Amazon Cognito vs CyberArk Privileged Access Manager comparison

Amazon Cognito vs. CyberArk Privileged Access Manager

Download the complete report

Helped 860,592 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Amazon Cognito

Average Rating

7.4

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Access Management (9th)

CyberArk Privileged Access ...

Average Rating

8.6

Reviews Sentiment

6.8

Number of Reviews

224

Ranking in other categories

User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)

Featured Reviews

Wojciech Doganowski

Solutions Architect & PMO at AS TV Play Baltics/TV3 Group

International setup localization challenges drive custom development while outsourcing credential management enhances security

We are using it in an international setup where we have multiple services running in multiple countries. Cognito localizes only regarding language, but the service is localized in each country. Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API. I hope they will fix this soon because it's useful to rely on already prepared flows for all the account management. As it doesn't work with different languages, rewriting it is quite complicated. Additionally, maybe they could find another step in the price so there is not such a significant jump from the basic to extended functionality. Some flexibility would be helpful.

Read full review

Abdul Durrani

Security Manager at Insight

Enables granular and secure access with just-in-time access and Zero Trust model

CyberArk provides a good amount of control over access types. However, as a future enhancement, having additional features for cross-platform integration would be beneficial. It would be good to have integrations with other tools and firewalls, such as Zscaler and CrowdStrike. Although I am not fully aware of recent updates, more cross-platform integration would be valuable. A SOC analyst would like to have centralized access in terms of information flowing in even for privileged access management. They would like to have control over everything instead of opening four to five tabs for different sorts of information. Cross-platform integration would help with that. Customers also want CyberArk's pricing to be better so that they can implement it further and have more licenses. Implementing a privileged access management solution can be challenging. It would be great if CyberArk could provide recommendations based on the compliance standards of an organization. It would help system admins ensure that all the required ports are closed and the systems are being managed properly. If any system is not being used anymore, any ports opened for that system need to be closed. Having such recommendations would be helpful.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."

"The most valuable features of Amazon Cognito are the pre and post-token generation, and the different Cognito triggers. It has lots of functionality and flexibility."

"The most valuable features of Amazon Cognito are OTP validation and email validation."

"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."

"The features most valuable to us are the ability to integrate with various IDPs and the capability to sync with multiple applications."

"What is quite valuable is that we can outsource storage of the credentials to AWS, and they manage it quite securely."

"I appreciate Amazon Cognito's ability to scale with demand and its seamless user verification features."

"The federation is one of the most efficient features as the pricing is competitive."

More Amazon Cognito pros

"With PAM in place, we've experienced a significant reduction in potential security breaches."

"It is a scalable product."

"It's secure and reliable. I especially appreciate that it's locked down and only allows access to authorized components."

"It is an extremely scalable solution."

"CyberArk has been easy for us to implement and the adoption has been good. We've been able to standardize a bunch of things. We've been able to standardize relatively easily with the use of the platforms and managing the policies."

"It has helped from an auditing perspective identify who has access to privileged accounts."

"Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too."

"CyberArk Privileged Access Management's most valuable features are primarily its password vault functionality, specifically CyberArk's Core Privileged Manager and Privileged Session Manager."

More CyberArk Privileged Access Manager pros

Cons

"What I found generally lacking in AWS is privileged access management (PAM)."

"Amazon Cognito’s UI needs improvement while onboarding new users."

"Amazon Cognito could be improved by making it easier for us to add more data to the token, allowing customization of JWT. It requires a complex program to customize the token currently, however, the UI could support this configuration better."

"There is room for improvement in Amazon Cognito."

"I would rate its scalability as five out of ten. Moving users between different pools or accounts creates new identities, which means IDs stored in our database must also be changed."

"You need to evaluate the export users. The multifactor authentication, much less this room for improving the configuration setup of that."

"Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API."

"The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint."

More Amazon Cognito cons

"My company always complains about the cost of CyberArk Privileged Access Manager because it's too high."

"The solution's architecture could be improved. It requires installation on four to five different servers."

"There are upwards of six components you need to set it up. And you might need anywhere from two to five servers. It takes some work to set that up, especially in a larger environment."

"There should be more models and licensing plans for this software."

"The initial setup was somewhat complex."

"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."

"The challenge with the product is pricing since it's expensive. It also needs to improve the customization. We encountered some stability issues as well."

"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""

More CyberArk Privileged Access Manager cons

Pricing and Cost Advice

"The price of Amazon Cognito is expensive. We are on an annual subscription."

"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."

"The price of Amazon Cognito is low. The pricing model is based on the users."

"The price of the solution depends on the number of users using it."

"The product is relatively inexpensive compared to other tools."

"The pricing of this solution is good compared to other solutions on the market."

"The pricing is bad so I rate it a two out of ten."

"We pay $600 monthly per user for licences and there are no other additional costs."

"I rate the tool's pricing an eight out of ten."

"The price of the solution is reasonable."

"It's expensive, certainly. But CyberArk is the leader in the market with regards to privileged access management. You pay a lot, but you are paying for the value that is being delivered."

"Although CyberArk Privileged Access Management is expensive, its protection capabilities outweigh the cost."

"CyberArk DNA is free if you purchase the CyberArk solution. There is no additional charge for CyberArk DNA, which is great."

"This product is very expensive."

"Its price can be reduced."

"Pricing is quite high and it could be improved."

More CyberArk Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Access Management solutions are best for your needs.

See recommendations

860,592 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

Comms Service Provider

10%

Government

Manufacturing Company

Educational Organization

18%

Financial Services Firm

14%

Computer Software Company

13%

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Amazon Cognito?

The most valuable feature of the solution is its swift authentication.

What is your experience regarding pricing and costs for Amazon Cognito?

The basic functionality is reasonably priced, but the extended functionalities, especially the extended security, are quite expensive. There is a significant jump from the basic to the extended fun...

What needs improvement with Amazon Cognito?

How does Sailpoint IdentityIQ compare with CyberArk PAM?

We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...

What do you like most about CyberArk Privileged Access Manager?

The most valuable features of the solution are control and analytics.

What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?

It's not a cheap application. It's very expensive.

Microsoft Entra ID vs Amazon Cognito

Comparisons

Compared 61% of the time

Auth0 vs Amazon Cognito

Compared 11% of the time

Cloudflare One vs Amazon Cognito

Compared 9% of the time

ForgeRock vs Amazon Cognito

Compared 4% of the time

SecureAuth Identity Platform vs Amazon Cognito

Compared 2% of the time

More Amazon Cognito Competitors

Microsoft Entra ID vs CyberArk Privileged Access Manager

Compared 9% of the time

WALLIX Bastion vs CyberArk Privileged Access Manager

Compared 6% of the time

Delinea Secret Server vs CyberArk Privileged Access Manager

Compared 6% of the time

Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager

Compared 5% of the time

Bitwarden vs CyberArk Privileged Access Manager

Compared 4% of the time

More CyberArk Privileged Access Manager Competitors

Product Reports

Amazon Cognito

Download Amazon Cognito product report

CyberArk Privileged Access Manager

Download CyberArk Privileged Access Manager product report

CyberArk Privileged Access Manager report

Also Known As

No data available

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault

Overview

Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices. You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. With Amazon Cognito, you can save any kind of data in the AWS Cloud, such as app preferences or game state, without writing any backend code or managing any infrastructure. This means you can focus on creating great app experiences instead of having to worry about building and managing a backend solution to handle identity management, network state, storage, and sync.

Amazon Web Services (AWS)

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers

Rockwell Automation

Amazon Cognito vs. CyberArk Privileged Access Manager