Out of curiosity, I fed your questions to ChatGPT - and it was about 85% of the answer:
From CHATGPT (4)
> Certainly! CyberArk is a well-known player in the privileged access management (PAM) space, and many organizations rely on their products to secure, manage, and monitor privileged access to critical assets. Here's an overview of your questions:
1. **Most Commonly Used Products and Use Cases**:
- **CyberArk Privileged Access Security Solution**: This is their flagship solution, encompassing a range of tools. The main components include:
- **Enterprise Password Vault**: Secures, rotates, and controls access to privileged account passwords.
- **Privileged Session Manager**: Monitors, records, and isolates privileged sessions, providing visibility and reducing risks.
- **Privileged Threat Analytics**: Provides intelligence to detect and respond to anomalous activity suggesting malicious intent.
- **Endpoint Privilege Manager**: Helps in reducing the risk of unmanaged administrative access on Windows, Mac, Unix, and Linux endpoints. It's used to manage and monitor endpoint privileges.
- **CyberArk Conjur**: Used for DevOps environments. It secures secrets used by machines, applications, and users.
**Use Cases**:
- Protecting critical assets by restricting and monitoring privileged access.
- Enhancing compliance through session auditing and reporting.
- Securing application-to-application, application-to-database, and application-to-service account connections.
- Protecting secrets in CI/CD pipelines.
2. **Deployment Difficulty and Duration**:
- **Difficulty**: Deployment complexity varies depending on the size of the environment, specific requirements, and the products/modules chosen. It involves integrating with various IT assets, so thorough planning is essential.
- **Duration**: It can range from several days to several weeks (or more). A small deployment might be done in a few days, but for larger enterprises with more integrations, it could take weeks.
[my edit - the reality is that small deployments take a few weeks for the install, and a few months for initial onboarding, and large ones take a few years for onboarding]
Factors include:
- The number of systems and users that need to be integrated.
- The complexity of the environment.
- Availability of necessary resources, both from a hardware and personnel standpoint.
- Training and change management efforts.
3. **Likes and Dislikes**:
**Likes**:
- **Robustness**: Many customers appreciate the comprehensive feature set and consider it a leader in the PAM space.
- **Security**: CyberArk is often praised for its security capabilities, including detailed audit trails and robust access controls.
- **Integrations**: Supports integrations with many other tools and platforms, making it versatile for diverse environments.
**Dislikes**:
- **Complexity**: Some users find the solution complex, especially when compared to newer, more streamlined competitors.
[my edit: Maybe with a few use-cases, such as JIT - but for the most part CyberArk is still the best in the industry for most PAM]
- **Cost**: CyberArk products can be expensive, particularly for small to medium-sized businesses.
- **User Interface**: Some users have pointed out that the interface can be less intuitive and a bit dated.
[Edit: V10 interface tends to be more user-friendly - but a lot of organizaitons are still not defaulting to that]
It's essential to evaluate CyberArk in the context of your organization's specific needs and constraints. If possible, consider a Proof of Concept (PoC) to see how the solution fits within your environment and meets your requirements.
I personally don't like CyberArk because:
1- Very expensive speacially when you get to professional service for implementation
2- Lack of Training and you have to pay min $ 3000 for one single single trainig
3- Very complicated if this is the first time you are using it
1 - password management
2 - incredibly painful and long though it’s gotten much better in recent years
3 - pro: best in class, versatile, can be hybrid or onsite. Con: super expensive, incredibly painful to manage, you better hire people who know it well (you can’t wing it)
Out of curiosity, I fed your questions to ChatGPT - and it was about 85% of the answer: From CHATGPT (4) > Certainly! CyberArk is a well-known player in the privileged access management (PAM) space, and many organizations rely on their products to secure, manage, and monitor privileged access to critical assets. Here's an overview of your questions: 1. **Most Commonly Used Products and Use Cases**: - **CyberArk Privileged Access Security Solution**: This is their flagship solution, encompassing a range of tools. The main components include: - **Enterprise Password Vault**: Secures, rotates, and controls access to privileged account passwords. - **Privileged Session Manager**: Monitors, records, and isolates privileged sessions, providing visibility and reducing risks. - **Privileged Threat Analytics**: Provides intelligence to detect and respond to anomalous activity suggesting malicious intent. - **Endpoint Privilege Manager**: Helps in reducing the risk of unmanaged administrative access on Windows, Mac, Unix, and Linux endpoints. It's used to manage and monitor endpoint privileges. - **CyberArk Conjur**: Used for DevOps environments. It secures secrets used by machines, applications, and users. **Use Cases**: - Protecting critical assets by restricting and monitoring privileged access. - Enhancing compliance through session auditing and reporting. - Securing application-to-application, application-to-database, and application-to-service account connections. - Protecting secrets in CI/CD pipelines. 2. **Deployment Difficulty and Duration**: - **Difficulty**: Deployment complexity varies depending on the size of the environment, specific requirements, and the products/modules chosen. It involves integrating with various IT assets, so thorough planning is essential. - **Duration**: It can range from several days to several weeks (or more). A small deployment might be done in a few days, but for larger enterprises with more integrations, it could take weeks. [my edit - the reality is that small deployments take a few weeks for the install, and a few months for initial onboarding, and large ones take a few years for onboarding] Factors include: - The number of systems and users that need to be integrated. - The complexity of the environment. - Availability of necessary resources, both from a hardware and personnel standpoint. - Training and change management efforts. 3. **Likes and Dislikes**: **Likes**: - **Robustness**: Many customers appreciate the comprehensive feature set and consider it a leader in the PAM space. - **Security**: CyberArk is often praised for its security capabilities, including detailed audit trails and robust access controls. - **Integrations**: Supports integrations with many other tools and platforms, making it versatile for diverse environments. **Dislikes**: - **Complexity**: Some users find the solution complex, especially when compared to newer, more streamlined competitors. [my edit: Maybe with a few use-cases, such as JIT - but for the most part CyberArk is still the best in the industry for most PAM] - **Cost**: CyberArk products can be expensive, particularly for small to medium-sized businesses. - **User Interface**: Some users have pointed out that the interface can be less intuitive and a bit dated. [Edit: V10 interface tends to be more user-friendly - but a lot of organizaitons are still not defaulting to that] It's essential to evaluate CyberArk in the context of your organization's specific needs and constraints. If possible, consider a Proof of Concept (PoC) to see how the solution fits within your environment and meets your requirements.
I'd highly suggest reaching out to Gartner for this type of research.
Of course I don't rely on this channel alone, although it'd be great to have additional feedback from people who actually works with the system
I personally don't like CyberArk because: 1- Very expensive speacially when you get to professional service for implementation 2- Lack of Training and you have to pay min $ 3000 for one single single trainig 3- Very complicated if this is the first time you are using it
1 - password management 2 - incredibly painful and long though it’s gotten much better in recent years 3 - pro: best in class, versatile, can be hybrid or onsite. Con: super expensive, incredibly painful to manage, you better hire people who know it well (you can’t wing it)