We performed a comparison between CyberArk Privileged Access Manager and One Identity Manager based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."The implementation of the PSM proxy has reduced the specific risk of "insider attacks" on our domain controllers and SLDAP servers by eliminating direct user login by an open secure connection on the user's behalf without ever revealing the privileged credentials."
"It has helped from an auditing perspective identify who has access to privileged accounts."
"It is scalable."
"CyberArk Privileged Access Manager is stable."
"CyberArk PAM can be easily automated."
"The most valuable feature is Special Monitoring."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"It helps our customers in their software requirement imports."
"The Data Importer is a great tool to create an ETL. It generates code which is easy to maintain later without the tool."
"The back-end, its capabilities, and workflows are very good."
"For the recertification and segregation of duties, it's easier to know all the information about our employees. If we need to delete some information, we can do it from a central point, then it can be deleted on all our searches. This is very good for GDPR."
"One Identity enables us to provide users with permissions for only the roles that they need. We can use segmentation to ensure that users don't have roles that can cause trouble in the business."
"Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes."
"The policy and role management features are superb. If you have a customer who is willing to go somewhere with role management, then the possibilities are endless with the product. It is well-structured, and the architecture is well-defined."
"We no longer keep users who shouldn't exist."
"The One Identity birthright process has helped generate user accounts more accurately and quickly."
"The current interface is not very intuitive."
"The continuous scanning of the assets is limited to Windows and Unix. We like to have the solution scan any databases, network devices, and security devices for privileged accounts. That would be very helpful."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"One of our current issues is a publishing issue. If we whitelist Google Chrome, all the events of Google Chrome should be gone. It is not happening."
"Sometimes the infrastructure team is hesitant to provide more resources."
"The authentication port is available in CyberArk Alero but not Fortinet products."
"The support services could act faster when people reach out to resolve issues."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"The support for DevOps could be improved with quick delivery cycles and multiple delivery streams."
"The web portal can be a bit muggy at times. This is one of the key complaints from our customers."
"The initial set up was quite complex. It takes quite some time to get use to this product because of its complexity."
"One Identity Manager needs to come up with many more out-of-the-box connectors, similar to Workday and ServiceNow."
"With technical support, it is always an issue to get the right person. They do have good technical people in support, but it is sometimes not so easy to get them."
"One of the things we would like is the ability to have more than one system role manager. That would be nice. For example, when people are on vacation, sometimes it gets a little hard to administrate system roles."
"The philosophy behind One Identity Manager has always been that there's not one way of working and that you can set it up according to your own identity and access management philosophy, but what would make it better is by shortening the setup time and the learning curve time. If the team could create some best practices with a wizard to set the solution up within companies, that would be a killer feature and would help make identity access management more approachable. That would also help companies that don't have the resources or a dedicated team to set up One Identity Manager. What I'd like to see in the next release of the solution is the addition of just released application governance parts. That would sound promising. It would also be interesting if the team sets up best practice startup wizards, so you could set up One Identity Manager according to selectable best practice wizards instead of setting it up completely by yourself."
"There are several smaller parts of the tool that have room for improvement."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 144 reviews while One Identity Manager is ranked 3rd in Identity Management (IM) with 77 reviews. CyberArk Privileged Access Manager is rated 8.8, while One Identity Manager is rated 8.0. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of One Identity Manager writes "The JML is customizable but the support team isn't strong". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas One Identity Manager is most compared with SailPoint Identity Security Cloud, Oracle Identity Governance, EVOLVEUM midPoint, Cisco ISE (Identity Services Engine) and ForgeRock.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.