Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs ForgeRock comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CyberArk Privileged Access ...
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
224
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
ForgeRock
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
30
Ranking in other categories
Identity Management (IM) (13th), Access Management (11th), Customer Identity and Access Management (CIAM) (6th)
 

Featured Reviews

Abdul Durrani - PeerSpot reviewer
Enables granular and secure access with just-in-time access and Zero Trust model
CyberArk provides a good amount of control over access types. However, as a future enhancement, having additional features for cross-platform integration would be beneficial. It would be good to have integrations with other tools and firewalls, such as Zscaler and CrowdStrike. Although I am not fully aware of recent updates, more cross-platform integration would be valuable. A SOC analyst would like to have centralized access in terms of information flowing in even for privileged access management. They would like to have control over everything instead of opening four to five tabs for different sorts of information. Cross-platform integration would help with that. Customers also want CyberArk's pricing to be better so that they can implement it further and have more licenses. Implementing a privileged access management solution can be challenging. It would be great if CyberArk could provide recommendations based on the compliance standards of an organization. It would help system admins ensure that all the required ports are closed and the systems are being managed properly. If any system is not being used anymore, any ports opened for that system need to be closed. Having such recommendations would be helpful.
Ahmet Murat Ülker - PeerSpot reviewer
Easy to use, but customizations can be complicated to handle
I would suggest others use the product after asking them to consider their use cases. SSO may be a use case for some, and using the product as an IDM tool may be a use case. At the moment, my company is not deploying all the components of ForgeRock itself. My company uses ForgeRock for OAuth 2.0. For example, my company is not deploying the IDM and identity gateway components. You should consider your use case and select the required components for that use case. My company does not use the SSO features of the tool. My company uses SSO to access ForgeRock's AM Console for individual users. My company does not use single sign on features of the product and instead, we use Auth0. I rate the tool a seven or eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We can make a policy that affects everybody instantly."
"We are able to rotate privileged user passwords to eliminate fraudulent use."
"The AI capabilities, including advanced threat detection features, are very helpful for us. They reduce human effort and errors, allowing us to quickly identify and respond to threats."
"It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password."
"The best feature of CyberArk Privileged Access Manager is its core function: automatically managing and securing credentials."
"Enterprise Password Vault, Privilege Session Manager, and Application Identity Management have been very useful for our client environment."
"Every aspect of the solution is very well integrated, and even that gives comfort. It is a fail-safe kind of environment."
"The solution is very good for protecting full levels of data privacy."
"The solution's most valuable feature is the authentication for the consumers. The integration with other third-party applications is excellent."
"We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks."
"The most valuable features are that it is easy to manage and it's stable."
"I like the way it is handling authentication and authorization."
"The product is easy to set up."
"This is a stable solution. When you do experience any issues, you will see it in your DB logs or audit logs so you can easily reach a conclusion of might be causing it."
"ForgeRock is an extensive product with many functionalities and capabilities, much more than many other tools combined."
"In terms of the tool's operational efficiency, ForgeRock Access Management is used in a lot of environments, different regions, and in different stages of production environments."
 

Cons

"There was a functionality of the solution that was missing. I had noticed it in Beyond Trust, but not in this solution. But, recently they have incorporated something similar."
"We'd like to see the creation of some kind of memo field for each device account, which could be used, in our network at least, to leave a note about the device for either the security or network engineering team members."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler."
"The graphical user interface could be simplified and harmonized for better usability. It should be consistent. Its GUI is very confusing."
"The usual workload is sometimes delayed by the solution."
"To get it to a ten it should give other possibilities to select if you could follow the keystrokes. It should have a flexibility with things where people can use it a lot faster."
"Improved user-friendliness, granularity, and functionality would enhance the product further."
"ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
"The product's support services in the French language are not free."
"In an upcoming release, the solution could improve by limiting the need to do customizations."
"As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively."
"We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced."
"I don't think ForgeRock directly supports integrations with Slack, making it an area where improvements are required."
 

Pricing and Cost Advice

"The license CyberArk Privileged Access Manager is on an annual basis."
"CyberArk Privileged Access Manager is on the expensive side. It is very expensive."
"I do not have any opinions to add about the pricing of the product."
"Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
"The price of this solution is quite reasonable."
"Pricing is a problem. CyberArk is expensive compared to other products I know. It is similar to buying a German car. It comes with all the bells and whistles, but some companies may find it too expensive."
"The price of this solution is expensive."
"CyberArk Privileged Access Manager is more expensive than its competitors, such as BeyondTrust, Delinea, and ManageEngine PAM360."
"We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."
"ForgeRock's pricing is more competitive than other products."
"Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."
"The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."
"It's a bit pricey and could be more competitive."
"The pricing of the solution is fair but I do not have the full details."
"Its price is comparable to other products in the market."
"ForgeRock is an expensive solution."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
861,170 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
16%
Financial Services Firm
14%
Computer Software Company
14%
Manufacturing Company
7%
Financial Services Firm
23%
Computer Software Company
12%
Insurance Company
7%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
What do you like most about ForgeRock?
The most valuable features of ForgeRock are social login and data protection.
What is your experience regarding pricing and costs for ForgeRock?
Our company was considering switching back to Keycloak from ForgeRock, so as to not pay any license fees. ForgeRock also supports M-PIN and biometric features that Keycloak does not provide. My com...
What needs improvement with ForgeRock?
In the past, I saw that Splunk was integrated with a testing portal, and then it was integrated with Slack. I don't think ForgeRock directly supports integrations with Slack, making it an area wher...
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
ForgeRock Identity Platform, ForgeRock OpenIDM
 

Overview

 

Sample Customers

Rockwell Automation
Geico, Thomson Reuters, Salesforce, McKesson, Trinet, SKY, BNP Paribas, Deloitte, Capgemini, North Western University
Find out what your peers are saying about CyberArk Privileged Access Manager vs. ForgeRock and other solutions. Updated: June 2025.
861,170 professionals have used our research since 2012.