We performed a comparison between CyberArk Privileged Access Manager, One Identity Safeguard, and PingID based on real PeerSpot user reviews.
Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM)."CyberArk has resulted in a massive increase in our security footprint."
"The regulation of accounts is by far the most needed and valuable part of the application."
"It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad."
"The central password manager is the most valuable feature because the password is constantly changing. If an outsider threat came in and gained access to one of those passwords, they would not have access for long."
"The automatic rotation of credentials is probably the most useful feature."
"The integrations are the most valuable aspect of CyberArk Privileged Access Manager. The software offers pre-built integrations, and our team can also create custom connectors. This flexibility allows us to integrate with systems that we previously didn't consider integrating with, making it a significant advantage for us."
"Automatic password management, which will automatically change passwords based on compliance requirements."
"CyberArk is a very stable product and it's a stable product because it has a simple design and a simple architecture that allows you to leverage the economies of scale across the base of your infrastructure that you already have implemented. It doesn't really introduce any new complex pieces of infrastructure that would make it that much more difficult to scale."
"The transparent mode for privileged sessions is a very good solution."
"It's one of the best products we've seen. When you start looking at the functionality and use cases and usability of the product, it's straightforward. They designed this product with the end-user in mind, and they also had the sysadmin who is supporting the product in mind. They really did a nice job. Overall, it's a nice product to work with."
"The system is easy to manage, as it is not a system that you will change everything all of a sudden. It evolves most of the time with customer requests."
"One Identity Safeguard is stable and provides great performance."
"We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP."
"The Transparent Mode is the number one advantage of the product."
"The first feature I like about One Identity Safeguard is the live contact point for the VPNs. This has been working very well for us, as it's both highly available and reliable."
"Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."
"The solution is stable. We haven't experienced any bugs or glitches."
"The solution has a smooth and configurable user interface for single sign-on capabilities."
"I like the self-service feature. The 502 and UBP systems are also excellent. PingID's ability to authenticate with SSH, RDP, and Windows login is pretty handy. It covers the entire spectrum of use."
"What I like best about PingID is that it's very user-friendly. PingID is well-built as a developer tool and regularly upgrades and updates via patches. I also like that PingID has clear documents that will help you integrate it with other solutions."
"It is a scalable solution...It is a stable solution."
"It's pretty stable as a product."
"It gets a mobility portal in place in conjunction with Office 365. It provides very good possibilities and it's much better than other technology that we have used before which was unstable and slower."
"I find the auto-discovery feature the most valuable. It helps us automate a lot of things using a single password across applications."
"We need a bit more education for our user community because they are not using it to its capabilities."
"This is probably a common thing, but they do ask for a lot of log files, a lot of information. They ask you to provide a lot of information to them before they're willing to give you anything at all upfront. It would be better if they were a little more give-and-take upfront: "Why don't you try these couple of things while we take your log files and stuff and go research them?" A little bit of that might be more helpful."
"Currently, in Secure Connect, an end user is required to enter account information manually, and cannot save any of this information for future use."
"I'm not a fan of technical support with CyberArk. It's like jumping through red tape and hoops. Quite frankly, it's almost like when you call CyberArk you get the Help Desk or the level-one. I'm a level-one. I got the CCD, I know how to do the initial troubleshooting. When I call CyberArk it's because I can't figure the problem out. So I need a level-two, three, four. I don't need you to tell me, "Hey, open a ticket and then give me logs.""
"It should be easy to use for non-technical people. Its interface can be a bit difficult. Some parts of its interface are not very intuitive. Some of the controls are hidden, and instead of having a screen with all the controls for that account on it, you have to use menus and other similar things."
"It is easily customized, and that customization makes it very easy to start trying to shoehorn the solution into roles it was never intended to fill."
"There is room for improvement in the availability of custom connectors on the marketplace for this solution. Additionally, their services for the CICD pipeline and ease of integration could be improved."
"The product is very vaulting-focused. I'd love to see it expanding its capabilities a bit further into areas like just-in-time elevation, and access with non-vaulted credentials."
"I would like to see an adjustment with more enterprise architecture. You can buy multiple appliances but you can not fully separate different functions, so scaling might be a bit more complicated."
"Support for One Identity Safeguard could be improved because sometimes the support team doesn't have an answer or solution for some bugs. A feature I found in a competitor would make One Identity Safeguard better, and that is the ability to load balance the traffic in the target."
"We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated."
"One Identity Safeguard can improve by having more integration with multiple devices."
"Transparent mode was too cumbersome, so I don't foresee us being able to use it. On paper when we were initially talking about it, it was definitely going to be the preferred method until we realized the burden it would be on our network guys. Then, we had to step back and reevaluate what we wanted to do. That's when we changed our approach to use the RD Gateway feature."
"We have feature requests and would like to see the turnaround times on those features to be faster."
"On a scale of one to ten, the stability is an eight."
"Some of the out-of-the-box reporting isn't that rich. We spoke to our Safeguard reps who have acknowledged that some of the reporting features can certainly be improved and that we're not the only customer who has cited this. There are very little out-of-the-box reporting capabilities. You have to build the queries and the report. I believe in the next release they're going to be addressing this."
"The product is not customizable."
"PingID classifies the type of environment into internal and external, which is an area for improvement because you need to take additional steps to trust internal and external users."
"If the solution is going to compete with Microsoft, they need to offer more unique functionality to keep their current user base."
"PingID should put a little more effort into making a pretty self-explanatory deck about their tech features and the services they offer."
"It has a long way to go until it is a cloud-based solution."
"They could use some bio-certification. It's just more user-friendly and more convenient than entering the one time passes. That would be an improvement."
"PingID's device management portal should be more easily accessible via a link. They provide no link to the portal like they do for the service. The passwordless functionality could be more comprehensive. You can't filter based on hardware devices. Having that filtering option would be great. Device authentication would be a great feature."
"I think that the connection with like Microsoft Word, especially for Office 365, is a weak point that could be improved."
More CyberArk Privileged Access Manager Pricing and Cost Advice →