Try our new research platform with insights from 80,000+ expert users

AWS CloudTrail vs CyberArk Privileged Access Manager comparison

Amazon Web Services (AWS) and CyberArk are both solutions in the User Activity Monitoring category. Amazon Web Services (AWS) is ranked #2 with an average rating of 8.6, while CyberArk is ranked #1 with an average rating of 8.6. Amazon Web Services (AWS) holds a 6.5% mindshare in UAM, compared to CyberArk’s 11.2% mindshare. Additionally, 100% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 95% of CyberArk users who would recommend it.
AWS CloudTrail
Read 15 AWS CloudTrail reviews
  • 401 Views
  • 401 Comparison Views
100% willing to recommend
CyberArk Privileged Access ...
Read 228 CyberArk Privileged Access Manager reviews
  • 15,344 Views
  • 153 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 3, 2025

CyberArk Privileged Access Manager and AWS CloudTrail compete in the privileged access and API call logging category, respectively. CyberArk appears to have an edge in enterprise-focused security features, while AWS CloudTrail is better suited for those using AWS environments.

Features: CyberArk Privileged Access Manager provides password vaulting, session management, and threat analytics for comprehensive enterprise security. AWS CloudTrail offers detailed API call logging, management events monitoring, and integration with AWS services for enhanced AWS environment visibility.

Room for Improvement: CyberArk could streamline deployment complexity and improve plugin offerings. AWS CloudTrail could benefit from reduced log visibility lag and better integration with non-AWS services.

Ease of Deployment and Customer Service: CyberArk supports on-premises, cloud, and hybrid setups but its deployment can be complex and requires significant support. AWS CloudTrail, as a SaaS offering, is easy to deploy in AWS environments and benefits from AWS's global support network.

Pricing and ROI: CyberArk is priced at a premium due to its robust capabilities, making it ideal for larger enterprises with substantial security needs. AWS CloudTrail offers a cost-effective option for those heavily integrated with AWS, with minimal costs unless extensive data storage is required.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS CloudTrail vs. CyberArk Privileged Access Manager Report (Updated: September 2025).
Buyer's Guide
AWS CloudTrail vs. CyberArk Privileged Access Manager
September 2025
Download the complete report
Helped 868,759 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS CloudTrail
Ranking in User Activity Monitoring
2nd
Average Rating
8.6
Reviews Sentiment
6.4
Number of Reviews
15
Ranking in other categories
No ranking in other categories
CyberArk Privileged Access ...
Ranking in User Activity Monitoring
1st
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
228
Ranking in other categories
Enterprise Password Managers (3rd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
 

Mindshare comparison

As of October 2025, in the User Activity Monitoring category, the mindshare of AWS CloudTrail is 6.5%, down from 10.8% compared to the previous year. The mindshare of CyberArk Privileged Access Manager is 11.2%, down from 23.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
User Activity Monitoring Market Share Distribution
ProductMarket Share (%)
CyberArk Privileged Access Manager11.2%
AWS CloudTrail6.5%
Other82.3%
User Activity Monitoring
 

Featured Reviews

NabeelHassan - PeerSpot reviewer
Exploring management events and insights for enhanced compliance
More controls should be introduced in CloudTrail, especially to see the logs in CloudTrail itself without saving them in S3, as S3 starts to incur charges. Real-time log submission could be improved, as sometimes there is a lag of around two to three minutes, which should be under a minute.
Read full review
Atul-Gujar - PeerSpot reviewer
Secures critical infrastructures with essential user session audit records
A potential area for improvement is enhancing support for cluster environments and distributed Vaults. Clients in multiple countries that need central access have different challenges that require better solutions from CyberArk. For financial services, CyberArk can improve incident response by ensuring fast support for critical priority tickets to meet compliance requirements. Providing more documentation on CyberArk is recommended for new team members to enhance their troubleshooting capabilities. I understand it's up to the client, but 99% fail to change the demo key, so it's crucial for CyberArk to emphasize changing the key and documenting it as part of the installation process.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have not encountered any stability issues, glitches, or performance problems with AWS CloudTrail."
"In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the employees' activities, revealing that they were downloading specific files from our customer's environment. Without it enabled, we wouldn't have been aware of this."
"AWS CloudTrail features a totally cloud-based deployment."
"AWS CloudTrail integrates with AWS Config and provides custom event, security, and compliance auditing."
"AWS CloudTrail helps in accelerating incident investigation and response. It increases it because I pull out the logs to CloudTrail, and from CloudTrail watch, I'll send it to the Security Hub and do a visualization with Prometheus and Grafana."
"What I found most valuable in AWS CloudTrail is that it provides a good context of what's happening in the environment, so it's an excellent way to baseline what's occurring. I also like that AWS CloudTrail helps with audits."
"The solution is good as a central logging platform for showing all cloud events."
"It is a stable solution. AWS handles it well."
More AWS CloudTrail pros
"Session monitoring is excellent. It may be the solution's most valuable aspect."
"CyberArk Privileged Access Manager indeed helps meet compliance and regulatory requirements for customers, especially in the financial sector, by aligning with PCI DSS standards."
"The key aspects of privileged access management are being able rotate passwords, make sure someone is accountable, and tie it back to a user (when the system is being used)."
"The solution is stable."
"CyberArk Privileged Access Manager is stable."
"The most valuable feature of CyberArk Privileged Access Manager is the vault. I am satisfied with the interface and the documentation."
"The most valuable features of CyberArk Enterprise Password Vault are password vaulting and automatic rotation of passwords after use."
"This is a complete solution that can detect cyber attacks well."
More CyberArk Privileged Access Manager pros
 

Cons

"AWS CloudTrail should be redesigned to capture non-API calls. It would be more effective to have one tool that can perform multiple tasks instead of relying on multiple services for non-API activities."
"AWS CloudTrail does not fit directly into our architecture as it functions more as a helper service, which limited our utilization of its capabilities."
"AWS CloudTrail can sometimes generate too much information, which might lead to a lot of unnecessary data, particularly false positives."
"Maybe if we could do direct queries on CloudTrail without needing to export it to Athena, that'd be great."
"AWS CloudTrail only supports AWS, and Azure has its functions, GCP has their own. Dynatrace offers more flexible dashboards and services, making it more adaptable compared to AWS CloudTrail."
"More controls should be introduced in CloudTrail, especially to see the logs in CloudTrail itself without saving them in S3, as S3 starts to incur charges."
"I have not experienced any challenges while using it."
"The solution's operation visibility could be improved."
More AWS CloudTrail cons
"The scalability, sometimes, is lacking. It works really well for more static environments... But for an environment where you're constantly spinning up new infrastructure or new endpoints, sometimes it has a hard time keeping up."
"I would love them to improve their UI customizing features."
"My concern and area for improvement revolves around reporting."
"The reporting should be improved. There should be more customization."
"The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"CyberArk Enterprise Password Vault's GUI has certain shortcomings that need improvement."
"The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple."
More CyberArk Privileged Access Manager cons
 

Pricing and Cost Advice

"AWS CloudTrail is pretty affordable, and I have to double-check, but the service is free to use. I can add logs on the console, but if I want to store logs long-term, then I have to pay a storage fee, but it's relatively inexpensive."
"CloudTrail itself is free of cost."
"AWS CloudTrail is free."
"AWS CloudTrail is a cheap solution."
"It is a very cheap service because management is a SaaS offering from AWS."
"The solution is free if you don't need customizations but is not expensive otherwise."
"Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
"The price of CyberArk Privileged Access Manager could be less expensive."
"The solution is cost-effective for the features."
"I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year. You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features."
"I do not have any opinions to add about the pricing of the product."
"It's not a cheap application. It's very expensive."
"It's expensive, certainly. But CyberArk is the leader in the market with regards to privileged access management. You pay a lot, but you are paying for the value that is being delivered."
"The price of CyberArk Privileged Access Manager is expensive. There are no other fees other than the standard licensing fees."
More CyberArk Privileged Access Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which User Activity Monitoring solutions are best for your needs.
See recommendations
868,759 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
15%
Computer Software Company
14%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise7
Large Enterprise3
By reviewers
Company SizeCount
Small Business59
Midsize Enterprise41
Large Enterprise171
 

Questions from the Community

What do you like most about AWS CloudTrail?
In one specific scenario, we encountered a situation where a terminated employee still had access to our environment without our knowledge. With AWS CloudTrail, we could track and monitor the emplo...
See all answers
What is your experience regarding pricing and costs for AWS CloudTrail?
AWS CloudTrail is categorized into management events, data events, and CloudTrail Insights. For one hundred thousand events, management costs are approximately two dollars, data events ten cents, a...
See all answers
What needs improvement with AWS CloudTrail?
I have not experienced the Trail feature of AWS CloudTrail in tracking changes to AWS infrastructure. AWS CloudTrail could benefit from more comprehensive documentation and broader service integrat...
See all answers
How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
See all answers
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
See all answers
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
Regarding costs, CyberArk Privileged Access Manager is not a cheap product; hence, many companies struggle with its high licensing cost. While it's valuable, it comes with a high price tag, making ...
See all answers
 

Comparisons

No data available
Microsoft Entra ID vs CyberArk Privileged Access Manager Logo
Microsoft Entra ID vs CyberArk Privileged Access Manager
Compared 7% of the time
WALLIX Bastion vs CyberArk Privileged Access Manager Logo
WALLIX Bastion vs CyberArk Privileged Access Manager
Compared 6% of the time
Delinea Secret Server vs CyberArk Privileged Access Manager Logo
Delinea Secret Server vs CyberArk Privileged Access Manager
Compared 5% of the time
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager Logo
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager
Compared 5% of the time
Bitwarden vs CyberArk Privileged Access Manager Logo
Bitwarden vs CyberArk Privileged Access Manager
Compared 5% of the time
More CyberArk Privileged Access Manager Competitors
 

Product Reports

Buyer's Guide
AWS CloudTrail
September 2025
AWS CloudTrail reportDownload AWS CloudTrail product report
Buyer's Guide
CyberArk Privileged Access Manager
September 2025
CyberArk Privileged Access Manager reportDownload CyberArk Privileged Access Manager product report
 

Also Known As

CloudTrail
CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
 

Overview

AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. CloudTrail provides event history of your AWS account activity, including actions taken through the AWS Management Console, AWS SDKs, command line tools, and other AWS services. This event history simplifies security analysis, resource change tracking, and troubleshooting. In addition, you can use CloudTrail to detect unusual activity in your AWS accounts. These capabilities help simplify operational analysis and troubleshooting.

Amazon Web Services (AWS)

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

  • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
  • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
  • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk
 

Sample Customers

HTC, British Gas, Solinor, 2C2P
Rockwell Automation
Buyer's Guide
AWS CloudTrail vs. CyberArk Privileged Access Manager
September 2025
Free Report: AWS CloudTrail vs. CyberArk Privileged Access Manager
Find out what your peers are saying about AWS CloudTrail vs. CyberArk Privileged Access Manager and other solutions. Updated: September 2025.
DOWNLOAD NOW
868,759 professionals have used our research since 2012.
See our AWS CloudTrail vs. CyberArk Privileged Access Manager report.
See our list of best User Activity Monitoring vendors.

We monitor all User Activity Monitoring reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.