CyberArk Vault / Privileged Access Manager - Self-Hosted Compatibility


PTA versions lower than 11.3 are not compatible with CyberArk Vault version 11.3 and higher.


Required Version

Integrate the Vault with SIEM and PTA

CyberArk Vault version 7.2.5 or higher

Support automatic threat containment using PAM - Self-Hosted integration, for Overpass the Hash attack and Suspected Credential Theft security events

CyberArk Vault version 9.3 or higher

Support automatically adding Unmanaged Privileged Accounts to the pending accounts queue

CyberArk Vault version 9.7 or higher

For AWS accounts, CyberArk Vault version 10.8 or higher

Configure Golden Ticket detection

CyberArk Vault version 9.8 or higher

Support the Privileged Session Management integration

CyberArk Vault and PVWA version 9.8 or higher


Privileged Session Management integration works with lower versions of CyberArk Vault, but without the ability to report Privileged Session Analysis results to PVWA.

Support a distributed Vault environment

CyberArk Vault version 9.9.5 or higher

Support sending PTA alerts to the Vault

CyberArk Vault version 9.10 or higher

Support the reconcile password for Suspicious Password Change

CyberArk Vault version 9.10 or higher

Support automatic session termination

CyberArk Privileged Access Manager - Self-Hosted suite version 10.1 or higher

Include PTA in the PAM - Self-Hosted system health dashboard

PVWA version 12.0 or higher