Sold by: CyberArk
Deployed on AWS
CyberArk PAM solutions provide end-to-end security for internal IT admins & 3rd party vendors enabling secure high-risk access used to migrate, scale and operate applications on-premises or in the cloud. CyberArk allows IT teams to implement role-specific least privilege, and workflows for both secure standing access and Just-in-Time/Zero Standing Privileges workflows.
4.4
Overview
CyberArk Privileged Access Management solutions provide end-to-end security for internal IT admins & 3rd party vendors enabling secure high-risk access used to migrate, scale and operate applications on-premises or in the cloud. CyberArk allows IT teams to implement role-specific least privilege, and workflows for both secure standing access and Just-in-Time access with Zero Standing Privileges.
CyberArk PAM solutions holistically secure both standing and just-in-time privileged access across the IT estate. With industry-leading capabilities for credential management, session isolation and monitoring, and detection of privileged access misuse, organizations can leverage CyberArk PAM to rapidly achieve their risk reduction, audit and compliance objectives.
Vendor PAM capabilities help organizations defend against attacks targeting external vendors, contractors and other third parties with high-risk access to critical IT and OT assets. The authentication and provisioning processes are enabled by the biometric capabilities of the users smartphone. Vendor PAM integrates with CyberArk PAM solutions to allow passwordless, Just-in-Time access to accounts managed by CyberArk, eliminating the cost and operational overhead of deploying VPNs, agents, and dedicated laptops to vendors.
For custom pricing, EULA, or a private contract, please contact AWS-Marketplace@cyberark.com , for a private offer.
Highlights
- Protect against the leading cause of breaches - compromised identities and credentials.
- Deliver digital experiences that balance security and a frictionless experience.
- A unified solution to address identity-oriented audit and compliance requirements.
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
AWS_25_PRIV_STDANDARD_USER_SAAS | Standard Privilege Cloud users - 25 users | $44,712.00 |
Vendor refund policy
For refund policy, visit <www.cyberark.com/terms-service-saas/ >
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Contact CyberArk for support related questions: <www.cyberark.com/customer-support >
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By CyberArk
By BeyondTrust Corporation
By Barracuda Networks
Top
25
In Application Development, Monitoring, Security
Top
10
In Financial Services
Top
100
In Infrastructure as Code
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Credential Management
Industry-leading credential management capabilities for securing and managing privileged account credentials across IT infrastructure.
Session Isolation and Monitoring
Session isolation and monitoring functionality to track and record privileged access activities for audit and compliance purposes.
Just-in-Time Access
Just-in-Time access provisioning with Zero Standing Privileges workflow to grant temporary elevated permissions on-demand.
Role-Based Least Privilege
Role-specific least privilege implementation enabling granular access control based on user roles and responsibilities.
Privileged Access Misuse Detection
Detection capabilities to identify and alert on unauthorized or anomalous privileged access activities and potential misuse.
Centralized Identity and Access Visibility
Provides centralized view of identities, accounts, entitlements, and privileged access across IT estate with threat detection capabilities for compromised identities and privileged access misuse
Privileged Credential Management
Manages privileged passwords, accounts, credentials, secrets, and sessions for human and machine identities with complete control and security enforcement
Privileged Remote Access Control
Enables granular control, management, and auditing of remote privileged access for employees, vendors, developers, and cloud operations engineers with zero trust enforcement
Endpoint Privilege Management
Enforces least privilege on Windows, macOS, and Linux systems by removing local admin rights, replacing sudo with centrally managed solutions, and preventing malware and phishing attacks
Threat Detection and Analytics
Delivers advanced discovery, intelligence, and deep contextual analytics to detect threats across entire identity estate and identify hidden attack paths
Zero Trust Access Model
Implements rule-based and condition-based access control requiring continuous verification of user and device identity and trust before granting access to resources
Multi-Cloud and Hybrid Infrastructure Support
Provides secure remote access across AWS workloads, on-premises resources, and other cloud environments without requiring VPN
Conditional and Contextual Access Control
Delivers remote conditional and contextual access to resources with capability to reduce overprivileged access and associated third-party risks
Device and Endpoint Management
Supports instant provisioning of company-owned devices, employee-owned devices, and unmanaged contractor endpoints for remote access
Seamless Access Provisioning
Enables instant provisioning and seamless access experience for remote workers without requiring awareness of underlying zero trust security implementation
Standard contract
No
No
No
Customer reviews
Utilities
Secure, Flexible Access Control on Our Server
Reviewed on May 04, 2026
Review provided by G2
What do you like best about the product?
allows us to control or give access to individuals, consultants or others on a secure server using whatever security measure we would like.
What do you dislike about the product?
we had some initial issues setting it up and giving admin rights to those whom needed it.
What problems is the product solving and how is that benefiting you?
allows us to use segmented server for doing a lot of our more specific admin rights and install our admin tools on that server instead of local installs.
Dominika T.
Intuitive Access Control with Responsive Support
Reviewed on Apr 21, 2026
Review provided by G2
What do you like best about the product?
I find CyberArk Privileged Access Manager quite intuitive and appreciate its ease of use. Additionally, I think their customer support works pretty well. The initial setup was quite easy too.
What do you dislike about the product?
Sometimes it's working too slow.
What problems is the product solving and how is that benefiting you?
I use CyberArk Privileged Access Manager for managing privileges and solving access control issues in my company. It's pretty intuitive and easy to use.
Mohamed Fouad
Centralized privileged access has strengthened compliance and simplified secure admin sessions
Reviewed on Mar 10, 2026
Review provided by PeerSpot
What is our primary use case?
As an implementation engineer, I have extensive experience with CyberArk Privileged Access Manager and its implementation this year at our customer site. We have been acting as a resident engineer for one of our customers for the past six months.
CyberArk Privileged Access Manager provides a repository and management system for our administrators to have sessions on our systems. For example, we require any administration access to our firewalls to be conducted through the PAM solution first. CyberArk Privileged Access Manager allows our administrators to access the firewalls and record the sessions.
Another use case is user offboarding. If an employee like Muhammad leaves our company, we can simply delete this user from the entire organization. We also have excellent compliance capabilities to review what occurs during administration sessions because we have them already recorded.
What is most valuable?
CyberArk Privileged Access Manager is very good on stability as a PAM solution. You can consider that if you do not have a stable PAM solution and the PAM solution always has issues with many maintenance windows, your entire organization cannot access the systems. It is very critical to rely on a stable system as a PAM solution.
The most valuable features are integrations with ticketing systems, recording sessions, and running with compliance. We also have another feature from CyberArk Privileged Access Manager, especially SSH key lifecycle management, which performs excellently in this area.
CyberArk Privileged Access Manager does not interrupt the sessions or administration sessions. Our professional services team implemented it, and we deployed full PAM features and the complete CyberArk Privileged Access Manager product in just three weeks across our larger organization. I think this is a strong point for CyberArk Privileged Access Manager.
What needs improvement?
I believe account discovery and rolling support need to be improved. Account discovery is important when integrating with other systems, as other PAM solutions can perform account discovery and onboarding effectively. Because PAM projects usually fail when teams try to onboard everything manually, CyberArk Privileged Access Manager discovery workflows can reduce this issue. Therefore, I think this area needs improvement.
For how long have I used the solution?
We have recently relied on CyberArk Privileged Access Manager for only six months, so we have not tested the scalability yet.
What do I think about the stability of the solution?
We did not face any lagging or crashing during the past six months. The stability is very good, and I would rate it a ten.
What do I think about the scalability of the solution?
We have recently relied on CyberArk Privileged Access Manager for only six months, so we have not tested the scalability yet. However, I can say it appears to be good from my understanding.
How are customer service and support?
CyberArk customer support is professional. We contacted them on only one case and resolved it in time. Based on our experience, we resolved the issue in just five minutes. I can say the support team is very professional and very technical with strong technical capabilities.
What about the implementation team?
I have implemented Fortinet VM, which is Fortinet's new PAM solution, two weeks ago recently. I think Fortinet has strengths in some areas and CyberArk Privileged Access Manager succeeds in other areas. Overall, I think CyberArk Privileged Access Manager is very good and can be considered a market leader in this space.
What was our ROI?
The pricing compared to other solutions, particularly Fortinet, is favorable. Fortinet overall has excellent pricing. However, CyberArk Privileged Access Manager has good return on investment. The pricing is affordable compared to the features and the stability of the product.
What other advice do I have?
CyberArk Privileged Access Manager requires upgrading and maintenance. We have scheduled the upgrade, and we have detailed and informative documentation for upgrading. There is an integration matrix, or rather a compatibility matrix, between the newer versions of CyberArk Privileged Access Manager with other systems. Before upgrading, we study the compatibility matrix and the upgrade process is very smooth.
My overall rating for CyberArk Privileged Access Manager is ten.
amit s.
Powerful, Secure CyberArk PAM for Enterprise Privileged Access Control
Reviewed on Jan 14, 2026
Review provided by G2
What do you like best about the product?
I have been using CyberArk for the past 5+ years, and this review is based on my experience. In my view, CyberArk PAM is a powerful and reliable solution for managing and securing privileged access. It provides strong password vaulting, session monitoring, and credential rotation capabilities. While the implementation can be complex, the platform itself is highly secure, scalable, and well suited for enterprise environments.
Overall, CyberArk Privileged Access Management is a comprehensive solution for securing privileged accounts in hybrid/cloud environments. The features we have found most valuable are password vaulting and compliance reporting. CyberArk PAM has significantly improved our privileged access controls and helps us meet security and compliance requirements.
Overall, CyberArk Privileged Access Management is a comprehensive solution for securing privileged accounts in hybrid/cloud environments. The features we have found most valuable are password vaulting and compliance reporting. CyberArk PAM has significantly improved our privileged access controls and helps us meet security and compliance requirements.
What do you dislike about the product?
I don’t really have any dislikes, apart from the fact that the initial setup and integration required some effort.
What problems is the product solving and how is that benefiting you?
CyberArk integrates smoothly with a broad range of operating systems, databases, cloud platforms, and enterprise applications, which makes it a strong fit for complex, hybrid environments.
RaoB
Centralized controls have secured privileged access and have supported strict healthcare compliance
Reviewed on Dec 19, 2025
Review provided by PeerSpot
What is our primary use case?
In the healthcare sector, my use case involves securing privileged accounts across the entire organization. Although this is not specific to any sector, I also work for banking and financial services. As a PAM solution, I secure privileged accounts while provisioning access.
With nine plus years of experience, I can develop and suggest solutions for various infrastructures, install, build, onboard, upgrade, patch, reboot, and maintain backup and restore solutions, as well as handle disaster recovery activities. I address troubleshooting of infrastructure issues and end-user requests, effectively managing onboarding and deboarding, and access provisioning for end-users. This allows me to provide end-to-end support in CyberArk Privileged Access Manager .
What is most valuable?
CyberArk Privileged Access Manager 's best features include password rotation and an excellent monitoring solution, with the additional benefit of monitoring for Enterprise Password Management (EPM) where I provision privileged access.
Delving deeper into the solution reveals many valuable features, but I particularly find password rotation and monitoring capabilities highly effective for auditing purposes. These features restrict users from unauthorized communications outside of CyberArk.
CyberArk Privileged Access Manager has helped reduce privileged accounts in my healthcare organization, where I generate reports for approximately 500,000 accounts. This reporting capability allows me to analyze and restrict based on the reports tab effectively. I note that there are limitations with supporting the pass reporter feature, although I still find it valuable for generating comprehensive account and safe level reports.
CyberArk Privileged Access Manager assists in meeting compliance and regulatory requirements such as HIPAA and SOX, ensuring I adhere to necessary standards in my operations.
What needs improvement?
CyberArk Privileged Access Manager has room for improvement regarding notifications for service account password rotations. Currently, notifications are sent at the platform level rather than at the account or safe level. I suggest enabling notifications at lower levels to help users and application owners easily identify which specific accounts are due for password rotation.
This would alleviate confusion among multiple application accounts on the platform.
With CyberArk Privileged Access Manager implemented in the healthcare industry, I observe benefits in efficient password rotation for individual and generic accounts. However, there are challenges with service account password rotation. Application teams often do not adhere to standards for rotating service account passwords, fearing failure in their jobs. While the feature exists, the delay in updates can lead to reluctance among teams to use it effectively. This reveals a need for better integration at the application level for immediate password updates.
For how long have I used the solution?
I have been using CyberArk Privileged Access Manager for nearly nine years.
What do I think about the stability of the solution?
Regarding stability, I rate it a nine out of ten. After upgrading to version 14.2, I encountered some bugs that the vendor has been diligently working to resolve. Initially, the vendor took time to fix the issues I faced.
What do I think about the scalability of the solution?
CyberArk Privileged Access Manager is definitely scalable, allowing me to manage increasing demands effectively. I would rate its scalability as a nine.
How are customer service and support?
Regarding my relationship with the vendor, I am currently a customer. Previously, I was a partner while working in the banking and financial sector, but now in healthcare solutions, I associate as a customer. I reach out to the vendor whenever I encounter issues, seek information, or require assistance with upgrades. I maintain consistent communication on a weekly or biweekly basis through calls, emails, or tickets.
I rate CyberArk's technical support as an eight. The vendor provides solid support when needed.
How was the initial setup?
The deployment of CyberArk Privileged Access Manager is straightforward, similar to installing any application on a PC. For those familiar with CyberArk, the installation process is very simple. Thoroughness is essential, but it is generally an easy process.
Which other solutions did I evaluate?
In comparison to other PAM solutions like Delinea and BeyondTrust, I find CyberArk Privileged Access Manager continues to lead in effectiveness. With over nine years of experience, I believe CyberArk is superior in its password rotation capabilities and overall management, despite competitors having similar functionalities under different names.
What other advice do I have?
I recommend CyberArk Privileged Access Manager to small and mid-level organizations needing a PAM solution. I assert that it has been a reliable tool for me for over nine years. Even a proof of concept might be beneficial initially, with an emphasis on understanding the budget aspect. I would rate this product a nine overall.
I find CyberArk to be expensive in general. Many organizations have considered alternatives due to budget constraints, even though CyberArk is a leading product in the PAM industry, recognized for its quality and long-standing presence. However, the high cost can drive some customers away.
Integrating CyberArk Privileged Access Manager with existing EHR systems and healthcare workflows, such as SailPoint, presents challenges. SailPoint integration often hinges on third-party tools, making the process complicated and critical for many organizations. I endeavor to manage this necessity.
In terms of mean time to respond, I acknowledge variable response time. The L1 team is proactive, yet the vendor often pushes to close incidents swiftly, even when issues remain unresolved. This can extend the resolution timeline significantly.
When assessing CyberArk Privileged Access Manager for protecting against ransomware attacks, I find that it effectively isolates components such as the primary vault, DR vault, PVWA, CPM , PSM, and PSMP, ensuring communication is limited to internal only. This isolation prevents any interaction with the external world, including AD, thereby safeguarding my systems. The feature of maintaining a DMZ for the vault, which ensures that attackers cannot reach it, is critical in protecting against ransomware threats targeting Active Directory.
Every infrastructure requires maintenance, including upkeep and patching. I find managing CyberArk Privileged Access Manager's infrastructure is straightforward. It can run effectively in physical or virtual environments, whether on cloud machines or VMware systems. Overall, maintenance is not overly complex.
If deploying in a lab environment, setting up the primary and DR vaults, PVWA, and CPM can usually be completed within one and a half to two hours. Organization-wide implementations may require more time due to necessary approvals and hardware availability, but the actual installation process itself remains swift.
I assess the granular controls provided by CyberArk Privileged Access Manager as robust because they enable tailored access at the individual user level or through AD groups. This includes detailed role definitions such as safe reader, safe auditor, safe approver, and safe manager. As an administrator, I can manage all access. By provisioning least privileged access and allowing users to connect and view their accounts without exposing passwords, I uphold the principle of least privilege at the safe level.