Amazon Cognito vs CyberArk Privileged Access Manager comparison

Amazon Cognito vs. CyberArk Privileged Access Manager

Download the complete report

Helped 884,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Amazon Cognito

Average Rating

7.6

Reviews Sentiment

6.5

Number of Reviews

Ranking in other categories

Access Management (10th)

CyberArk Privileged Access ...

Average Rating

8.6

Reviews Sentiment

6.8

Number of Reviews

230

Ranking in other categories

User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (1st), Operational Technology (OT) Security (3rd)

Featured Reviews

Bibhupada Meher

Staff Software Engineer at Visa

Custom authentication has enabled secure multi-factor logins and unified access across apps

The features or capabilities of Amazon Cognito that I have found the most valuable so far include its seamless operation and the requirement of fewer integrations from the client side. All the features are there, enabling us to create the users, manage the groups, and manage access. Mostly, the access management is very good in Amazon Cognito, I would say. The benefits and positive impacts that Amazon Cognito has had in my experience include the fact that earlier we needed to implement so many things on behalf of the product itself. Now, the go-to-market strategy requires less than a week to complete integrations of the user flow, specifically mentioning that a basic authentication flow could be completed in a week itself. We don't have to care about how we manage the passwords, how we manage groups, and how we manage access management because all those things are there. It's handy, the documentation is very good, and it is easy to integrate. That's the reason I would say that the impact AWS is building on the product is great.

Read full review

Atul-Gujar

CyberArk manager at a comms service provider with 10,001+ employees

Secures critical infrastructures with essential user session audit records

A potential area for improvement is enhancing support for cluster environments and distributed Vaults. Clients in multiple countries that need central access have different challenges that require better solutions from CyberArk. For financial services, CyberArk can improve incident response by ensuring fast support for critical priority tickets to meet compliance requirements. Providing more documentation on CyberArk is recommended for new team members to enhance their troubleshooting capabilities. I understand it's up to the client, but 99% fail to change the demo key, so it's crucial for CyberArk to emphasize changing the key and documenting it as part of the installation process.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution is proto connective and integrates well with other AWS services."

"The features or capabilities of Amazon Cognito that I have found the most valuable so far include its seamless operation and the requirement of fewer integrations from the client side."

"What I find most valuable about Amazon Cognito is the single sign-on feature that provides a token for accessing protected APIs."

"What is quite valuable is that we can outsource storage of the credentials to AWS, and they manage it quite securely."

"One of the key benefits of this software is its ease of integration with a wide range of applications, including mobile apps and web applications. This simplifies the process of integration, and it can be seamlessly incorporated with Azure, Kubernetes, and other software systems."

"They offer a permission tool to help us manage multi-factor authentication."

"Cognito speeds up our development and saves us time."

"The federation is one of the most efficient features as the pricing is competitive."

More Amazon Cognito pros

"CyberArk is the best out there."

"Overall, I would rate it a ten out of ten."

"The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials."

"CyberArk Privileged Access Manager's main benefit is it provides secure access to our servers. There are features to capture the user activity, it provides video recording processing. If the users are logged in to the server, we can see what activities they are performing. It's a very nice tool for Privileged Access Management. They have plenty of useful services and the solution has fulfilled our needs."

"AIM has been a great help in automating password retrieval which removes the need for hard-coded credentials."

"The impact of CyberArk Privileged Access Manager on customer operational efficiency is quite positive."

"CyberArk has helped us to identify, store, protect, and monitor the usage of privileged accounts."

"What I appreciate about CyberArk Privileged Access Manager is that it is not only for password security; we can also manage their applications and platforms, and whenever a user logs in, end-to-end protection is handled, including monitoring user activity through PSM servers and reacting to threats with Privileged Threat Analysis."

More CyberArk Privileged Access Manager pros

Cons

"Cognito has the possibility to render the login screen and all the customer flows related to managing the account. Still, it's useless in an international setup. They are unable to localize these screens, so we had to write our own screens and just use the Cognito API."

"In a future release, we would like to have different methods to validate the characteristic of a user. For example, we would like to use biometric data to analyze the behavior of users."

"The MFA related to the solution's side is nonexistent."

"The ease and simplicity of integration could be improved when using this solution. When using Okta, scope is a single endpoint with a parameter as a scope. In the Cognito for each scope, there is a separate endpoint."

"What I found generally lacking in AWS is privileged access management (PAM)."

"I believe this product could improve by enriching user profiles."

"The secure authentication of Amazon Cognito has benefited our company. We were previously using legacy signup systems."

"The setup and configuration can be complex, especially for advanced use cases."

More Amazon Cognito cons

"I would like to see better usability for non-technical people."

"There was a situation when one of our presidents had an issue, but I can't recall the specifics."

"CyberArk has a lot on the privileged access side but they have to concentrate more on the application side as well."

"In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."

"There were a lot of manual steps in the initial setup which could have been automated. I read the 10.4 release that was sent out about a month or two ago, and I saw the steps required for upgrade have been reduced by about 90%. That was a big thing for me, but I still haven't seen that yet because we have not upgrade past 9.9.5."

"Its implementation was very complex. It needs different servers."

"Having a centralized place to manage the solution has been something that I have always wanted, and they are starting to understand that and bring things back together."

"Regarding technical support from CyberArk, while L2 and L3 teams are effective, L1 support requires improvement due to longer response times in critical situations."

More CyberArk Privileged Access Manager cons

Pricing and Cost Advice

"We pay $600 monthly per user for licences and there are no other additional costs."

"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a five out of ten."

"The pricing is bad so I rate it a two out of ten."

"The price of Amazon Cognito is low. The pricing model is based on the users."

"The pricing of this solution is good compared to other solutions on the market."

"The price of the solution depends on the number of users using it."

"The product is relatively inexpensive compared to other tools."

"The price of Amazon Cognito is expensive. We are on an annual subscription."

"They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."

"It is in line with its competitors, but all such solutions cost too much money."

"CyberArk Privileged Access Manager is perceived to be somewhat overpriced compared to similar market products. It is a little bit overvalued. It could come down a little bit for my liking. However, the industry-leading reputation and the quality of service justify the high price point to some extent."

"I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year. You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features."

"I would rate the tool’s pricing a six out of ten."

"I hope to learn how the pricing works so that I can understand it better, but I am certain it is not inexpensive."

"I would rate the cost of CyberArk Privileged Access Manager seven out of ten with ten being the most expensive."

"The pricing for CyberArk Privileged Access Manager is quite expensive, and the pricing varies from region to region. In APAC, CyberArk Privileged Access Manager can be obtained for less than in North America, according to my understanding."

More CyberArk Privileged Access Manager pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Access Management solutions are best for your needs.

See recommendations

884,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Comms Service Provider

10%

Computer Software Company

Manufacturing Company

Healthcare Company

Financial Services Firm

14%

Manufacturing Company

10%

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	4
Large Enterprise	5

By reviewers
Company Size	Count
Small Business	59
Midsize Enterprise	42
Large Enterprise	174

Questions from the Community

What do you like most about Amazon Cognito?

The most valuable feature of the solution is its swift authentication.

What is your experience regarding pricing and costs for Amazon Cognito?

The basic functionality is reasonably priced, but the extended functionalities, especially the extended security, are quite expensive. There is a significant jump from the basic to the extended fun...

What needs improvement with Amazon Cognito?

Branding could be improved. When you use the Amazon Cognito domain and have a panel to login the user, I would add more customization options, such as icons or customization to the modal window whi...

How does Sailpoint IdentityIQ compare with CyberArk PAM?

We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...

What do you like most about CyberArk Privileged Access Manager?

The most valuable features of the solution are control and analytics.

What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?

My thoughts on the pricing of CyberArk Privileged Access Manager depend entirely on the vendors' requirements. If they want their things to be secure, they have to spend accordingly. We have four t...

Microsoft Entra ID vs Amazon Cognito

Comparisons

Compared 35% of the time

Cloudflare One vs Amazon Cognito

Compared 11% of the time

Auth0 Platform vs Amazon Cognito

Compared 10% of the time

OneLogin vs Amazon Cognito

Compared 6% of the time

Fastpath Platform vs Amazon Cognito

Compared 3% of the time

More Amazon Cognito Competitors

One Identity Safeguard vs CyberArk Privileged Access Manager

Compared 5% of the time

Delinea Secret Server vs CyberArk Privileged Access Manager

Compared 4% of the time

Microsoft Entra ID vs CyberArk Privileged Access Manager

Compared 4% of the time

Saviynt Identity Cloud vs CyberArk Privileged Access Manager

Compared 3% of the time

Teleport vs CyberArk Privileged Access Manager

Compared 3% of the time

More CyberArk Privileged Access Manager Competitors

Product Reports

Amazon Cognito

Download Amazon Cognito product report

CyberArk Privileged Access Manager

Download CyberArk Privileged Access Manager product report

CyberArk Privileged Access Manager report

Also Known As

No data available

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault

Overview

Amazon Cognito is a simple user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices. You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline. With Amazon Cognito, you can save any kind of data in the AWS Cloud, such as app preferences or game state, without writing any backend code or managing any infrastructure. This means you can focus on creating great app experiences instead of having to worry about building and managing a backend solution to handle identity management, network state, storage, and sync.

Amazon Web Services (AWS)

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers

Rockwell Automation

Amazon Cognito vs. CyberArk Privileged Access Manager