No more typing reviews! Try our Samantha, our new voice AI agent.

Certificate Lifecycle Manager vs Symantec Advanced Authentication comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 2, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Certificate Lifecycle Manager
Ranking in Authentication Systems
5th
Average Rating
8.2
Reviews Sentiment
6.0
Number of Reviews
19
Ranking in other categories
Certificate Management Software (2nd)
Symantec Advanced Authentic...
Ranking in Authentication Systems
22nd
Average Rating
7.8
Reviews Sentiment
8.7
Number of Reviews
9
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Authentication Systems category, the mindshare of Certificate Lifecycle Manager is 1.9%, up from 1.2% compared to the previous year. The mindshare of Symantec Advanced Authentication is 1.5%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Authentication Systems Mindshare Distribution
ProductMindshare (%)
Certificate Lifecycle Manager1.9%
Symantec Advanced Authentication1.5%
Other96.6%
Authentication Systems
 

Featured Reviews

Karthik Kashyap T H - PeerSpot reviewer
Lead Engineer at a retailer with 10,001+ employees
Eliminates certificate expiration outages and offers good customization and reporting capabilities
Even though it allows for email editing, until version 23.1, you had to log on to the server, and the console itself used to take a lot of time. That has changed from the last release onwards. When you're defining the flow, there are some areas that can probably cause confusion to the users. If you want to rename the default field, you cannot rename it, which caused a lot of confusion during the initial days until everyone got settled in. Allowing the renaming or updating of the default field is something Certificate Manager can improve on. Certificate Manager has both the on-prem and the cloud versions, but the on-prem version is far more mature than the cloud version, which lacks a lot of features that the on-prem version offers, at least when we did the POC and evaluated the product. The maturity of the cloud version needs improvement. Additionally, when considering the on-prem version, there is a minor glitch in the system. When an administrator makes changes, they have flexibility regarding the approval flow. When dealing with a certificate that requires approval from several different teams, there is a minor glitch in the system where the name of the approver does not appear. This is a bug that we are currently addressing. Additionally, there is room for improvement in key management. Changing the default account name is not a straightforward process; it can be quite tedious. This is an area where improvements could be made. If there is a particular workflow that we want to tweak, right now, we can achieve it only via a PowerShell script. It would be great if they could also support a small Python script or anything to expand their scripting or adaptable workflow code base. Even though we can call another script from a PowerShell script, if someone doesn't have knowledge of PowerShell, that would be challenging.
Umair (Abu Mohaymin) Akhlaque - PeerSpot reviewer
Group CEO at Flexsolutions
Ensures robust security features and ease of deployment, although it may lack some of the more modern authentication options
There has been a need for aggressive development to modernize the product and align it with contemporary security requirements. While the rebranding has been a step forward, further enhancements are essential to meet the evolving demands of the market. It lacks features such as ActiveSync Exchange security, and it doesn't offer alternatives like password-less authentication via biometrics or patches. While Symantec mainly relies on traditional token-based or password-based methods, newer authentication methods are missing from its repertoire. Support services often lack promptness and depth of knowledge, leaving customers waiting for weeks to resolve issues. In the realm of multifactor authentication, swift resolution of problems is critical, as any slowdown or interruption can significantly impact operations. Urgent improvement is necessary to ensure that support responses are faster and more effective, aligning with the demands of MFA implementation.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"CyberArk Certificate Manager has impacted our organization positively by making our life much easier by automatically updating and deploying certificates so our sites load correctly and we save a lot of time."
"The best feature I appreciate about Venafi is its user interface, which allows me to search for any particular certificate and immediately see the certificate details and expiry."
"Certificate Manager has reduced the certificate expiration outages to almost nil, and since 2022, we have had almost zero major incidents wherein we saw a financial impact or business disruption due to an expired certificate."
"Venafi takes care of automatically renewing and deploying your certificate so that you don't need to worry when it expires."
"The most valuable feature of Venafi is the automation that helps save time and reduce human error."
"Venafi's technical support is impressively fast."
"Venafi's automation capabilities were significant, as they allowed us to automate certificate rotation and deployment effectively."
"CyberArk Certificate Manager has excellent capability in handling certification renewals; whenever you specify any validity period that needs to be renewed within certain days, it triggers automatically, and I appreciate that aspect."
"The most valuable feature is that we get a wide range of authentication methods and authentication integrators, so different platforms can get service authentication with transparency to the final user while providing strong authentication forms and connectors."
"CA products are the best fit with our backend systems."
"Being able to issue a soft token, but still having fairly strong security, is a big factor for us."
"It actually increases our revenue and the customer base."
"It allows us to assure our customers that we are protecting their data."
"Ease of deployment: no need to keep up with physical devices for multi-factor authentication; no software to deploy on end-user computers requiring administrative rights."
"One of the most valuable aspects is its remarkable stability."
"Symantec Advanced Authentication can be useful for wherever you require a strong authentication."
 

Cons

"The support from Certificate Manager needs improvement based on my experience. The response time needs improvement, and it takes too long to resolve or provide solutions for some tickets."
"The product was really good when it was a Venafi product. However, since its acquisition by CyberArk, there has been a lack of significant innovations. They are pushing for cloud adoption, but we prefer on-premises solutions due to regulatory concerns."
"Venafi could enhance its offerings by providing more automation features."
"There are quite a few different technical aspects of Venafi that I feel they just missed out on; I'd have to look at my notes for the specifics."
"I would like to see included in the next release of Venafi integration with the cloud HSM's, Hardware Security Module. Additionally, I would say other cloud services, because it's not only cloud that's essential. If you have a customer that has a lot of their IT moved into cloud, integration with different cloud services is always an area to improve."
"There's definitely lots of room for improvement with Venafi. They have a website where we can suggest new features, and they need to take that a little bit more seriously."
"Venafi excels in automating certificate rotation and deployment but could enhance its offering by improving support for hardware security modules like Fortanix and providing more advanced, out-of-the-box integrations with public certificate authorities for DNS re-verification."
"For the stability of the solution itself, I would rate it a seven."
"Arcot itself is based on a browser technology. This means that the office ID is effectively stored as a cookie in the browser."
"We have seen quite a few issues with bugginess. It is indeed pretty buggy and we have had to install some fixes."
"They definitely need to automate a few processes like the Wiley process."
"Advanced Authentication talks about the Device ID. But how the device ID is captured, I want to know more about that."
"It needs faster implementation on the cloud for our customers."
"Symantec has very bad support, so I have no words for it. It's one of the worst support experiences I've ever had."
"The initial setup of the tenant is a big cost element of the service and we were doing multiple tenants for our customer."
"This solution could be improved with risk-based authentication. I think that this product has everything that most customers are looking for, but modern technology has people looking for security tools with risk-based authentication, which they have a separate tool for. If they could integrate this, it would improve Symantec Advanced Authentication. They have to look at what's newly trending and how things are moving forward, and then adapt and adopt those features. Symantec's technical support should also be improved, in terms of response time."
 

Pricing and Cost Advice

"The pricing model is complex, considering factors beyond the number of certificates. This complexity can make our payments to Venafi challenging if costs continue to rise. It is good but more expensive than the competitors."
"Venafi's pricing appears to be competitive within the market."
"There are eventually going to be implementation costs. Sometimes you're required to have custom code developments there, so that has to be part of the implementation price."
"The price is reasonable."
report
Use our free recommendation engine to learn which Authentication Systems solutions are best for your needs.
904,899 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
8%
Construction Company
7%
Outsourcing Company
7%
Financial Services Firm
22%
Construction Company
19%
Manufacturing Company
9%
Outsourcing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business8
Large Enterprise19
By reviewers
Company SizeCount
Small Business2
Large Enterprise7
 

Questions from the Community

What is your experience regarding pricing and costs for Venafi?
In terms of pricing, they are a little costly, but they are the best in the market today, so I would say they are worth every penny, rating them again at seven or eight.
What needs improvement with Venafi?
CyberArk Certificate Manager can be improved, particularly in terms of integrations with other tools. I would like to see improvements in integrations with ID, Kerberos, or with other companies for...
What advice do you have for others considering Venafi?
Since using CyberArk Certificate Manager, I have seen specific outcomes such as a reduction in incidents because I can work with CyberArk Certificate Manager, where digital certificates are everywh...
Ask a question
Earn 20 points
 

Also Known As

Venafi
CA Advanced Authentication, CA Strong Authentication, CA Risk Authentication, Arcot WebFort, Arcot RiskFort
 

Overview

 

Sample Customers

Surescripts, CME Group, TD Bank Group, Aetna, MoneyGram, Zions Bancorp, Cisco
Global bank, Large Filipino Bank and SK Infosec
Find out what your peers are saying about Certificate Lifecycle Manager vs. Symantec Advanced Authentication and other solutions. Updated: June 2026.
904,899 professionals have used our research since 2012.