Secure, manage and track shared and privileged accounts across your organization

Left unmanaged, privileged credentials and accounts are susceptible to exploitation by external attackers and malicious insiders. At a minimum, unprotected and unmanaged privileged accounts can result in failed audits. Even worse, they can lead to high value data loss, service disruption and expensive remediation efforts. As a result, Privileged Identity Management is one of the biggest challenges organizations face today.

CyberArk Enterprise Password Vault, part of the CyberArk Privileged Account Security Solution, enables organizations to secure, manage and track the use of privileged credentials whether on-premise or in the cloud, across operating systems, databases, applications, hypervisors, network devices and more. CyberArk Enterprise Password Vault is the only product that addresses Privileged Identity Management challenges by combining multiple layers of built-in security, fast time-to-value, ongoing operational efficiency and ease-of-use with the enterprise-grade capabilities needed for successful deployments. The product is built on the CyberArk Shared Technology Platform, delivering scalability, high availability and centralized management and reporting.

CyberArk Enterprise Password Vault offered a best practice approach to compliance, enabling us to better enforce policies and automate password replacement.

Jethro Cornelissen

Global Lead & Head of Global Security Operations Center Rabobank International

  1. Features
  2. Benefits

Security and Audit Come First.

  • Uses CyberArk’s patented, ICSA certified Vaulting Technology®, which employs multiple built-in layers of security to protect privileged credentials.
  • Tamper proof audit logs and session monitoring for audit integrity.
  • Customizable “request workflows” for credential access approval including dual controls, integration with helpdesk ticketing systems and multiple additional parameters.
  • Flexible password policy management including password aging, complexity, versioning policy and archiving.
  • Out-of-the-box support for multi-factor authentication systems.
  • Automatic policy enforcement for the lifecycle of privileged accounts with the flexibility to easily enforce granular policies for specific compliance or business unit requirements.

Fast Time to Value and Ongoing Operational Efficiency.

  • Automated privileged identity management including discovery and provisioning, policy-based password changes, and access controls.
  • Out-of-the-box management of privileged credential access to over 100 operating systems, databases, firewalls, network devices, virtual environments, websites and cloud-based applications.
  • Extensible support for additional target systems with unique plug-in architecture for fast integration.
  • Automated password verification and reconciliation to minimize operational and incident response delays.

Enterprise-Proven Scalability and Manageability.

  • Scalable to manage hundreds of thousands of privileged accounts.
  • Central policy management with distributed enforcement points for multisite and segmented network deployments.
  • Built in disaster recovery and high availability.
  • Out of the box integration with enterprise infrastructure and security solutions including:
  • Directory services
  • Identity management solutions.
  • Authentication systems
  • Vulnerability scanners
  • Security information and event management systems
  • Helpdesk ticketing and workflow, ticketing & workflow, systems

Easy on the Users

  • Intuitive, role-based web interface.
  • Scheduled, pre-built audit reports on credential access and use and; policy compliance.
  • Access privileged credentials from mobile devices including credential requests and workflow approvals.
  • Direct connection to managed devices for users, eliminating the need to copy/paste privileged credentials.

Integrated with CyberArk Privileged Account Security Solution

  • CyberArk Shared Technology Platform delivers scalability, high availability and centralized management and reporting
  • Out-of-the-box integration with Privileged Account Security products provides complete management, monitoring, recording and secure single-sign-on for privileged accounts

Security and Accountability Come First.

CyberArk Enterprise Password Vault was built from the ground up to ensure the best privileged account management. It provides multiple layers of security and accountability to keep privileged credentials secure while providing a complete audit trail. The vault includes FIPS-140 compliant file encryption, access controls, authentication, firewalls and session encryption capabilities.

Our integrated security is backed up by a detailed audit record of all successful and unsuccessful credential access attempts, along with identity of the specific user requesting access, the date, time and specific reason for the credentials being used.

CyberArk Enterprise Password Vault also supports multiple, flexible options for customer credential request workflows, adding an additional layer of security to privileged credentials.

Fast Time to Value.

CyberArk Enterprise Password Vault is ready to go out-of-the-box. It provides full lifecycle management of privileged credentials including auto-discovery and provisioning of privileged accounts, and integrates with enterprise directory services, vCenter and most broad-based identity management and provisioning systems. Setting global policies and exceptions is fast and simple.

Out of the box, CyberArk Enterprise Password Vault integrates with over 100 operating systems, databases, applications, hypervisors, firewalls, network devices, and cloud applications. For unique situations, it provides extensible support for a wide range of target systems including use of an efficient plug-in architecture.


In enterprise deployments, privileged account solutions need to scale, be simple to manage, provide redundancy and high availability, CyberArk Enterprise Password Vault is trusted by more than 1,000 organizations, including nearly half of the Fortune 100. It has been proven to scale to hundreds of thousand credentials.

Easy on the Users.

Windows and UNIX administrators, DBAs and other system administrators have enough complexity in their lives already. CyberArk Enterprise Password Vault was designed with them in mind. It offers a role-based web console to access credentials, manage users, policy and audit records. It provides direct connection to managed devices and web applications, and doesn’t force changes to IT administrators’ workflow.