CyberArk Core Privileged Access Security
CyberArk PAS is a highly adaptable, highly secure access management solution.
By Expert Insights
Updated Oct 26, 2022
Expert Insights Verdict
CyberArk PAS is a highly adaptable, highly secure access management solution. However, there is a steep learning curve with the program and users have noted issues with reporting and troubleshooting. It is also an expensive program, best suited to enterprise level companies.
Pros
- Single centralized user interface
- Secure password vaults
- User behavior analytics
Cons
- Learning curve for deployment and troubleshooting
Overview
CyberArk Core Privileged Access Security is a unified, policy-based access manager that is highly adaptable can be deployed via SaaS or on-site, making it suitable for remote, hybrid, or on premises environments. The main features it delivers is: managing privileged credentials, isolate and monitor user sessions, threat detection and response, management of edge devices, remote access to PAM, and multi-factor authentication and single sign-on capabilities.
Features
Browser isolation & session monitoring
PAS isolates users’ browser sessions, protecting that session from becoming an attack vector for potential malware infections. Users do not directly connect to target systems at any point. At the same time, PAS also records all activity that takes place during these sessions with events safely stored. Unusual or risky behavior is flagged for admins to assess and act.
Credential management
Stores and reports all privileged credentials in use by human or non-human users. Admins can pre-set policies for complex passwords, user access, and the frequency of password rotations. The latter aims to improve security.
Edge device management
Devices on the fringe of the network, such as devices being used remotely, are subject to the same level of security and have the same policies applied. Account credentials on end devices will also be rotated per pre-set policies.
Threat detection and response
Monitors and alerts admins to unmanaged privileged accounts and credentials. This feature will scan and flag risky or unusual behavior via remediation capabilities.
Ease Of Use
CyberArk PAS has been noted as having a learning curve, with users highlighting that the program needs a skilled team to set it up, with technical expertise in areas where the program is being deployed. Upgrades can be difficult to action. Managing group privileges can also be tricky.
The admin console, however, is user friendly. Once initial set up pains are out of the way, it’s an easy to use tool that stores all credentials in one place without the need to hardcode passwords or employ authentication tokens, and allows for a access and approval system.
Pricing
Pricing is supplied via a quotation request.
Privileged Access Management (PAM) 101
Final Verdict
CyberArk Privileged Access Security offers a highly granular, actionable, and secure access manager that stores all credentials in one easy-to-access place. Notable features include browser isolation capabilities, password rotation, and MFA and SSO capabilities that tighten security and minimize risk.
Deployment requires a skilled team to deploy and implement the product. Upgrading the program can also sometimes be difficult according to some users.
We would recommend CyberArk Privileged Access Security for any companies at enterprise level that handle sensitive data and information, such as health and financial companies, that have a skilled team that can handle deployment and maintenance.
Company Information
Privileged Access Management
cyberark.com
1999
Newton, Massachusetts, US
Enterprise
CyberArk Core Privileged Access Security Awards
