CyberArk Endpoint Privilege Manager vs IBM Tivoli Access Manager [EOL] comparison

The compared CyberArk and IBM solutions aren't in the same category. CyberArk is ranked #4 in PAM , with an average rating of 8.8, and holds a 2.6% mindshare in the category. Additionally, 86% of CyberArk users are willing to recommend the solution, compared to 93% of IBM users who would recommend it.

CyberArk Endpoint Privilege...

Read 38 CyberArk Endpoint Privilege Manager reviews

3,967 Views
1,190 Comparison Views

86% willing to recommend

IBM Tivoli Access Manager [...

Read 29 IBM Tivoli Access Manager [EOL] reviews

93% willing to recommend

CyberArk Endpoint Privilege...

IBM Tivoli Access Manager [...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between CyberArk Endpoint Privilege Manager and IBM Tivoli Access Manager [EOL] based on real PeerSpot user reviews.

Find out what your peers are saying about CyberArk, One Identity, Delinea and others in Privileged Access Management (PAM).

To learn more, read our detailed Privileged Access Management (PAM) Report (Updated: January 2026).

Buyer's Guide

Privileged Access Management (PAM)

January 2026

Download the complete report

Helped 881,176 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CyberArk Endpoint Privilege...

Average Rating

8.2

Reviews Sentiment

6.8

Number of Reviews

Ranking in other categories

Endpoint Compliance (4th), Privileged Access Management (PAM) (4th), Anti-Malware Tools (5th), Application Control (3rd), Ransomware Protection (5th)

IBM Tivoli Access Manager [...

Average Rating

8.0

Reviews Sentiment

3.8

Number of Reviews

Ranking in other categories

No ranking in other categories

Featured Reviews

Sumit Chavan

Lead Consultant at a tech vendor with 501-1,000 employees

Helps secure the infrastructure and control users with admin rights

There are many features that are currently missing. A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good. Currently, no user-based policy option is available inside the EPM console. We can only create computer-based policies. The database is available, but there is a drawback in not being able to create local groups on the EPM console. We only have to depend on Active Directory. This limits infrastructure security as we depend on the Active Directory team to manage user groups. If they remove any users, we lose control. If we could create groups locally and block them or set specific policies, we would have more control. Local endpoint management is missing from the EPM site. Moreover, there is an issue with policies not running as expected when we make enhancements. We have to find multiple ways to whitelist applications or enhance policies.

Read full review

it_user711612

Senior Consultant at a insurance company with 1,001-5,000 employees

Reverse proxy provides central control over authentication and authorization.

It is a single product that caters for all the business needs throughout the organization. It provides a seamless integration that in turn encourages most of the applications to use the SSO features Reverse proxy is the most valuable feature as it provides central control over authentication and…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"CyberArk Endpoint Privilege Manager (EPM) 's most valuable feature is its ability to manage user application privileges and protect against ransomware attacks by controlling access to specific files and applications."

"Users can scale the solution."

"We did immediately begin to see results when using CyberArk."

"What sets CyberArk apart is its continuous innovation, staying ahead of the competition."

"The password rotation and the session recording are the most valuable features."

"It has drastically reduced the attack surface for local administrative rights and the chance of escalation of privilege. We've removed, at this point, close to 98 percent of the local administrative accounts on workstations. If there were an incident, it would stop at that point and we'd be able to know."

"The solution allows me to give access and privileges to each user individually"

"CyberArk Endpoint Privilege Manager is very easy to manage, which I like. The solution also has a dashboard where you can see which software is suspicious, which I find valuable."

More CyberArk Endpoint Privilege Manager pros

"The integration effort with the end application is quite straightforward and easy."

"The Verify feature: A push method which customers are going for."

"Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites."

"SAML 2.0."

"OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."

Cons

"A customization option is required for certain policies. For instance, if we need to stop PowerShell scripting, we have to create a different policy for that. Being able to create a sub-level policy within a top-level policy would be good."

"They need much better integration with Azure AD."

"CyberArk has some performance issues. For example, servers could not handle the solution when we first took CyberArk Endpoint Privilege Manager."

"CyberArk Endpoint Privilege Manager is not suitable for the current situation because when you compare it to OTP, OTP is the strongest password solution. You can use it as a one-time password, but you have to log into the password manager itself and if you don't change your password, it will be the weakest link in the security. In OTP, you don't have that weakest link."

"The solution is very expensive."

"The installation process is pretty difficult."

"For an experienced system implementer it will take approximately one day. However, for somebody who is inexperienced it may take up to five days."

"Without knowledge, you are not able to find some items as they are really hidden within the UI."

More CyberArk Endpoint Privilege Manager cons

"Looking at their roadmap, they have a broad grasp of the security features which the industry needs."

"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."

"The self-service portal needs improvement."

"An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help."

"Multi-factor authentication with social integration needs to improve."

Pricing and Cost Advice

"The tool is priced high. I would rate its pricing an eight out of ten."

"The solution requires an annual license to use it. There can be some extra costs in some cases."

"I think that it was in the range of $200,000 that had to get approved."

"licensing for this solution is based on the number of APV (privileged users), and the number of sessions that you want to record."

"It is an expensive solution."

"Although I do not deal directly with the pricing, CyberArk Endpoint Privilege Manager is costly compared to other solutions. However, it offers beneficial features."

"It's not at the lower end of the market. I think the price is reasonable considering the quality it delivers. It is a top-notch solution at a fair price point."

"The price of CyberArk Endpoint Privilege Manager is expensive."

More CyberArk Endpoint Privilege Manager pricing and cost advice

"The IBM prices are, as ever, extortionate, even with a business partnership, and high levels of discounts."

See which vendors are best for you

Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.

See recommendations

881,176 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

14%

Manufacturing Company

11%

Computer Software Company

10%

Government

No data available

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	17
Midsize Enterprise	9
Large Enterprise	18

By reviewers
Company Size	Count
Small Business	9
Midsize Enterprise	2
Large Enterprise	18

Questions from the Community

Looking for recommendations and a pros/cons template for software to detect insider threats

This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpo...

See all answers

What do you like most about CyberArk Endpoint Privilege Manager?

The most valuable feature of the solution is its performance.

See all answers

What is your experience regarding pricing and costs for CyberArk Endpoint Privilege Manager?

I believe it's quite a reasonably priced solution. It's not very common to use CyberArk because it's a niche solution, but customers who are willing to control administrative accounts are willing t...

See all answers

Ask a question

Earn 20 points

Comparisons

CrowdStrike Falcon vs CyberArk Endpoint Privilege Manager

Compared 10% of the time

BeyondTrust Endpoint Privilege Management vs CyberArk Endpoint Privilege Manager

Compared 9% of the time

CyberArk Privileged Access Manager vs CyberArk Endpoint Privilege Manager

Compared 8% of the time

Microsoft Defender for Endpoint vs CyberArk Endpoint Privilege Manager

Compared 8% of the time

Tanium vs CyberArk Endpoint Privilege Manager

Compared 4% of the time

More CyberArk Endpoint Privilege Manager Competitors

SAP Identity Management vs IBM Tivoli Access Manager [EOL]

Compared 41% of the time

Comarch Identity and Access Management vs IBM Tivoli Access Manager [EOL]

Compared 30% of the time

More IBM Tivoli Access Manager [EOL] Competitors

Product Reports

Buyer's Guide

CyberArk Endpoint Privilege Manager

January 2026

CyberArk Endpoint Privilege Manager report

Download CyberArk Endpoint Privilege Manager product report

Buyer's Guide

IBM Tivoli Access Manager [EOL]

January 2026

Download IBM Tivoli Access Manager [EOL] product report

Also Known As

Viewfinity

Tivoli Access Manager, IBM Security Access Manager

Overview

CyberArk Endpoint Privilege Manager, a critical and foundational endpoint control addresses the underlying weaknesses of endpoint defenses against a privileged attacker and helps enterprises defend against these attacks through removing local admin rights, enforcing least privilege, and implementing foundational endpoint security controls across all Windows, macOS and Linux endpoints from hybrid to cloud environments.

Click here for a free 30 day trial: CyberArk Endpoint Privilege Manager free trial

CyberArk

IBM Tivoli Access Manager is a robust and secure centralized policy management solution for e-business and distributed applications. IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.

IBM

Sample Customers

Information Not Available

Essex Technology Group Inc.

Buyer's Guide

Privileged Access Management (PAM)

January 2026

Download Free Report

Find out what your peers are saying about CyberArk, One Identity, Delinea and others in Privileged Access Management (PAM). Updated: January 2026.

DOWNLOAD NOW

881,176 professionals have used our research since 2012.

We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.