Coming October 25: PeerSpot Awards will be announced! Learn more

CyberArk Privileged Access Manager vs Okta Workforce Identity comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between CyberArk Privileged Access Manager and Okta Workforce Identity based on real PeerSpot user reviews.

Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed CyberArk Privileged Access Manager vs. Okta Workforce Identity report (Updated: August 2022).
636,406 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too.""The automatic password management is the most important feature. The second most important feature is the ability to enforce dual control on the release of those passwords. The combination of these two features is the most important thing for us because we can show that we're in control of who uses any non-personal account, and when they do so.""It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities.""The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach.""It is a robust product.""It supports lots of requirements in the privileged access management area.""It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank.""We like it for the ability to automatically change passwords. At least for my group, that's the best thing."

More CyberArk Privileged Access Manager Pros →

"We find the solution to be stable.""Its simplicity and its integration with various vendor-agnostic platforms are the most valuable features.""The initial setup of Okta Workforce Identity is straightforward. I was able to get an environment ready within half a day.""The most valuable features of Okta Workforce Identity are MFA, and SSO, which have high security.""What I found most valuable in Okta Workforce Identity is that it worked together with VMware Workspace One, so there was this device check at the same time. My company used the trusted device method that enabled you to define that only the trusted devices including the Workspace One agent were able to access the applications directly without an additional authentication step.""A solution that's easy to use, stable, and reliable.""The solution so far has been very stable.""The product requires very little maintenance."

More Okta Workforce Identity Pros →

Cons
"It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive.""There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries.""The initial setup of CyberArk Privileged Access Manager difficulty depends on the environment that you are implementing it into. However, it typically is simple.""When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time.""Its pricing is a big challenge here. When it started, the product came in at a very low cost. Now, they are the leaders in the market, so the cost has grown and is quite huge.""We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process.""The PTA could be improved. Currently, companies often have multiple domains and sometimes it's difficult to implement CyberArk in this kind of infrastructure. For example, you can add CPM (Central Policy Manager) and PSM (Privileged Session Manager and PVWA (Password Vault Web Access) for access, but if you want to add PTA (Privileged Threat Analysis) to scan Vault logs, it is difficult because this component may be adding multiple domain environments.""They need to provide better training for the System Integrator."

More CyberArk Privileged Access Manager Cons →

"The only aspect in which it can be improved is that the interface could be cleaner. I found this even when I was trying to do my certification exam because the certification is hands-on. You find yourself fumbling around a little bit to find simple things. This happens even when you start to get familiar with the product.""Application updates are lacking. Customer support needs to be improved.""We have experienced some challenges in integrating this solution with Scope and Cognito.""A room for improvement in Okta Workforce Identity is its price. It could be cheaper. The biggest benefit of the solution is that everything works securely without extra steps, so you're saving on your workforce's time and effort because your applications work smoothly and securely, but you'd need to pay some amount of money for that. Another area that could be improved, though not necessarily regarding Okta Workforce Identity, is the SSO applications because so many of the source applications charge extra money to put the SSO to work, which means you have to buy a more expensive license. Nowadays, SSO is a mainstream functionality and it should be out-of-the-box in those applications because it's so easy to set up.""Okta Workforce Identity could improve the support system, they are too slow.""Okta Workforce Identity could improve the way passwords are reset and how it interfaces with Microsoft.""They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time.""The initial setup can be complex at first."

More Okta Workforce Identity Cons →

Pricing and Cost Advice
  • "I believe that this solution is priced well. It's the market leader and I think that it's the best solution."
  • "Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
  • "The price of this solution is quite reasonable."
  • "The solution is very expensive and requires a license. We pay for an enterprise license."
  • "Pricing is quite high and it could be improved."
  • "They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."
  • "The price of CyberArk support could be a little bit less. Otherwise, pricing is fine."
  • "Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
  • More CyberArk Privileged Access Manager Pricing and Cost Advice →

  • "I believe it competes well. The pricing is pretty competitive. I know that Microsoft also provides something similar with its MFA and identity services."
  • "It is costly for large companies."
  • "The price of this product could be lower."
  • "It has a yearly subscription. As compared to its competitors, it is quite expensive. It also has a complex licensing model."
  • "The pricing is reasonable."
  • "This solution is costly. Pricing is decent if you have less users, but it significantly goes up the more users you have, with its cost not justified."
  • "This is an expensive solution but the security makes it worthwhile."
  • "The price of Okta Workforce Identity is competitively priced. We pay annually for the use of the solution."
  • More Okta Workforce Identity Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    636,406 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the… more »
    Top Answer:Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too.
    Top Answer:What I found most valuable in Okta Workforce Identity is that it worked together with VMware Workspace One, so there was this device check at the same time. My company used the trusted device method… more »
    Top Answer:The pricing for Okta Workforce Identity could still be improved or made cheaper. It costs from 50 to 100 euros a year per user. Okta Workforce Identity has different packages you can choose from, and… more »
    Top Answer:A room for improvement in Okta Workforce Identity is its price. It could be cheaper. The biggest benefit of the solution is that everything works securely without extra steps, so you're saving on your… more »
    Ranking
    Views
    29,981
    Comparisons
    19,341
    Reviews
    30
    Average Words per Review
    929
    Rating
    8.3
    Views
    20,261
    Comparisons
    17,237
    Reviews
    20
    Average Words per Review
    499
    Rating
    8.6
    Comparisons
    Also Known As
    CyberArk Privileged Access Security
    Learn More
    CyberArk
    Video Not Available
    Overview

    CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

    CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

    Benefits of CyberArk Privileged Access Manager

    Some of CyberArk Privileged Access Manager’s benefits include:

    • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
    • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
    • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

    Reviews from Real Users

    CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

    PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

    Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

    Okta is an enterprise grade identity management service, built from the ground up in the cloud and delivered with an unwavering focus on customer success. With Okta, IT can manage access across any application, person or device. Whether the people are employees, partners or customers or the applications are in the cloud, on-premises or on a mobile device, Okta helps IT become more secure, make people more productive, and maintain compliance. Okta is an on-demand identity and access management service for web based applications, both in the cloud and behind the firewall.

    Offer
    Learn more about CyberArk Privileged Access Manager
    Learn more about Okta Workforce Identity
    Sample Customers
    Rockwell Automation
    Box, Groupon, National Geographic, Western Union, DocuSign
    Top Industries
    REVIEWERS
    Financial Services Firm26%
    Insurance Company15%
    Computer Software Company8%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm14%
    Comms Service Provider13%
    Government6%
    REVIEWERS
    Manufacturing Company25%
    Computer Software Company15%
    Comms Service Provider15%
    Healthcare Company10%
    VISITORS READING REVIEWS
    Computer Software Company23%
    Comms Service Provider13%
    Financial Services Firm7%
    Government7%
    Company Size
    REVIEWERS
    Small Business20%
    Midsize Enterprise13%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise15%
    Large Enterprise68%
    REVIEWERS
    Small Business40%
    Midsize Enterprise17%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business23%
    Midsize Enterprise15%
    Large Enterprise62%
    Buyer's Guide
    CyberArk Privileged Access Manager vs. Okta Workforce Identity
    August 2022
    Find out what your peers are saying about CyberArk Privileged Access Manager vs. Okta Workforce Identity and other solutions. Updated: August 2022.
    636,406 professionals have used our research since 2012.

    CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 35 reviews while Okta Workforce Identity is ranked 2nd in Identity and Access Management as a Service (IDaaS) (IAMaaS) with 24 reviews. CyberArk Privileged Access Manager is rated 8.2, while Okta Workforce Identity is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Okta Workforce Identity writes "Stable and reliable solution but the application updates are lacking". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Azure Active Directory (Azure AD), WALLIX Bastion and Delinea Secret Server, whereas Okta Workforce Identity is most compared with Google Cloud Identity, Azure Active Directory (Azure AD), SailPoint IdentityIQ, Auth0 and IBM Security Access Manager. See our CyberArk Privileged Access Manager vs. Okta Workforce Identity report.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.