We performed a comparison between CyberArk Privileged Access Manager, IBM Tivoli Access Manager [EOL], and SailPoint IdentityIQ based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."It is an extremely scalable solution."
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"Technical support is very helpful whenever we have any questions."
"It is a central repository. Therefore, if someone needs to access a server, then they go through CyberArk PAM. It provides a secure way to do this and CyberArk PAM records everything. For example, if you are connecting to a Linux server, then once you get into the Linux server and if it is integrated with CyberArk, it will automatically start recording everything that is being done. In most banks, seeing the recordings is very useful. If there are any gaps or something has happened which shouldn't have happened, then we can check the logs and videos. So, it gives security, in a robust manner, to the organization."
"The voice technology is very good."
"The most important feature is managing the credentials and implementing those policies which rotate the credentials. Session Manager is also key in not letting the users have access to those credentials. Instead, CyberArk actually manages everything by itself."
"Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too."
"The solution is stable."
"SAML 2.0."
"Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites."
"The Verify feature: A push method which customers are going for."
"The integration effort with the end application is quite straightforward and easy."
"OAuth 2 is now the de facto standard for API protection and scoped authorized delegation. IBM TAM now supports OAuth 2 and can act as fully compliant OAuth 2 authorization server."
"The most valuable feature for our customers and for us is the identity data warehouse."
"The community is very active and when I had questions about an issue, I was able to find the resources."
"It is simple and easy to implement."
"It is a scalable product."
"This solution is great for providing control access across your environment."
"It significantly reduces the workload for certification processes."
"Security and administration for any new/current access."
"Provisioning in multiple environments."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"We had an issue with the Copy feature... Apparently, in version 10, that Copy feature does not work. You actually have to click Show and then copy the password from within Show and then paste it. We've had a million tickets and we had to figure out a workaround to it."
"More than the product itself, there is room for improvement in the documentation. The documentation should be very detailed and very structured. It has a lot of good information, on one level, but I feel that it could be more elaborate and more structured."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"I would like to see better usability for non-technical people."
"The current user interface is a little dated. However, I hear there are changes coming in the next version."
"Some of the additional features that we are looking at are in the Conjur product. I am specifically discussing key management, API Keys, and things for connecting applications in the CI/CD pipelines."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available."
"Multi-factor authentication with social integration needs to improve."
"Looking at their roadmap, they have a broad grasp of the security features which the industry needs."
"The self-service portal needs improvement."
"An Amazon Machine Image (AMI) for the newer appliance versions for hosting the virtual appliances on AWS will help."
"The user interface could be slightly improved. It could be made simpler and more user-friendly, however, it is good enough right now."
"They should lower the price and technical support should be better."
"The connectors are far too manual. This needs to be automated a bit."
"There are various functions that don't work in IdentityIQ, including the access request reminder, which doesn't go to the approvals in the proper format, so it's hard for users to read."
"The cost of this solution is high. The technical assistance center could be improved. They're very good, but considering the intricacies of the solution, they can further improve."
"We have had a lot of service breaks because of the lack of support."
"One needs to understand that SailPoint is into full-fledged IAM practice with a long-term vision, and customers will get a quick ROI with best practices implementation."
"Finding integration experts for SailPoint in the North American market can be challenging, and transitioning to a no-code or low-code setup could reduce dependence on specialized skills."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More IBM Tivoli Access Manager [EOL] Pricing and Cost Advice →
Earn 20 points