As a distributor, I sell CyberArk Secure Cloud Access to partners and then to customers. I don't have the products deployed in production. I maintain a lab that I use for presentations and demos. I have both on-premises and cloud infrastructure. I am in the channel chain for CyberArk Secure Cloud Access, purchasing it directly from the vendor.
CyberArk Secure Cloud Access
CyberArkExternal reviews
7 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Modern access controls have simplified cloud demos and have supported dynamic CI/CD environments
What is our primary use case?
What is most valuable?
Deploying CyberArk Secure Cloud Access is much better than the older CyberArk products. CyberArk has improved the user experience and admin experience significantly over the years. From my expertise, the lightweight nature of CyberArk Secure Cloud Access is the most important feature, as it does not consume as many resources as previous solutions and does not require extensive resources to deploy.
CyberArk Secure Cloud Access allows me to cover a number of scenarios in a very convenient way that was not convenient in traditional PAM vaulting. The use of dynamic role-based access controls enhances my customers' cloud security. This new approach is particularly effective for dynamic environments where traditional PAM requires significant effort to detect accounts, onboard accounts, and provide access rights. A dynamic version allows this process to happen in a smoother way with fewer administrative requirements. This approach is especially valuable for modern environments, particularly CI/CD environments.
What needs improvement?
The customization of CyberArk Secure Cloud Access could be improved because I found scenarios where I could not provide the correct configuration due to insufficient options available. I understand the approach that keeping it simple makes it easier to deploy in general, but additional customization capabilities would be beneficial.
Real-time monitoring with CyberArk Secure Cloud Access is missing some features that I believe are on the roadmap, such as AI-generated descriptions of events and summarization of events. These features would be particularly helpful for SOC analysis and are important for SOC members.
The audit trail in the past was not very informative and requires improvements. I believe this is the reason why AI enrichment was prioritized in development.
For how long have I used the solution?
I have been using CyberArk solutions for ten years. CyberArk Secure Cloud Access has existed for approximately four or five years.
How are customer service and support?
Technical support from CyberArk is quite good sometimes, but it depends on who I meet on the first line. I would rate it between six and seven out of ten. It is quite good, but there are some issues.
How would you rate customer service and support?
Positive
How was the initial setup?
Implementation of CyberArk Secure Cloud Access is quite straightforward. The basic installation of CyberArk Secure Cloud Access takes mostly a couple of hours.
What other advice do I have?
Cloud providers are chosen by my customers, but in my region, Microsoft is more popular. CyberArk's mindset is to be the best in the market, but being the best in the market requires a high price to maintain quality and attract customers. Sometimes if the price is too high, CyberArk loses deals, but I see that it is a success in the market. The price is high, and if it could be lower, I could generate better business.
CyberArk Secure Cloud Access is a good product that is well positioned in the market as an enhancement that provides new possibilities beyond the classical PAM solution, for which CyberArk is most recognizable with its classical on-premises PAM. This new approach is valuable for modern environments. I rate this review overall as eight out of ten.
Building a managed cyber defense service has become seamless and supports zero-trust access
What is our primary use case?
I worked on Fortinet before, and now I am working on an altogether different vendor ecosystem that focuses more on Cybersecurity Operations Center. I currently work with IBM QRadar, CyberArk Secure Cloud Access, and a few other cybersecurity vendors.
I use these tools for my own service operating model. I am currently building a managed security services provider where I use these tools for building my security operations center and helping enterprise customers fight against cyber threats and build resilience.
I use this solution for providing zero-trust network access and application security to cloud-based workloads.
What is most valuable?
Their presence in the European market and the cloud-based SaaS consumption model is the most exciting aspect for customers.
Their claims are quite promising, and their risk score rating for different cyber threats is particularly exciting so that customers can gauge the impact of cyber threats and prioritize their remediation efforts.
For integration with SIEM, they have a good telemetry ecosystem that can be forwarded using syslog and API-based integration. This unified telemetry ecosystem allows SIEM to ingest logs and events seamlessly.
What needs improvement?
The efficacy of the solution is more or less specific to particular use cases rather than generic use cases. The solution is quite good, but it may not be applicable for all scenarios. For cloud workloads on a hyperscaler, this solution is sufficient. However, for specific use cases and how enterprises are using hybrid multicloud scenarios, the solution requires more flexibility in deployment and needs to have its efficacy tested in a hybrid multicloud scenario.
Role-based access control is not going to enhance cyber resilience, but it is more for the efficacy and optimization of resources that manage cyber resilience programs.
This product should be made available in various clouds in India because India now has the DPDP compliance requirement so that data from India-based deployments or India-based customers remains in India. This way, they can make these tools available widely on all hyperscaler cloud ecosystems in India so that enterprises can use them while keeping their compliance requirements in mind.
For how long have I used the solution?
I have been using this solution for a few months.
What do I think about the stability of the solution?
I have conducted only theoretical and a little bit of practical evaluation. I have not deployed this in production, so I cannot comment on the stability of the platform because I have not used it for my production workload or in my lab workload. I conducted a theoretical evaluation and performed a few tests. I cannot comment on stability based on my experience.
What do I think about the scalability of the solution?
I have not encountered any scalability issues. Usually, these cloud platforms are built with elastic scale in mind, so I do not think the platform will hit any scalability issues.
How was the initial setup?
The setup is straightforward. Nowadays every SaaS solution is designed and architected with the understanding that deployment is intuitive, and even with moderate skills, an engineer can deploy it seamlessly.
Which other solutions did I evaluate?
Technically, the solution matches the offerings from different service providers. In that way, I think they are quite competitive. However, this is use case specific for workloads hosted on a public cloud. I think this is a promising platform.
What other advice do I have?
CyberArk Secure Cloud Access is a good and promising solution, but the efficacy of the solution is more or less specific to particular use cases rather than generic use cases.
Privileged access has gained full audit trails and now provides real-time accountability
What is our primary use case?
Privileged access management, governance, and audit are the primary use cases for CyberArk Secure Cloud Access. For audit and governance purposes, you want visibility into who accesses what, at what time, and what they do. When deploying CyberArk Secure Cloud Access, you gain this visibility. If you need to audit something that has already happened, CyberArk Secure Cloud Access can help you understand who performed an action. For example, if a database administrator logged into a device or operating system via SSH, CyberArk Secure Cloud Access monitors the person so you know exactly what they did. If there is downtime caused by human error, perhaps a configurational error by a networking administrator, the PAM solution can help you understand that Isaac performed this action at this specific time and that action caused the downtime.
CyberArk Secure Cloud Access also prevents risks because you must go through the platform to access the environment, which limits your risk surface area and reduces risk overall. There are many reasons that organizations deploy CyberArk Secure Cloud Access. Some deploy it because it is part of their policy or standard, others deploy it for risk reduction, and others deploy it because they want to audit what their people are doing and manage their metrics.
What is most valuable?
Dynamic role-based access enhancement increases security based on user IDs and identification. You map users to applications by taking the application ID and user ID. Dynamic role-based access helps you identify which user is accessing what, with what device, at what time, and the level of access the person has for doing what they are doing.
Audit trails are the main functionality of CyberArk Secure Cloud Access. By monitoring the privileged activities that are occurring, CyberArk Secure Cloud Access gives you visibility and insight while mapping every log and providing meaning to the logs of whatever is happening. There is even live recording of whatever you are doing. When you log into a system, CyberArk Secure Cloud Access monitors the activities you are performing. If you log into a Windows operating system and access applications, it continuously records until you log out of the system and saves that recording.
What needs improvement?
CyberArk Secure Cloud Access involves substantial effort when performing on-premises deployments. The SaaS or cloud version is less time-consuming compared to the on-premises deployment. With on-premises deployment, you must do a great deal, including spinning up the infrastructure itself and adding it to the HSM before integrating or onboarding where you want to control through PAM. This requires significant human resources.
The deployment complexity may not be entirely accurate in my assessment because it has been a while since I left the engineering aspect and moved into more managerial roles. Before, when I was using it, too many components were involved in CyberArk Secure Cloud Access deployment. You need to understand every component because the least mistake results in being completely locked out of the system. Having too many components makes the deployment difficult and is not easy to understand. You have to be technically inclined to perform the deployment successfully.
For how long have I used the solution?
I used the solution since 2019.
What do I think about the stability of the solution?
CyberArk Secure Cloud Access operates in real-time for monitoring purposes. You must go through CyberArk Secure Cloud Access to access what you want to access. If CyberArk Secure Cloud Access is down, you cannot access anything, which is a double-edged sword. It becomes more secure overall, but when that security measure is not in place, you cannot access your environment. This is especially problematic when using a trial version of the license. If the trial license expires before you activate your product, that becomes a significant problem.
What do I think about the scalability of the solution?
The scalability of CyberArk Secure Cloud Access depends on the organization and how large the organization is for which you are onboarding or deploying the solution. If you have extensive infrastructure, then CyberArk Secure Cloud Access takes considerable effort to implement. However, if you have a small to medium-sized enterprise, you can typically complete your deployment in roughly a week.
How are customer service and support?
We were partners and a Tier 1 partner with CyberArk Secure Cloud Access, so the support was very high. I even know the regional engineer for CyberArk Secure Cloud Access for both West Africa and East Africa. The support was really excellent. We could log cases and receive help. We could jump on a session with an engineer to assist us. As long as you have a license from them, the support is available during deployment. The level of support depends on the kind of support you have. Because we were a Tier 1 partner with CyberArk Secure Cloud Access, the support was excellent. They have even come down to Ghana to provide support.
How would you rate customer service and support?
Negative
What other advice do I have?
CyberArk Secure Cloud Access has vast out-of-the-box integration interfaces. It integrates into almost everything within the enterprise infrastructure. I would rate this review an 8 overall.
Centralized cloud access has strengthened identity control and simplified keyless logins
What is our primary use case?
CyberArk Secure Cloud Access is our primary solution for access identity management across different cloud platforms including AWS, Azure, and Google.
A specific example of how I use CyberArk Secure Cloud Access for access identity management across cloud platforms is when a developer signs in with their company identity and receives the appropriate permissions across the Azure cloud platform. Previously, the company was unable to track the changes or determine who logged into the virtual machines. CyberArk Secure Cloud Access enables access identity management that allows users to check what changes they have made, who has made changes, who has access, and audit trails can be easily tracked.
We use CyberArk Secure Cloud Access as one identity provider for cloud IAM roles and for different users. For example, a DevOps user builds pipelines that run twenty-four seven. Whenever someone updates the pipeline, runs the pipeline, or makes changes to the pipeline, it becomes easy to track who has made the changes. Another use case is that people outside of the organization cannot access the pipelines or anything deployed in CyberArk.
What is most valuable?
The best feature of CyberArk Secure Cloud Access is that private keys can be configured once and users can log in using CyberArk credentials. Instead of providing the private key every time into the system, it is not needed. With CyberArk, we do not require it and can directly use CyberArk credentials to access the virtual machines or run the pipelines.
Using CyberArk credentials instead of private keys has made things easier for our team because previously every user had to remember the private key and store it somewhere else and insert it whenever they attempted to log into the server. This was cumbersome. Instead, organizations use CyberArk to configure the private keys, which helps because it is no longer required for users to store it on their system or somewhere else to maintain security. This additionally prevents users without access to the server from logging in.
This feature of CyberArk Secure Cloud Access also reduces time and dependency on other people. Once a user is given access, they can be tracked anytime and anywhere. Access is revocable whenever people leave the organization.
CyberArk Secure Cloud Access has positively impacted our organization because we have observed many changes. One significant impact is that since implementing it, the dependency on people has drastically been reduced. Additionally, we do not need to log in or store the private keys every time as they can be automatically configured.
What needs improvement?
I do not think there are many improvements needed for CyberArk Secure Cloud Access. As of now, the configurations done to CyberArk are excellent and up to the mark.
One small thing I think could be made better or easier to use in CyberArk Secure Cloud Access is that it is continuously evolving. I do not think there are many improvements needed as it is now aligned with industry standards. As the AI generation is evolving continuously, whenever a user mistakenly provides any secure data into AI, that prevention needs to be handled in CyberArk, possibly in future scenarios.
For how long have I used the solution?
I have been using CyberArk Secure Cloud Access for the last two years.
What do I think about the stability of the solution?
CyberArk Secure Cloud Access is very stable.
What do I think about the scalability of the solution?
CyberArk Secure Cloud Access is highly scalable.
How are customer service and support?
The customer support for CyberArk Secure Cloud Access is pretty good.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
We had not used a solution previously. Once there was a breach in the organization, that is when the company attempted to implement secure access management.
When we were looking for products that provide secure access management to the organization, we moved directly to CyberArk Secure Cloud Access after the breach because we found that CyberArk is the most valued product.
We were using a single sign-on login, but that does not align with the industry standards now, which led us to choose CyberArk Secure Cloud Access.
How was the initial setup?
The experience with pricing, setup cost, and licensing for CyberArk Secure Cloud Access is that the setup cost initially will be higher as it needs to be integrated with different applications that the organization has. The initial setup cost may increase, but in the long run, that will drastically decrease.
What was our ROI?
I definitely would like to share the relevant metrics regarding the return on investment. We have seen a lot of time saved instead of saving the private keys over the system, which can be configured to CyberArk. Additionally, we have money saved in the long run on infrastructure costs. Fewer employees are needed for certain tasks, though it does require people to maintain the security policies and all those aspects that need to be upgraded every time.
What's my experience with pricing, setup cost, and licensing?
The experience with pricing, setup cost, and licensing for CyberArk Secure Cloud Access is that the setup cost initially will be higher as it needs to be integrated with different applications that the organization has. The initial setup cost may increase, but in the long run, that will drastically decrease. Additionally, pricing is aligned with industry standards.
Which other solutions did I evaluate?
Before choosing CyberArk Secure Cloud Access, we evaluated other options such as Okta single sign-on, but that does not have much value, so we chose CyberArk.
What other advice do I have?
My advice to others looking into using CyberArk Secure Cloud Access is that it is a must-go product if they want to have a secure platform and secure product, and integrate it with the different products that the organization is using or virtual machines. Whether it is a SaaS, PaaS, or IaaS, CyberArk is one of the market leaders and is a definite go. I would rate this product a ten out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Ensures high availability and robust security for critical sectors
What is our primary use case?
I use CyberArk Secure Cloud Access for managing privileged access and maintaining security. My work involves secure tunnels between on-premises and the cloud. I create secure environments using VPN, CPM, and PSM servers both on-premises and in the cloud, and handle installations and configurations across a variety of systems including physical, cluster, and virtual servers.
What is most valuable?
CyberArk Secure Cloud Access offers high availability, ensuring no downtime as it is cloud-based. The solution provides robust security features essential for financial and banking sectors to avoid network and connectivity issues or security breaches. CyberArk's integration capability is highly valuable, as it allows seamless management of privileged accounts across various databases, network devices, and operating systems, unlike other products that require additional API development.
What needs improvement?
CyberArk Secure Cloud Access has limitations in support for on-premise teams. When issues arise with the VPN portal or the frontend, the admin team must directly engage the vendor, which can be time-consuming. It is important for critical support to respond within fifteen to twenty minutes to minimize business impact.
For how long have I used the solution?
I have been using CyberArk products for over eight years. My experience covers several versions, most recently from version 10.5 to the latest 14.4, and I have been involved in the total implementation, installation, and configuration for more than forty clients.
What was my experience with deployment of the solution?
Technically, CyberArk's deployment is efficient, but sometimes for critical cases, the response time can be delayed. There is a need for immediate vendor support in urgency, especially for severe issues that impact the business significantly.
What do I think about the stability of the solution?
CyberArk Secure Cloud Access ensures high availability with its cloud infrastructure, minimizing downtime. It is highly stable and reliable.
How are customer service and support?
The technical support from CyberArk is generally good. They adhere to SLAs, and most issues are resolved effectively. However, for critical cases, support response needs to be quicker. Sometimes, contacting the right team for severe issues can take longer than preferred.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of CyberArk Secure Cloud Access is straightforward, given its proactive communication and support in terms of providing updates and new features regularly through client conferences.
What about the implementation team?
I am involved in implementing and configuring CyberArk across numerous setups, including integrating it with third-party solutions like Qualys and SailPoint.
What's my experience with pricing, setup cost, and licensing?
I am not directly involved in pricing aspects, but I am aware that CyberArk is considered costly compared to other products. Nonetheless, its comprehensive security and functionality justify its price.
What other advice do I have?
Overall, I would rate CyberArk Secure Cloud Access around eight or nine. I recommend CyberArk Secure Cloud Access because it offers unmatched security features, essential for critical sectors like finance and banking, despite being more expensive than other solutions. I give it a rating of 8 out of 10.
Best PAM based Application
What do you like best about the product?
The security of the accounts, safes or servers with user friendly GUI.
What do you dislike about the product?
More features to be added to the new GUI
What problems is the product solving and how is that benefiting you?
It is helping users secure there servers and privelege access to those servers as management application.
Good for Authentication and security Purpose
What do you like best about the product?
It's Identity User Portal which helps apps to be open from one window no need to login everytime in every other app. Also can add your mobile as authenticator device with push notifications.
What do you dislike about the product?
Nothing so far I have experienced, its working as desired.
What problems is the product solving and how is that benefiting you?
It's solving my problem to remember Login username & passwords and login URL's which is a hassle to keep some where. It's displaying every app on the portal which I can acces by single click.
Helpful to use
What do you like best about the product?
Its security with the cyber attacks and threats is good. Also its ease of use.
What do you dislike about the product?
Though it's a cloud access so sometimes it's required high bandwidth and internet connectivity to access and control the system.
What problems is the product solving and how is that benefiting you?
To secure our application product we used cyberArk.
Secure Your Cloud Platforms Using CyberArk Cloud Entitlements Manager
What do you like best about the product?
Cross platform support, i.e all the market leader cloud service provider is supported.
What do you dislike about the product?
Subscription model, which entitles to purchase license based on no. of workspace. Doesnt think it will help for large organisation.
What problems is the product solving and how is that benefiting you?
It actually scans my entire workspace, and gives me the insight or nalaytics of how the seurity breach can be mitigated.
It has been a very useful tool to get the production access with maximum security.
What do you like best about the product?
Its a one stop solution to all the mainframe cloud requirements without requiring to reach to higher management for approvals whenever there are changes to be implemented and also with maximum security.
What do you dislike about the product?
Nothing to dislike about this. This is the best in market right now.
What problems is the product solving and how is that benefiting you?
It is providing service to manage multicloud environments with safety.
showing 1 - 10