CyberArk Endpoint Privilege Manager vs IBM Security Secret Server comparison

CyberArk and IBM are both solutions in the Privileged Access Management (PAM) category. CyberArk is ranked #3 with an average rating of 8.7, while IBM is ranked #29. CyberArk holds a 3.2% mindshare in PAM, compared to IBM’s 1.0% mindshare. Additionally, 86% of CyberArk users are willing to recommend the solution, compared to 100% of IBM users who would recommend it.

CyberArk Endpoint Privilege...

Read 38 CyberArk Endpoint Privilege Manager reviews

3,727 Views
1,118 Comparison Views

86% willing to recommend

IBM Security Secret Server

Read 7 IBM Security Secret Server reviews

423 Views
423 Comparison Views

100% willing to recommend

CyberArk Endpoint Privilege...

IBM Security Secret Server

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 6, 2024

CyberArk Endpoint Privilege Manager and IBM Security Secret Server are key players in cybersecurity management. IBM Security Secret Server is favored for its extensive feature set, which appeals to those needing comprehensive security solutions.

Features: CyberArk Endpoint Privilege Manager includes intuitive security management, seamless enforcement of least privilege policies, and user-friendly accessibility. IBM Security Secret Server offers robust integration capabilities, comprehensive security features ideal for complex IT environments, and a broader feature set for intricate security needs.

Room for Improvement: CyberArk could improve customization options, provide more comprehensive user training resources, and enhance user engagement strategies. IBM Security Secret Server needs smoother setup processes, improved integration speeds, and a more streamlined deployment experience.

Ease of Deployment and Customer Service: CyberArk Endpoint Privilege Manager is known for straightforward deployment and proactive customer service, boosting user confidence during implementation. IBM Security Secret Server, while requiring more technical expertise, benefits from reliable client support.

Pricing and ROI: CyberArk offers attractive initial setup costs and favorable ROI, with users noting significant long-term value. IBM Security Secret Server, despite higher initial costs, provides substantial ROI due to its comprehensive feature set, offering a trade-off between price and robustness.

To learn more, read our detailed CyberArk Endpoint Privilege Manager vs. IBM Security Secret Server Report (Updated: September 2025).

Buyer's Guide

CyberArk Endpoint Privilege Manager vs. IBM Security Secret Server

September 2025

Download the complete report

Helped 869,202 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CyberArk Endpoint Privilege...

Ranking in Privileged Access Management (PAM)

3rd

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Endpoint Compliance (5th), Anti-Malware Tools (5th), Application Control (5th), Ransomware Protection (5th)

IBM Security Secret Server

Ranking in Privileged Access Management (PAM)

29th

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of October 2025, in the Privileged Access Management (PAM) category, the mindshare of CyberArk Endpoint Privilege Manager is 3.2%, down from 3.6% compared to the previous year. The mindshare of IBM Security Secret Server is 1.0%, down from 1.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Privileged Access Management (PAM) Market Share Distribution
Product	Market Share (%)
CyberArk Endpoint Privilege Manager	3.2%
IBM Security Secret Server	1.0%
Other	95.8%

Privileged Access Management (PAM)

Featured Reviews

Sumit Chavan

Lead Consultant at Aujas Networks Pvt Ltd

Helps secure the infrastructure and control users with admin rights

There are many features that are currently missing. A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good. Currently, no user-based policy option is available inside the EPM console. We can only create computer-based policies. The database is available, but there is a drawback in not being able to create local groups on the EPM console. We only have to depend on Active Directory. This limits infrastructure security as we depend on the Active Directory team to manage user groups. If they remove any users, we lose control. If we could create groups locally and block them or set specific policies, we would have more control. Local endpoint management is missing from the EPM site. Moreover, there is an issue with policies not running as expected when we make enhancements. We have to find multiple ways to whitelist applications or enhance policies.

Read full review

AsifIqbal

Chief Information Security Officer at a financial services firm with 1,001-5,000 employees

Easy to set up and manage and has good scalability and stability, but its technical support team needs to be more aggressive in solving issues

What needs improvement in IBM Security Secret Server is support. The local partner provides good support, but IBM itself doesn't. Most of the time, the IBM support team does not aggressively resolve issues reported through chat or the IBM website. In the next version of IBM Security Secret Server, I want to see more lightweight recording, architecture, or infrastructure requirements. Currently, it's heavy, so I want it reduced to make adapting IBM Security Secret Server much more effortless.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution allows me to give access and privileges to each user individually"

"The product is very flexible"

"I like that you can remove the admin rights from the user's computer and have control over the environment. That means you can delete the local admins and grant them proper privileges with the console. So, they will get proper permissions for applications they need, but we don't have to do it. In the domain where we don't have control, the user can only do specified actions, but not all of them."

"CyberArk Endpoint Privilege Manager has significantly improved our security posture by preventing virus incidents and restricting users from downloading unwanted applications."

"The most valuable feature is that it does lifecycle management and that it will change to whatever the end target is."

"The most valuable feature is the ability to control users with admin rights. Even if developers and senior folks maintain their admin rights, we can still manage their activities."

"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."

"It offers great performance."

More CyberArk Endpoint Privilege Manager pros

"What I like best about IBM Security Secret Server is its single-access console. It's also easy to manage and fulfills the requirements with the least resistance."

"Stability-wise, I think it is a very good solution."

"As a PAM solution, Secret Server performs all the use cases in our environment."

"One of the most valuable features is scalability, and how it allows you to scale it without affecting the underlying core components."

"The live recording is a very useful feature."

Cons

"Compared to other tools like Linux, this solution isn't as user-friendly."

"The tool should be more user-friendly."

"The main issues I experience are related to deployment, which requires dependency on other solutions like AD or SCCM. These tools need to be defined and synced with the client or agent and master, sometimes needing manual checks."

"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."

"My recommendation for improvement is to add functionality for when users request access to an application. There's a pop-up UI, but it's not very customizable. I suggest creating a UI where we can write scripts or use SDKs to enhance it. This could automatically create tickets in a system like ServiceNow when users request an application. If a manager approves, we could automatically push policies to those users."

"Despite newer versions and functionalities, CyberArk Endpoint Privilege Manager lacks sufficient knowledgeable support staff, resulting in longer wait times for assistance."

"A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good."

"The management of Privilege Access is not satisfactory."

More CyberArk Endpoint Privilege Manager cons

"It would be preferable if the full proxy was included in the IBM Security Secret Server."

"The newer interface is more difficult to use than the previous one, and consequently, new users might need more training."

"What needs improvement in IBM Security Secret Server is support. The local partner provides good support, but IBM itself doesn't. Most of the time, the IBM support team does not aggressively resolve issues reported through chat or the IBM website."

"The nonclustered index is working in an area with a problem that needs improvement."

"Secret Server should have the ability to discover privileged accounts in the servers, like the administrator or users, from SQL and Oracle without having to import a script."

Pricing and Cost Advice

"I rate the solution's pricing an eight out of ten since the price can be too high for smaller businesses."

"It is an expensive solution."

"CyberArk Endpoint Privilege Manager is slightly expensive, but costs can be negotiated to become more competitive."

"The product's license is easy to procure."

"The cost for CyberArk is very high."

"The price of CyberArk Endpoint Privilege Manager is expensive."

"CyberArk Endpoint Privilege Manager has a very high price, so it's a one out of ten for me in terms of pricing."

"I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing to pay this money."

More CyberArk Endpoint Privilege Manager pricing and cost advice

"I believe that we paid 35,000 or 40,000 US dollars for it."

"The price could be better. I think it's a good price for the on-premises environment and the high availability for enterprises the solution provides."

"My rating for the IBM Security Secret Server pricing is seven out of ten. It could be cheaper."

See which vendors are best for you

Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.

See recommendations

869,202 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

14%

Manufacturing Company

11%

Government

Computer Software Company

15%

Manufacturing Company

10%

Insurance Company

10%

Performing Arts

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	17
Midsize Enterprise	9
Large Enterprise	18

By reviewers
Company Size	Count
Small Business	4
Large Enterprise	3

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats

This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...

See all answers

What do you like most about CyberArk Endpoint Privilege Manager?

The most valuable feature of the solution is its performance.

See all answers

What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?

I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing t...

See all answers

Ask a question

Earn 20 points

Comparisons

CrowdStrike Falcon vs CyberArk Endpoint Privilege Manager

Compared 17% of the time

BeyondTrust Endpoint Privilege Management vs CyberArk Endpoint Privilege Manager

Compared 14% of the time

Microsoft Defender for Endpoint vs CyberArk Endpoint Privilege Manager

Compared 13% of the time

CyberArk Privileged Access Manager vs CyberArk Endpoint Privilege Manager

Compared 12% of the time

Tanium vs CyberArk Endpoint Privilege Manager

Compared 5% of the time

More CyberArk Endpoint Privilege Manager Competitors

Delinea Secret Server vs IBM Security Secret Server

Compared 61% of the time

Delinea Privileged Access Service vs IBM Security Secret Server

Compared 24% of the time

Fortra's Powertech Identity & Access Manager vs IBM Security Secret Server

Compared 15% of the time

More IBM Security Secret Server Competitors

Product Reports

Buyer's Guide

CyberArk Endpoint Privilege Manager

October 2025

CyberArk Endpoint Privilege Manager report

Download CyberArk Endpoint Privilege Manager product report

Buyer's Guide

IBM Security Secret Server

September 2025

Download IBM Security Secret Server product report

Also Known As

Viewfinity

IBM Secret Server, Secret Server, IBM Security Privileged Identity Manager

Overview

CyberArk Endpoint Privilege Manager, a critical and foundational endpoint control addresses the underlying weaknesses of endpoint defenses against a privileged attacker and helps enterprises defend against these attacks through removing local admin rights, enforcing least privilege, and implementing foundational endpoint security controls across all Windows, macOS and Linux endpoints from hybrid to cloud environments.

Click here for a free 30 day trial: CyberArk Endpoint Privilege Manager free trial

CyberArk

IBM Security Secret Server protects privileged accounts from hackers and insider threats, helps ensure compliance with evolving regulations, and allows authorized employees to seamlessly gain access to the tools and information they need to drive productivity. Easily detect, manage and audit privileged accounts, and control which applications are permitted to run on endpoints and servers to prevent malicious applications from penetrating the environment. IBM Security Secret Server is fast to deploy, easy to use and scalable for the enterprise.

IBM

Buyer's Guide

CyberArk Endpoint Privilege Manager vs. IBM Security Secret Server

September 2025

Free Report: CyberArk Endpoint Privilege Manager vs. IBM Security Secret Server

Find out what your peers are saying about CyberArk Endpoint Privilege Manager vs. IBM Security Secret Server and other solutions. Updated: September 2025.

DOWNLOAD NOW

869,202 professionals have used our research since 2012.

See our CyberArk Endpoint Privilege Manager vs. IBM Security Secret Server report.

See our list of best Privileged Access Management (PAM) vendors.

We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.