CyberArk is a privileged account and access security suite issued by the company of the same name in Massachusetts . The Core Privileged Access Security Solution unifies Enterprise Password Vault, Privileged Session Manager and Privileged Threat Analytics to protect an organization’s most critical assets.
N/A
HashiCorp Vault
Score 8.4 out of 10
N/A
HashiCorp offers Vault, an encryption tool of use in the management of secrets including credentials, passwords and other secrets, providing access control, audit trail, and support for multiple authentication methods. It is available open source, or under an enterprise license.
$0.03
Pricing
CyberArk Privileged Access Management
HashiCorp Vault
Editions & Modules
No answers on this topic
Cloud - HCP Vault
$0.03/hr
Open Source
Free
Enterprise
Contact sales team
Offerings
Pricing Offerings
CyberArk Privileged Access Management
HashiCorp Vault
Free Trial
Yes
No
Free/Freemium Version
No
Yes
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
CyberArk offers a variety of Identity Security packages for different user types within an organization.
I always recommend CyberArk based on my experiences at several different jobs and industries. It does a great job of helping you create all kinds of use cases and approval flows for accessing and using privileged accounts. It also does a great job securing local admin passwords on servers. End-users of the system are able to quickly and easily start utilizing the more secure method of obtaining credentials in minimal time with minimal overhead/tax on their work time.
Vault is a reliable and resilient as the Key Management System. It is not for the novice user that does not have a background in information security. It requires a significant time investment into the different key engines that the solution offers to get started. It works very well once implemented and is very flexible in general.
The initial product cost is a little on the higher side, which might turn off small & medium enterprises.
As it talks about security, it has a lot of hardware/software requirements for the initial setup, which might make the rollout timeline a little lengthy.
Product should be easy to customize based on different industry's needs.
HashiCorp Vault is the best there is out there, and it has become critical to our secret management use cases. It would be difficult to find anything that would suit our needs better and that would be beneficial for us to switch over to.
We spent a little more time than we imagined to conceptually understand how HashiCorp Vault operates, as well as how it is configured. This is not trivial, and keep in mind that you will need to take some time to get a thorough understanding of the tool. The documentation could be more helpful in this regard.
I've been an engineer and architect in the Identity space for many years and CyberArk is the #1 tool I've found to help me secure accounts and credentials. I've architected CyberArk and built the implementation from the ground up twice in previous roles and found it here upon my arrival at my current job. I wouldn't want to have to live without it as it helps me sleep at night
Hashicorp has been very responsive to our questions and inquiries up to this point. We are currently working on them to develop a more granular permissions model within Vault. We are very close to achieving our objectives with the help of their support team. We do not seem to be in the same time zone which makes it hard for escalated issues.
Manage Engine's Password Management solution can accomplish the same features however, their system is cumbersome and not as user friendly to operate. It is however great for small teams. Pleasant Solutions Password Manager Pro can accomplish some of the same things, but the web browser interface is not user friendly at all
HashiCorp Vault integrates with a lot of tools and systems, and the documentation was pretty robust with a lot of community help. Because HashiCorp Vault is also older than other solutions, it is already well developed with a lot of features you need for storing secrets and configuration. HashiCorp Vault is also friendlier towards application build and is focused in providing security and a lot of customization for almost any use case scenario. Bitwarden is more limited to password management of enterprise accounts, but for application usage is not that great or easy to integrate. It does not scale well also. AWS Secrets Manager on the other hand is really good but more limited to AWS applications and vendor lock is problematic as well for such a critical piece of infrastructure.
A positive impact is passing SOX audits when it comes to privileged account management. Making sure we are compliant with password expiration policies and complexities.
