devtune
Sign Up
CyberArk logo

AI visibility report for CyberArk

Vertical: Secrets Management & Vault

AI search visibility benchmark across 5 platforms in Secrets Management & Vault.

Track this brand
25 prompts
5 platforms
Updated May 17, 2026
15percent

Presence Rate

Low presence

Top-3 citations across 125 prompt × platform pairs

+0.26

Sentiment

-1.00.0+1.0
Positive
#5of 11

Peer Ranking

#1#11
Mid-packin Secrets Management & Vault

Key Metrics

Presence Rate15.2%
Share of Voice6.8%
Avg Position#34.9
Docs Presence0.0%
Blog Presence5.6%
Brand Mentions15.2%

Platform Breakdown

Grok
36%9/25 prompts
Google AI Mode
24%6/25 prompts
ChatGPT
16%4/25 prompts
Gemini Search
0%0/25 prompts
Perplexity
0%0/25 prompts

Overview

CyberArk Conjur is an open-source secrets management platform developed by CyberArk Software (now a Palo Alto Networks subsidiary) and available at conjur.org. It provides centralized authentication, authorization, and auditing of non-human access to secrets — including API keys, database passwords, and TLS certificates — across applications, containers, CI/CD pipelines, and cloud environments. Conjur enforces granular role-based access control through its declarative MAML policy language, supports dynamic credential rotation, and delivers a Secretless Broker for zero-secret application connectivity. It ships in three tiers: a free open-source edition, a self-hosted enterprise version (Secrets Manager Self-Hosted), and a managed SaaS offering (Secrets Manager SaaS). Native integrations span Kubernetes, Ansible, Jenkins, Terraform, AWS, and more, making it a widely adopted secrets backbone in enterprise DevSecOps programs.

CyberArk Conjur is a secrets management platform spanning open-source (Conjur OSS), self-hosted enterprise, and SaaS tiers. It secures non-human identities and machine credentials through policy-based RBAC, encrypted vaulting, dynamic secret injection, and automated rotation, with deep integrations across the DevOps and cloud toolchain.

Key Facts

Founded
1999
HQ
Petach Tikva, Israel (US HQ: Newton, MA)
Founders
Udi Mokady, Alon N. Cohen
Employees
2000-2500
ARR
$1.44B (FY2025, company-wide)
Customers
8,000+
Valuation
~$25B (acquisition price by Palo Alto Ne
Status
Acquired by Palo Alto Networks (NASDAQ: PANW), closed Feb 11

Target users

DevOps and DevSecOps engineers managing CI/CD pipeline secretsPlatform and infrastructure engineers running Kubernetes or containerized workloadsEnterprise security architects designing machine identity and PAM programsCloud and site-reliability engineers in multi-cloud or hybrid environmentsSecurity operations and compliance teams requiring auditable privileged access controls
conjur.org

Key Capabilities10

  • Centralized encrypted secrets vault (AES-256-GCM, Slosilo library, cryptographically audited)
  • Machine Authorization Markup Language (MAML) policy-based RBAC for fine-grained access control
  • Machine identity authentication for containers, Kubernetes pods, CI/CD agents, and cloud workloads
  • Dynamic secret injection and automated credential rotation via built-in and custom rotators
  • Secretless Broker enabling applications to connect to resources without fetching or storing secrets
  • Full audit trails and compliance reporting for privileged access events
  • REST API, CLI, and multi-language SDKs (Ruby, Java, Python, .NET, Go)
  • Multi-tenant account management within a single deployment
  • Three deployment tiers: Open Source (free), Self-Hosted Enterprise, and SaaS (Conjur Cloud / Secrets Manager SaaS)
  • Native PAM vault synchronization with CyberArk Privileged Access Manager (enterprise tier)

Key Use Cases8

  • Securing CI/CD pipelines by eliminating hard-coded credentials in DevOps tooling
  • Kubernetes and container secrets management with native pod-level authentication
  • Non-human / machine identity secrets management for microservices and automation
  • Removing secrets sprawl across multi-cloud and multi-tool environments
  • Enforcing least-privilege access with auditable RBAC policies for compliance
  • Auto-scaling environment secrets management with automated identity enrollment
  • Application security: isolating secrets from application code at runtime
  • Integrating secrets management into enterprise PAM programs alongside CyberArk Vault

Recent Trend

Visibility+1.6 pts
Avg position+7.62
Sentiment-0.16

How AI describes CyberArk3

...ly used successfully at that scale are: 1. HashiCorp Vault 2. AWS Secrets Manager 3. Akeyless Vault 4. CyberArk Conjur 5. Infisical 6. Doppler 7. Google Secret Manager 8. Azure Key Vault But they behave v...

What secrets management tools handle millions of secret reads per day without becoming a performance bottleneck for high-traffic services?

chatgpt-searchDirect CyberArk mention
...hiCorp Vault | Vault Agent Injector, CSI Driver, External Secrets Operator | Yes | Yes | Most common enterprise option | | CyberArk Conjur | Conjur Kubernetes Authenticator, CSI Provider, ESO | Yes | Yes | Strong machine identity focus | | AWS Secrets Ma...

What secrets management platforms integrate directly with container orchestration platforms to inject secrets as environment variables or mounted files?

chatgpt-searchDirect CyberArk mention
\[2\] | | CyberArk Conjur | Partial / workload-focused | Rotated app secrets, some ephemeral access flows | Better known for enterprise PAM + app identity than broad dynamic secret engines.

What secrets vault tools support dynamic secrets — generating short-lived credentials on demand rather than storing long-lived tokens?

chatgpt-searchDirect CyberArk mention

Most cited sources8

Alternatives in Secrets Management & Vault6

CyberArk Conjur positions itself as the enterprise-grade, security-first secrets management platform most tightly integrated with privileged access management (PAM).

  • Its open-source tier (Conjur OSS) provides a low-barrier community entry point, while its enterprise tiers (Secrets Manager Self-Hosted and SaaS) differentiate on FIPS-validated cryptography, deep PAM vault synchronization, granular MAML-based RBAC, and a broad DevOps integration ecosystem.
  • CyberArk targets organizations that already operate — or plan to adopt — a broader CyberArk/Palo Alto Networks identity security stack, making Conjur a natural upsell from PAM.
  • It competes on depth of enterprise controls and machine-identity coverage rather than developer simplicity or price transparency, putting it above HashiCorp Vault and Delinea for regulated large enterprises, but below more developer-friendly tools like Doppler or Infisical for SMB and greenfield cloud-native teams.
View category comparison hub

Reviews

4.5/5G2·17+4.4/5Gartner Peer Insights·89+

Praised

  • Strong RBAC and policy-based access controls
  • Open-source accessibility and community edition
  • Native Kubernetes and container authentication
  • Broad DevOps tool integrations (Ansible, Jenkins, Terraform)
  • Enterprise stability and consistent release cadence
  • Compliance auditing and detailed audit trails
  • Splunk integration for reporting
  • Seamless upgrade path from OSS to enterprise

Criticized

  • Steep learning curve for new users
  • Complex initial setup and configuration
  • Opaque and high enterprise pricing
  • No public web UI in OSS tier
  • Conjur sync latency in very large environments
  • Overwhelming documentation for beginners
  • Limited dynamic secrets support for GCP and Azure
  • Significant professional services dependency for enterprise onboarding

Conjur receives positive marks from enterprise security and DevOps practitioners for its robust RBAC, open-source accessibility, and strong DevOps integrations. Recurring criticisms center on a steep learning curve, complex initial setup, and opaque enterprise pricing. Gartner Peer Insights reviewers praise its stability and release cadence for enterprise use, while noting sync latency in very large environments and gaps in dynamic GCP/Azure secret coverage. G2 reviewers highlight its value for container authentication, compliance auditing, and Splunk integration, but flag initial navigation complexity.

Pricing

Conjur OSS is free and community-supported under GNU LGPL v3.0, with users bearing their own infrastructure costs (e.g., AWS EC2 charges starting at ~$0.067/hour for a medium instance). Secrets Manager Self-Hosted (Conjur Enterprise) and Secrets Manager SaaS (Conjur Cloud) carry no public list pricing; CyberArk prices primarily by number of 'identities' (applications, pods, workloads) accessing secrets. Enterprise deployments typically require direct sales negotiation and often incur significant professional services costs for initial setup and integration. No free trial or self-serve checkout is publicly available for enterprise tiers.

Limitations

  • Conjur OSS lacks a web dashboard UI and native PAM vault synchronization, which are enterprise-only features.
  • Initial setup and MAML policy authoring carry a steep learning curve, particularly for teams new to secrets management concepts.
  • Documentation can be overwhelming for beginners.
  • The enterprise product is best suited for large organizations; smaller environments may find it over-engineered and costly relative to alternatives.
  • Pricing is opaque with no public list pricing; identity-based billing can become expensive at scale with many ephemeral microservices or pods.
  • Large-scale deployments have reported Conjur sync latency issues that can affect high-availability systems.
  • Dynamic secrets support for GCP and Azure is noted as less mature than AWS coverage.
  • Conjur OSS community support relies on forums (CyberArk Commons/Discourse) rather than SLAs.

Frequently asked questions

Topic Coverage

Capability5/5DevEx0/5Integrations &Ecosystem4/5Performance &Reliability2/5Setup & First Run4/5

Prompt-Level Results

Brand citedCompetitor citedNot cited
PromptGrokGemini SearchGoogle AI ModeChatGPTPerplexity
Capability5/5 cited (100%)

What secrets platforms support PKI and TLS certificate lifecycle management alongside API key and credential storage?

Which secrets management platforms support automatic secret rotation for database credentials and third-party API keys without service restarts?

What secrets vault tools support dynamic secrets — generating short-lived credentials on demand rather than storing long-lived tokens?

Which secrets management tools have a full audit log of every secret access event for SOC 2 compliance reporting?

I need a secrets manager with fine-grained access policies so different microservices only see the secrets they need — which platforms handle this well?

Developer Experience0/5 cited (0%)

Which secrets management tools give developers a great CLI experience for injecting secrets into local development without copying values manually?

What secrets vault tools do platform engineering teams prefer for their developer-friendliness and ability to manage secrets per environment and service?

What secrets platforms let developers sync environment-specific secrets to their local machine with a single command and automatic updates on rotation?

Which secrets management tools make it easy for non-DevOps engineers to request access to new secrets through a self-service UI?

Looking for a secrets manager that integrates with my IDE so I can reference secrets in code without ever seeing the actual values — what are my options?

Integrations & Ecosystem4/5 cited (80%)

Which secrets management tools support SSO and identity provider integration so access is tied to existing employee directory accounts?

What secrets management platforms integrate directly with container orchestration platforms to inject secrets as environment variables or mounted files?

Which secrets managers have native integrations with major CI/CD platforms so pipelines can pull secrets without custom scripting?

Looking for a secrets vault that syncs with major cloud provider secret stores so we can use a single interface across multi-cloud infrastructure — what are the options?

What secrets platforms work well with IaC tools so infrastructure provisioning can pull secrets dynamically rather than from static config files?

Performance & Reliability2/5 cited (40%)

What secrets management tools handle millions of secret reads per day without becoming a performance bottleneck for high-traffic services?

What secrets vault platforms offer client-side caching so applications don't hammer the vault on every request?

Which cloud-hosted secrets managers have the best uptime SLA and automatic failover for teams that can't tolerate secrets service downtime?

Which secrets management tools maintain performance at enterprise scale with thousands of services and tens of thousands of secrets?

Which secrets vault platforms are built for high-availability with multi-region replication so secret reads never block a production deployment?

Setup & First Run4/5 cited (80%)

Which self-hostable secrets vault platforms are easiest to get running in an air-gapped enterprise environment with active directory integration?

Which secrets vault platforms can a small DevOps team deploy and configure in a day to replace hardcoded credentials across services?

I'm evaluating cloud-hosted secrets managers for a 20-person team — which ones offer the smoothest developer onboarding with a CLI and IDE plugin?

What secrets management tools work out of the box with a container orchestration platform without needing custom sidecar configurations?

What's the easiest secrets management tool to set up for a startup currently storing API keys in environment variable files committed to version control?

Strengths1

  • What secrets platforms support PKI and TLS certificate lifecycle management alongside API key and credential storage?

    Avg # 5.0 · 2 platforms

Gaps5

  • Looking for a secrets vault that syncs with major cloud provider secret stores so we can use a single interface across multi-cloud infrastructure — what are the options?

    Competitors on 5 platforms

  • Which secrets management tools support SSO and identity provider integration so access is tied to existing employee directory accounts?

    Competitors on 4 platforms

  • Which secrets management tools give developers a great CLI experience for injecting secrets into local development without copying values manually?

    Competitors on 4 platforms

  • What secrets vault tools do platform engineering teams prefer for their developer-friendliness and ability to manage secrets per environment and service?

    Competitors on 4 platforms

  • What secrets vault platforms offer client-side caching so applications don't hammer the vault on every request?

    Competitors on 4 platforms

Vertical Ranking

#BrandPres.SoVDocsBlogMent.PosSentiment
1Infisical56.0%26.3%0.0%49.6%53.6%#25.5+0.27
2HashiCorp50.4%23.4%24.0%1.6%50.4%#18.2+0.26
3Akeyless41.6%16.9%5.6%39.2%40.8%#28.2+0.22
4Doppler34.4%13.3%7.2%25.6%33.6%#27.4+0.26
5CyberArk15.2%6.8%0.0%5.6%15.2%#34.9+0.26
6Keeper Security14.4%3.1%5.6%8.0%14.4%#23.0+0.15
7Bitwarden, Inc.10.4%3.1%0.8%5.6%10.4%#27.1+0.34
81Password8.0%4.3%4.0%4.0%8.0%#47.5+0.42
9Delinea4.8%2.4%4.0%0.0%4.8%#50.9+0.10
10Fortanix1.6%0.2%0.0%0.0%1.6%#17.0+0.00
11BeyondTrust0.8%0.1%0.0%0.8%0.8%#15.0+0.00

Turn this into your team dashboard

Sign up to unlock project-level analytics, daily tracking, actionable insights, custom prompt configurations, adoption tracking, AI traffic analytics and more.

Get started free