<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon

CyberArk-Wiz Partnership: Cloud Security or Cloud Confusion?

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

Yesterday, CyberArk announced a new partnership with Wiz, where they’re touting “complete visibility and control for cloud-created identities.” I know I’ve had my fun poking holes at CyberArk in the past, but with this announcement, they’ve just handed the world a glaringly tone-deaf admission of being outdated, un-innovative, and uninterested in what enterprise security teams actually want. 

This partnership is apparently intended to establish that CyberArk has a cloud security strategy.

Spoiler alert: It doesn’t.

Enterprises are looking to fix the real gaps in cloud security, delivering access that aligns with the dynamic, continuous scaling of cloud environments. CyberArk’s attempt feels like a rushed band-aid rather than the real innovation needed to protect modern infrastructure. As I’ve said previously, security teams deserve better, and that starts by getting the truth on what CyberArk is and is not really announcing.

The Truth Behind the CyberArk Announcement

Here’s the short version: CyberArk needs help to stay relevant. They want to be seen as a cloud security vendor, and they’re hoping Wiz, the reigning Cloud Security Posture Management (CSPM) leader, will make them look like they’re ready for the cloud. The problem is that CyberArk is still clinging to an outdated, legacy version of PAM, which has historically struggled to meet the needs of today’s multi-cloud, cloud-native environments.

This partnership announcement is a distraction. The language in it, and CyberArk’s own track record, demonstrate that the company operates without an understanding of what modern PAMs should be and how they can work for modern environments. Let’s look at what can be expected.

CyberArk’s Cloud Solution: A Long, Long Way Off

First off, this partnership announcement is just that—an announcement. CyberArk may talk about big plans, but bringing a cloud-native PAM solution to market is complex work. Based on CyberArk’s track record, this “solution” could take two or three years to materialize, if it ever does. And IF it ever does, it will be laden with professional services requirements like their other offerings. Why wait years for a half-baked product when StrongDM offers true cloud-ready PAM right now?

CyberArk’s release notes over the last 14 months reveal minor updates that barely scratch the surface of innovation. The company’s DNA is not wired to rapidly build market-ready solutions that address today’s problems. By contrast, at StrongDM we use feedback from customers, prospects, analysts, market trends, and other sources to accelerate and deliver innovative capabilities. We pressure test our theories and while we hold ourselves to high standards, we also push code to ensure that our users are always using the most current fine-grained, policy-based access control capabilities. 

Complexity + Compatibility = [More] Frustration

CyberArk is known for being cumbersome to deploy. It’s a heavy, complex solution that already takes too long to get up and running. Wiz, by contrast, is an agile, modern system that delivers more innovation in a month than CyberArk has done in the past year. There’s zero guarantee that these two platforms will integrate smoothly, and that’s a nice way of saying this partnership will probably introduce new pain points rather than solving your cloud security needs.

Deploying a hybrid solution like this will be challenging, time-consuming, and more than likely to create gaps in your cloud security. StrongDM users don’t have to worry about any of that. We’re not interested in forcing two polar opposite technologies to fit together—we’ve already solved the problem with a unified, frustration-free platform. 

Database, Kubernetes, and Cloud-Native Resources? Still Unprotected

Here’s where the CyberArk-Wiz combo starts to look like a little sleight of hand. The announcement conveniently avoids mentioning that the proposed solution does not actually protect access to Kubernetes clusters, databases, or other cloud-native resources. Think of it like securing the front gate to your estate while leaving all the windows and doors wide open.

CyberArk is offering more “visibility” into cloud resources, but visibility doesn’t equal security. StrongDM gives you true control over who can access what—across your databases, Kubernetes clusters, and all the other places where security threats like to sneak in. CyberArk somehow fails to recognize that no one wants a solution that only protects half the house?

Developer Unfriendly: Complex Solutions Without the Right Documentation

Developers are significant players in the security equation, yet CyberArk has purposefully chosen to forsake developers, which is evidenced by their cumbersome products. Their documentation ignores developer needs and adds unnecessary complexity to the modern workflows in use at every startup and enterprise. The real kicker? CyberArk asks you to pay for the privilege of setting up their software.

StrongDM’s approach is different. Our platform is developer-friendly, with straightforward documentation and intuitive tools that allow your devs integrate and deploy without jumping through hoops. Cloud security shouldn’t require a master’s degree in engineering to figure out.

And note that StrongDM's platform is in use by tens of thousands of developers on a daily basis, and supports tens of millions of resources globally. 

Database Security: A Major Gap CyberArk Hasn’t Covered

Databases are prime targets for attackers—every breach headline seems to confirm that. And yet, in this partnership announcement, there’s no mention of database access management. At StrongDM, we understand that securing databases is non-negotiable, which is why we prioritize database access as part of our Zero Trust PAM solution.

In contrast, CyberArk seems to have overlooked this critical security element, proving that the partnership is just an attempt to put on a good show for the market rather than solving real customer needs.

The Bigger Picture: Why CyberArk is Losing Market Share

For years, CyberArk has struggled to retain customers. It’s no secret—they’re losing market share because of their outdated, complex platform and lack of innovation. The company’s move to partner with Wiz feels less like a meaningful solution and more like an attempt to distract customers from their shortcomings. A new partnership might grab headlines, but it doesn’t change the reality that CyberArk’s platform hasn’t kept up with the demands of modern cloud environments.

StrongDM, however, was built from the ground up to be flexible, adaptable, and, most importantly, relevant in today’s cloud-driven landscape. We don’t believe in half-hearted attempts at innovation or partnerships that simply generate hype without delivering value.

The Bottom Line

Don’t be fooled by the packaging of this release. When it comes to actually securing cloud-native environments, CyberArk has no concrete plans to improve the security health of its users. At StrongDM, we’re already delivering comprehensive, developer-friendly PAM solutions for cloud environments, Kubernetes, databases, and more—no patchwork, no forced compatibility issues, and no waiting required.

If you’re tired of PAM solutions that come with more hype than substance, give us a call. We’re here to provide the security you need right now, not in two or three years. And, we promise to protect all the doors and windows, not just the front gate.


About the Author

, Chief Executive Officer (CEO), before joining StrongDM, Tim founded Evident.io—the first real-time API-based cloud security platform. In 2018, Palo Alto Networks (PANW) acquired Evident.io, and Tim joined the executive team at PANW. As the first Chief Cloud Officer, Tim helped outline GTM and product strategy with the C-suite for the cloud business. Tim also served as the principal architect for Adobe's Cloud Team, designing and scaling elastic AWS infrastructure to spark digital transformation across the industry. Tim’s love for innovation drives his interest as an investor in true market disrupters. He enjoys mentoring startup founders and serving as an advisor.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

How to Streamline PSD2 Compliance with StrongDM
How to Streamline PSD2 Compliance with StrongDM
In this post, we’ll explore what PSD2 compliance challenges businesses face, and how StrongDM simplifies secure access to help organizations confidently meet PSD2 requirements.
13 StrongDM Use Cases with Real Customer Case Studies
13 StrongDM Use Cases with Real Customer Case Studies
Managing access to critical infrastructure is a challenge for many organizations. Legacy tools often struggle to keep up, creating inefficiencies, security gaps, and frustration. StrongDM offers a modern solution that simplifies access management, strengthens security, and improves workflows. In this post, we’ll explore 13 real-world examples of how StrongDM helps teams solve access challenges and achieve their goals.
How to List All Databases in PostgreSQL (6 Methods)
How to List All Databases in PostgreSQL (6 Methods)
Having a complete view of all your databases in PostgreSQL is essential for effective database management. This guide explores six proven methods you can use to quickly list all of your databases.
How to Connect to a PostgreSQL Database (Remotely)
How to Connect to a Remote PostgreSQL Database
Connecting to a remote PostgreSQL database can prove daunting for some teams. Your organization risks losing valuable time, which then leads to lost productivity. Thankfully, there are four different ways to connect to a remote PostgreSQL database and improve your team's efficiency.
What Is Network Level Authentication (NLA)? (How It Works)
What Is Network Level Authentication (NLA)? (How It Works)
Network Level Authentication (NLA) is a security feature of Microsoft’s Remote Desktop Protocol (RDP) that requires users to authenticate before establishing a remote session. By enforcing this pre-authentication step, NLA reduces the risk of unauthorized access, conserves server resources, and protects against attacks like credential interception and denial of service. While effective in securing RDP sessions, NLA is limited to a single protocol, lacks flexibility, and can add complexity in diverse, modern IT environments that rely on multiple systems and protocols.