Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs One Identity Active Roles comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.0
CyberArk Privileged Access Manager enhances security, saves costs, and automates processes for improved control over privileged accounts.
Sentiment score
7.4
One Identity Active Roles enhances efficiency and security, reduces workload and risks, delivering quick returns and increased user satisfaction.
The return on investment lies in improved security infrastructure, addressing over-privileged access, and reducing the risk of credential compromise, which is a major source of data breaches.
The end users have the authority to reconcile the password or verify it before using session isolation, which is one of the unique features that can be enabled through Privileged Session Manager, preventing any attacks from happening within the organization when connected with sessions through CyberArk Privileged Access Manager.
During our quantitative analysis, we estimated potential savings of one to ten million dollars a year by using a PAM solution.
One Identity Active Roles provides excellent reporting and auditing functionality, allowing administrators to track permissions, actions, and responsibilities effectively.
It has saved 90% of the time compared to before.
 

Customer Service

Sentiment score
6.5
CyberArk's support is improving, with overall quality appreciated but needing faster response times and better initial case handling.
Sentiment score
7.7
One Identity Active Roles support is responsive and effective, with occasional delays; users rate it between seven and ten.
CyberArk has been exceptional in coming back to us with immediate responses.
It could be forever until you talk to someone who knows what they are doing.
They are helpful, but complex issues can take a long time to resolve, which can delay solutions for urgent customer issues.
One Identity's support is great.
I rate customer service and support as a seven because, although they are helpful when needed, there can be delays in responding to tickets and finding necessary fixes.
Sometimes having a fix for a bug takes too much time.
 

Scalability Issues

Sentiment score
7.7
CyberArk Privileged Access Manager is praised for its scalability, though some users face licensing and initial planning difficulties.
Sentiment score
7.8
One Identity Active Roles is scalable for large user bases, efficiently managing multiple directories and automating tasks.
The CPM can reportedly handle up to 50,000 accounts independently without issue.
I would rate it a ten out of ten for scalability.
They had 40,000 passwords in this one safe, and it was saving the last ten iterations of each password object. That means they had 400,000 password objects in this safe. They exceeded the limit.
It is very beneficial for large and complex environments.
If you are a major enterprise customer, it is a matter of scaling out on resources with more memory, disk, and CPU power.
The solution is highly scalable, with a scalability rating of nine.
 

Stability Issues

Sentiment score
7.8
CyberArk Privileged Access Manager is praised for stability and reliability, with most issues arising from configuration or user errors.
Sentiment score
7.4
One Identity Active Roles is generally stable with minimal maintenance, but occasional performance lags and updates are needed.
Proper fine-tuning and expertise ensure the product performs well.
Overall, the stability of the solution is high.
It has a large customer base and positive feedback within my network.
There were no major problems with One Identity Active Roles.
We haven't had any glitches.
I would rate the stability as a seven because there are sometimes performance issues, which require restarting the services.
 

Room For Improvement

CyberArk Privileged Access Manager requires UI improvements, expanded features, better integration, and accessible pricing for enhanced user experience.
One Identity Active Roles needs better web interface customization, scripting support, integration, user interface scalability, and improved workflows and security.
They want everything to be on the cloud, but even in the SaaS version of CyberArk Privileged Access Manager, they need to deploy some servers on-premises.
We cannot generate a plug-in for web-based applications.
If they want clients to move to the cloud, they need to support them in real-time.
A way to connect to various directories and integrate with cloud directories would be beneficial.
Enhancements to the console are also necessary because it is more confusing than the web interface.
The user interface needs to be more modern and scalable.
 

Setup Cost

Enterprise buyers find CyberArk costly but justify it with its top-notch capabilities and comprehensive security features.
One Identity Active Roles uses a user-based licensing model with high costs but offers significant ROI and flexibility.
CyberArk is expensive compared to other products I know.
CyberArk is comparatively expensive compared to other PAM solutions, such as Delinea, especially during renewal.
CyberArk's SaaS solution is particularly expensive.
It is quite expensive, costing more than 50 euros per identity.
The pricing is high.
The pricing of One Identity Active Roles is expensive, but the return on investment justifies the cost, allowing for savings in other areas.
 

Valuable Features

CyberArk Privileged Access Manager excels in security with credential management, AI-enhanced threat detection, and extensive integration capabilities.
One Identity Active Roles enhances security and management with robust access control, automation, integration, and centralized directory management.
CyberArk Privileged Access Manager helps ensure data privacy because we now know who is using which credentials and at what time.
It keeps a record of activities, allowing me to easily fetch screen recordings to detect any misuse and see who did what and what happened.
It can integrate with Splunk, SNMP, and other solutions and technologies.
It's improved our security posture. It has limited access to our crown jewels, where all our identities lie within Active Directory.
It helps in removing custom Active Directory delegation, which enhances security by eliminating unnecessary privileges, addressing identity-based breaches by reducing the number of Active Directory delegations.
It is very intuitive and close to the native tools.
 

Categories and Ranking

CyberArk Privileged Access ...
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
221
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
One Identity Active Roles
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
25
Ranking in other categories
User Provisioning Software (5th), Active Directory Management (2nd), Non-Human Identity Management (NHIM) (5th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. CyberArk Privileged Access Manager is designed for Privileged Access Management (PAM) and holds a mindshare of 18.3%, down 22.8% compared to last year.
One Identity Active Roles, on the other hand, focuses on Active Directory Management, holds 6.8% mindshare, down 7.8% since last year.
Privileged Access Management (PAM)
Active Directory Management
 

Featured Reviews

Lasantha Wijesinghe - PeerSpot reviewer
We have visibility and control through real-time user behavior analytics
It took us some time to realize its benefits because there was a learning curve for us. It took us about a year to get our heads around this product and start effectively using it. It is a journey. It takes at least five years for any company to make this product very useful and reach maturity. It is not only the product's fault. The company needs to have a vision, and the company culture needs to go with it. Senior leadership needs to support the vision. You need to have lots of ingredients for success. If everything is in place, you will see success after one year. In the first year, it is a struggle for everybody. My company was bought by a bigger company, and they were very new to privileged access management. Everybody was struggling. The advice I would give is to have a good vision for privileged access management. You need dedicated teams, senior management support, and proper company policies and standards before implementing the solution. Start building knowledge slowly and avoid jumping into the deep end without preparation. I would rate CyberArk Privileged Access Manager a nine out of ten.
Grzegorz Kosela - PeerSpot reviewer
Task automation simplifies user and delegation management while offering a customizable interface
Currently, task automation, like provisioning, deprovisioning, and reprovisioning, is very effective. When a user moves from one organization to another, it automatically changes their group membership and performs similar functions. Secondly, the granular delegation feature is very nice and much simpler and easier than it is natively in Microsoft. Two years ago, One Identity Active Roles was under Dell. It was quite poor. However, now, there have been notable improvements, such as faster system processing, better logging, enhanced information, and a more user-friendly interface. Once it was sold by Dell, things got better. The interface became a bit more user-friendly. The Angular user interface is much more flexible for adjusting to customer needs, and a completely new and customizable one can be created, aligning with all settings and scripts required by a customer. The ease of managing on-prem and cloud-based directories through a single pane of glass is good. I'd rate it nine out of ten. The solution's ability to provision and deprovision resources and directories like Azure AD is very simple, especially when you can integrate with the HR system and grab some data from HR. It's actually fully automatic. I don't need to even touch it. It's helped increase operational efficiency by 50%. It's helped decrease security problems around privileged accounts. We were able to decrease the number of privileged accounts and have been able to delegate more effectively. We decreased the number of high-level permissions that administrators had. For example, if someone is a DNS administrator, he has access only as far as the specific actions he needs to handle. We don't need to give away such high privileges for such a daily job. It's helped clarify roles and access. It's helped reduce identity-based breaches. If someone leaves a company, we can easily undo provisioning and close accounts. We can generate reports to see which people have which permissions and at what times. We've just integrated with our HR system. It helps us follow activated and deactivated users. I'd rate the granular controls on offer ten out of ten. We've saved on manpower in terms of the work of the administrators. There's good reporting and functionality, and it's very transparent. You can connect more than one directory and manage everything from one pane. You can do many things from one interface.
report
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
850,671 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
33%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
6%
Computer Software Company
17%
Financial Services Firm
12%
Healthcare Company
8%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
With the current model of licensing, for my use cases, sometimes it's hard to convince the management and get budget approvals for it. It's expensive and you're not getting anything new. It's just ...
What is your experience regarding pricing and costs for One Identity Active Roles?
The product is expensive, but if you want to save money, the delegation set-up process is quite easy. After setting up Active Roles once, defining the delegation model, it is very efficient, almost...
What needs improvement with One Identity Active Roles?
One area for improvement would be the Entra ID side, including better delegation for Entra ID objects and more granular permissions. We would also like to see better Entra ID license management usi...
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
Quest Active Roles
 

Overview

 

Sample Customers

Rockwell Automation
City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
Find out what your peers are saying about CyberArk Privileged Access Manager vs. One Identity Active Roles and other solutions. Updated: March 2023.
850,671 professionals have used our research since 2012.