs improvement?
CyberArk Secure Cloud Access can be improved as there is initial complexity and it is somewhat expensive.
I would elaborate that the learning curve needs to be very explainable or very easy because it is somewhat tough, so they need to work on this particular learning path as well.
I chose an eight because, as I explained, it is somewhat expensive, and the documentation part needs to be very easy; as of now, it is very complex. The initial complexity is present, and policy setup and integrations need proper planning.
For how long have I used the solution?
I have been using CyberArk Secure Cloud Access for the last two to three years.
What do I think about the stability of the solution?
CyberArk Secure Cloud Access is stable in my experience.
What do I think about the scalability of the solution?
Its scalability is very good because we are getting live documentation and everything.
How are customer service and support?
Customer support is very good, and I have had to contact them; my experience has been positive.
Which solution did I use previously and why did I switch?
We are using CyberArk Secure Cloud Access from the start, so we did not use a different solution before.
What about the implementation team?
Pricing, setup cost, and licensing are managed by the PAM team, and the setup is done by the CyberArk OEM, so I do not have much expertise on this.
What was our ROI?
I have seen a return on investment; from a security point of view, it helps us in terms of time as well as manpower.
Which other solutions did I evaluate?
We did not evaluate other options before choosing CyberArk Secure Cloud Access; we only chose this one.
What other advice do I have?
I would advise others looking into using CyberArk Secure Cloud Access that if they are heavily dependent on VPN and now want a good alternative with more helpful features related to ZTNA, as well as if they want identity-based access controls and secure remote access, they can choose this product. I gave this product a rating of eight.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Sasikiran Sakalabattina
Cloud access has transformed privileged workflows and now enforces just-in-time zero trust control
Reviewed on May 11, 2026
Review from a verified AWS customer
What is our primary use case?
CyberArk Secure Cloud Access is used primarily for secure administrator access to cloud consoles like the AWS console, Azure portal, and GCP console without sharing permanent credentials. It allows for better passwords and passwordless access, temporary admin privileges, and full audit tracking. Just-in-Time privileged access is utilized when a cloud engineer needs temporary production access for maintenance or troubleshooting; access is granted for only an approved duration, which is automatically revoked once the work is done. Additionally, it manages DevOps and Kubernetes access, provides third-party vendor access, and facilitates multi-cloud access governance for AWS , Azure , and GCP . It also caters to emergency situations such as break-glass access during critical production outages and assists in compliance and audit management, such as for SOC audits, while implementing Zero Trust security principles.
What is most valuable?
The best features of CyberArk Secure Cloud Access include Zero Standing Privileges, which eliminates the need for permanent admin access by providing users with temporary access only when required, ensuring it automatically expires after task completion. This significantly reduces insider threats and credential misuse. In scenarios such as patch deployment in Azure, CyberArk grants admin access for just two hours after approval, which is revoked automatically once the activity is completed. Furthermore, it supports passwordless access, multi-cloud environments, and includes session monitoring that records privileged sessions to assist during audits and investigations, providing better compliance visibility. Agentless browser access is another significant feature, as it eliminates the need for VPN dependency, making operations easier for DevOps and cloud teams.
Role-based access control (RBAC) improves cloud security by providing access based on job roles and responsibilities, which helps reduce unauthorized access. For example, I provide full infrastructure management rights to cloud admins while offering limited access based on role specifications for DevOps engineers and read-only access for auditors. RBAC includes implementing least privileged security, thus preventing accidental changes and limiting the attack surface, ensuring only authorized users can modify sensitive resources. This improves compliance auditing through traceable access control, monitoring, and documentation.
What needs improvement?
There are several areas where CyberArk Secure Cloud Access could improve, such as the integration with enterprise IT ecosystems, including cloud platforms, SIEM tools, ITSM solutions, MFA systems, and DevOps platforms. While it improves operational efficiency and provides seamless user experiences, configuring policies can be complex, requiring skilled engineers. More guided deployment wizards, better automated onboarding templates, improved UI/UX experiences, simplified policy management, and enhanced reporting and troubleshooting would be beneficial.
For how long have I used the solution?
I have been using CyberArk IdM and CyberArk Secure Cloud Access solutions for the last three years.
What do I think about the stability of the solution?
I would rate the product stability of CyberArk Secure Cloud Access around 9 to 10, noting its high scalability and reliability, especially in SaaS deployments. Although there can be upgrade complexities, the platform achieves strong uptime and stability amongst enterprise-level security.
What do I think about the scalability of the solution?
Access control has improved by more than 20% with CyberArk Secure Cloud Access. With over 1,100 users utilizing this solution, I have eliminated the need for RDP access, ensuring that users can only access servers with the proper multi-factor authentication and manager approval, achieving complete coverage and reducing the risk of breaches.
How are customer service and support?
I rate the technical support for CyberArk Secure Cloud Access as a 10.
What's my experience with pricing, setup cost, and licensing?
The pricing for CyberArk Secure Cloud Access is quite high, especially the initial implementation cost, as it requires skilled engineers for deployment, configuration, and integration with various tools. The complex licensing structure involving user accounts, modules, features, and deployment types complicates cost estimation, making it seem expensive for smaller companies; however, it offers better value for larger enterprises. Additional service charges for architecture consulting and deployment support increase operational costs significantly.
Which other solutions did I evaluate?
When comparing CyberArk Secure Cloud Access with other solutions such as BeyondTrust, Delinea, and ManageEngine, I focus on security capabilities, Zero Trust architecture, cloud-native features, integration ecosystem, and deployment complexity. I find that CyberArk ranks high in PAM maturity, particularly with its advanced features such as Zero Standing Privileges and Just-in-Time access that surpass those of competitors. CyberArk also demonstrates exceptional compliance and audit capabilities and excels in multi-cloud support.
What other advice do I have?
I use adaptive risk-based policies in CyberArk Secure Cloud Access, and while configuring these intelligent security policies, which dynamically adjust user access based on real-time risk analysis can be challenging, they significantly improve security. These policies evaluate user identity, device security, login location, time of access, user behavior risk score, and resource sensitivity to determine access permissions. For instance, if a cloud engineer typically logs in from the Hyderabad office during business hours but attempts to log in from an unmanaged device in another location, CyberArk blocks access and requests multi-factor authentication and manager approval before granting limited temporary access.
I assess the effectiveness of real-time monitoring in identifying threats in the environment by considering scenarios where an employee attempts to log in from a new location and needs manager approval. In such cases, multi-factor authentication is required, ensuring a second layer of security. This mechanism significantly reduces both insider and external threats in my usage of CyberArk Secure Cloud Access.
CyberArk Secure Cloud Access requires some maintenance, particularly for role-based access, future upgrades, patch management, and lifecycle management, which may involve minimal downtime. While skilled engineers and vendor support are needed during issues, it is generally designed to reduce operational overhead, benefiting from agentless access and cloud-native architecture, with regular maintenance tasks such as policy management and compliance auditing handled through the backend platform managed by CyberArk. I rate this solution a 9 overall.
RiaanDu Preez
Centralized access control has strengthened cloud security and monitoring has exposed risky behavior
Reviewed on Apr 23, 2026
Review provided by PeerSpot
What is our primary use case?
I have been dealing with CyberArk Secure Cloud Access for over three years now, and I have been working with CyberArk for 10 years plus.
I work with their CASB solution, CyberArk Secure Cloud Access , and I am a certified deployer for CyberArk.
I use adaptive risk-based policies in CyberArk Secure Cloud Access to learn and understand the environment.
The use of dynamic role-based access controls in CyberArk Secure Cloud Access enhances my cloud security by helping not to prolong the access granting process. In other words, just-in-time access is very quick.
Integrating with existing IT ecosystems like AWS or Azure IAM or Azure AD helps streamline my administrative and compliance efforts when that is set up correctly.
I have been both a customer and reseller of CyberArk.
What is most valuable?
In CyberArk Secure Cloud Access, I find the central point where it is easy to access and easy to configure most valuable.
I assess the effectiveness of real-time monitoring in identifying potential threats as very important nowadays, noting the use of algorithms and large language models.
Comprehensive audit trails in CyberArk Secure Cloud Access have provided valuable insights, especially with suspected misuse of credentials.
When someone obtained a vendor's details and attempted to access them, with monitoring enabled, it was easy to see from which area it came from and then confirm with the user whether they were trying to access it or had forgotten something at that point in time.
What needs improvement?
In my perspective, I do not see much that could still be improved about CyberArk Secure Cloud Access. Depending on what is used to do the integration, looking at the requester's posture could be beneficial.
In the future for CyberArk Secure Cloud Access, I would like to see tokenization improved, where every connection gets a new token. Not in the sense of a connection token but more a certificate that encrypts the data and gets deleted.
For how long have I used the solution?
I have been using CyberArk Secure Cloud Access for over three years now, and I have been using CyberArk for 10 years plus.
How are customer service and support?
I rate the technical support as very good, so I give it a nine because I know a lot of the technicians.
What other advice do I have?
I am not really working with Trellix that much anymore. It is more something like CrowdStrike.
I have not had experience with Falcon LogScale by CrowdStrike yet.
When it comes to implementation, I usually refer to the physical implementation or the preparation to implementation.
Overall, I usually say it takes about three months at least for both preparation, implementation, and configuration because this helps to plan and understand the client's environment so that you do not forget something and also do not break connections or anything when you do the implementation.
In South Africa, everything is expensive, so there is always going to be environments where this is seen as a luxury product instead of an enabler.
I rate CyberArk Secure Cloud Access as also a nine, but I would like to see what happens with the Palo Alto acquisition.
I would generally recommend CyberArk Secure Cloud Access to others, but there are other good options, depending on what the client is looking for.
For companies in South Africa, I would not recommend CyberArk Secure Cloud Access for medium to small companies, but it also depends on what their security appetite is.
My overall rating for this review is nine.
Arkajit Das
Secure access has strengthened privileged controls and real-time threat monitoring for admins
Reviewed on Apr 22, 2026
Review from a verified AWS customer
What is our primary use case?
My usual use cases for CyberArk Secure Cloud Access involve primarily working on PAM, which is Privileged Access Management , and this generally helps us with admin and high-level account accessibility. We also use credential vaulting alongside its JIT, which is temporary access, and this has proven quite helpful for our needs.
What is most valuable?
The features of CyberArk Secure Cloud Access that I find most valuable are the monitoring, recording, and auditing capabilities.
I find them valuable because both products are quite interchangeable, and the main feature we love is the temporary access. Secondly, it does not require sharing a password, which is really helpful. Additionally, PAM is the core strength of this product, and it provides a dashboard for continuous threat detection, which is quite helpful for taking action against threats.
The value of the insights provided by audit trails is significant for me since it allows checking user logins and accessibility, helping identify potential threats and block or restrict access from high-risk zones. It effectively tracks user login attempts, access requests, approvals, and policy changes, which are crucial for implementing recent policies.
What needs improvement?
CyberArk Secure Cloud Access provides a solid foundation overall, but the UI/UX might be challenging for less tech-savvy individuals. Something user-friendly that improves the interface and the initial setup process would enhance the experience. The technical documentation requires a high level of understanding about how CyberArk works, and this could be improved.
For how long have I used the solution?
I have been working with CyberArk Secure Cloud Access for almost three to three and a half years.
What do I think about the stability of the solution?
I find CyberArk Secure Cloud Access quite stable. However, updates are not very frequent at times, yet it still performs well. The stability from a security perspective is quite good.
What do I think about the scalability of the solution?
The scalability of CyberArk Secure Cloud Access is commendable, as most enterprises use it. From a scalability standpoint, I would rate it an eight out of ten.
How are customer service and support?
I have communicated with the technical support of CyberArk Secure Cloud Access a couple of times.
My experience with CyberArk's technical support has been quite good. They are helpful and provide enterprise-level support with knowledgeable engineers and ample documentation, especially during setup and critical issue handling. Turnaround times may vary depending on the type of support.
What other advice do I have?
I think adaptive risk-based policies are essential because when using any healthcare-related tool, the HIPAA-related compliance or SOC compliance will be completely different from the fintech platform. They definitely differ country-wise or region-wise, and whenever we use them for LATAM or the JPAC region, policy changes are necessary. There are three levels of risk that we configure: low risk for normal access, medium risk where we provide MFA, and high risk where we block that particular system or restrict the accessibility. This is how CyberArk works.
The effectiveness of real-time monitoring in identifying potential threats for my customers is really high because real-time threat detection is a helpful feature. It enables me to analytically check high-risk zones or systems and identify potential threats based on configured access, IP addresses, or analytical reports.
The use of dynamic role-based access controls enhances cloud security for my customers because dynamic roles are essential in current cybersecurity features. They assist in assigning roles dynamically based on user roles or groups configured for them, thus offering just-in-time privilege elevation that works directly with identity providers.
Integrating with existing IT ecosystems helps my customers streamline administrative and compliance efforts by configuring it with Microsoft Azure Directory and providing SSO for any external integrations. Azure offers the highest level of security from Microsoft, and the integration areas include similar functionalities such as MFA, which significantly aid in connecting to VMs or managing cloud workloads.
The pricing of CyberArk Secure Cloud Access is relatively reasonable. It is not as expensive as other cybersecurity software, but it is also not cheap. For enterprises, paying a little more is acceptable, especially considering that one data leak can lead to significant financial problems, making the transparent and flexible pricing worthwhile. I would rate this product an overall eight out of ten.