CyberArk named leader in Forrester Wave report for PIM 2025
CyberArk has been named a leader in the Forrester Wave report for Privileged Identity Management (PIM) for the third quarter of 2025.
The independent analyst report assesses vendors on 22 key criteria, praising CyberArk for its performance in areas such as least privilege access management, just-in-time privilege, and innovation, as well as its overall vision to strengthen privilege controls for every type of identity, including human, machine and artificial intelligence.
CyberArk achieved the highest possible score in 15 evaluation criteria. According to the report, these included vision and innovation, least privilege access management, just-in-time privilege, privileged task automation, credential and secrets management, session management, endpoint privilege management and monitoring, scalability, development, and DevOps integration.
Matt Cohen, Chief Executive Officer of CyberArk, said:
"Being recognised as a leader in privileged identity management reflects for us the strength of our vision, the depth of our platform and our relentless focus on protecting what matters most: identities and the sensitive information they access. Privileged access is no longer limited to IT users. As organisations face increasingly sophisticated threats, it's imperative that every identity across the enterprise – human, machine, and AI – is secured with the right level of privilege controls. This recognition validates our strategy, our innovation and the trust customers place in us every day."
The Forrester report highlights the ongoing challenges facing organisations as they attempt to control privileges in dynamic IT environments comprised of increasingly varied systems, applications and platforms. The report states, "CyberArk's bold vision to secure every identity – human, machine and AI – is reinforced through its innovation focus, featuring both heavy investment in R&D and strategic acquisitions."
Platform capabilities
Forrester outlined CyberArk's "comprehensive privileged access capabilities," which include an AI-driven roadmap that incorporates AI assistants throughout the platform to support security teams and streamline workflows. The company's advanced just-in-time privilege feature is designed to issue access rights only when necessary, with automated revocation as soon as tasks are completed, minimising exposure and risk.
CyberArk also provides a no-code automation tool, allowing security teams to orchestrate privileged tasks securely without code development. Platform expansion over the past two years, marked by the acquisition of Venafi (machine identity management) in 2024 and Zilla Security (modern identity governance and administration) in 2025, has further widened the reach and capabilities of CyberArk's unified Identity Security Platform.
The report described the architecture as a "future-proofing" approach, with wellintegrated privileged identity management capabilities and embedded security guidance, offering improved usability for both end users and administrators.
Identity security approach
By providing comprehensive identity security across machine identities, IT users, and developers, the CyberArk Identity Security Platform offers identity governance and supports Zero Trust strategies along with least privilege enforcement.
The report positions CyberArk as a supplier of a unified suite for protecting a range of enterprise identities. These include not only traditional IT and workforce users but also the expanding number of non-human identities now integral to business and IT operations, such as automated software and artificial intelligence agents.
CyberArk's strategy in recent years has centred on integrating capabilities to secure all identities at all times, regardless of location, by applying fine-grained, conditional controls and comprehensive threat prevention.
