Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs One Identity Safeguard vs Symantec Privileged Access Manager comparison

CyberArk and One Identity are both solutions in the Privileged Access Management (PAM) category. CyberArk is ranked #1 with an average rating of 8.6, while One Identity is ranked #4 with an average rating of 7.1. CyberArk holds a 16.3% mindshare in PAM, compared to One Identity’s 3.6% mindshare. Additionally, 95% of CyberArk users are willing to recommend the solution, compared to 93% of One Identity users who would recommend it.
CyberArk Privileged Access ...
Read 229 CyberArk Privileged Access Manager reviews
  • 16,420 Views
  • 6,404 Comparison Views
95% willing to recommend
One Identity Safeguard
Read 45 One Identity Safeguard reviews
  • 3,754 Views
  • 2,515 Comparison Views
93% willing to recommend
Symantec Privileged Access ...
Read 53 Symantec Privileged Access Manager reviews
  • 926 Views
  • 685 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between CyberArk Privileged Access Manager, One Identity Safeguard, and Symantec Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about CyberArk, Delinea, One Identity and others in Privileged Access Management (PAM).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Privileged Access Management (PAM) Report (Updated: August 2025).
Buyer's Guide
Privileged Access Management (PAM)
August 2025
Download the complete report
Helped 867,497 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

As of September 2025, in the Privileged Access Management (PAM) category, the mindshare of CyberArk Privileged Access Manager is 16.3%, down from 22.0% compared to the previous year. The mindshare of One Identity Safeguard is 3.6%, down from 4.5% compared to the previous year. The mindshare of Symantec Privileged Access Manager is 1.5%, down from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Privileged Access Management (PAM) Market Share Distribution
ProductMarket Share (%)
CyberArk Privileged Access Manager16.3%
One Identity Safeguard3.6%
Symantec Privileged Access Manager1.5%
Other78.6%
Privileged Access Management (PAM)
 

Featured Reviews

Atul-Gujar - PeerSpot reviewer
Secures critical infrastructures with essential user session audit records
A potential area for improvement is enhancing support for cluster environments and distributed Vaults. Clients in multiple countries that need central access have different challenges that require better solutions from CyberArk. For financial services, CyberArk can improve incident response by ensuring fast support for critical priority tickets to meet compliance requirements. Providing more documentation on CyberArk is recommended for new team members to enhance their troubleshooting capabilities. I understand it's up to the client, but 99% fail to change the demo key, so it's crucial for CyberArk to emphasize changing the key and documenting it as part of the installation process.
Read full review
Tor Nordhagen - PeerSpot reviewer
Transparent mode for privileged sessions will greatly simplify our client's administrative situation
We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.
Read full review
Muzi Lubisi - PeerSpot reviewer
Secure management of sensitive servers and seamless applications with direct linking
The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"CyberArk Privileged Access Manager makes it easy for users to retrieve and manage their passwords."
"It has a centralized page where you can manage everything. This makes work easier. You don't have to remember different module URLs or browser applications. It is very easy to get all the secure identities of other environments into a single page, which is very important for us as it helps a lot in terms of operations, e.g., reduces management time. This is a single page where you can manage all accounts and onboard them to the CyberArk. You can then secure and see passwords from everywhere. So, there is a single pane of glass where you can manage all the identities across environments as well as across different types of identities."
"Automatic password management, which will automatically change passwords based on compliance requirements."
"You can easily manage more than 4000 accounts with one PSM."
"The product is for hardening access and making the organization more secure, therefore reducing chances of a breach."
"CyberArk is not just an IT security or cybersecurity tool. It's also an administrator tool. I had a fair number of systems where the passwords were not fully managed by CyberArk yet, and they were expiring every 30 or 45 days. I was able to get management turned on for those accounts. From an administrator perspective, I didn't have to go back into those systems and manually change those passwords anymore. CyberArk... lightened the load on our administrative work."
"I love how easily we could operate within Password Vault and get things done. It was almost effortless."
"The key aspects of privileged access management are being able rotate passwords, make sure someone is accountable, and tie it back to a user (when the system is being used)."
More CyberArk Privileged Access Manager pros
"Being able to use a proxy server is an advantage."
"I have found the most useful feature of One Identity Safeguard to be Privileged Sessions."
"The whole product solves the privileged access management challenge for our company. We have a secure tunnel, a secure session manager, and automatic logging of sessions, which is good for forensic purposes. We have a rich level of logs and can trace what happened on which machine and see who did what."
"One Identity Safeguard is stable and provides great performance."
"The implementation time was quick. It was basically up and running within a week."
"The most unique and valuable features are the upstream and downstream throughput capacities; the Safeguard platform provides agile integration. In actuality, all the features are valuable. They're good, user-friendly."
"In terms of the user experience, it is a pretty useful product. It works in a good way."
"I like the discovery functionality and the change password feature through the check-in. I also like the bulk import with the help of templates that come with it out of the box. With the help of these few features, my tasks are made easier."
More One Identity Safeguard pros
"It reduces the viral attacks on my website. It also allows certain users access to see what happens daily."
"Stability is solid as a rock."
"We have received good support from the tech support team."
"The two factor authentication, and the single most important capability was it supported PIV and CAC as one of the two factors. That was pretty huge for us."
"The interface is very friendly, colorful, and bold."
"Transparent login for users of privileged IDs (Linux, Windows). This prevents sharing of the password because it is never seen."
"Password Management and Session Recording. The simplicity and ease that it is to be up and running out-of-the-box is very much appreciated."
"It is simple to implement and is suitable for medium to large-scale enterprises."
More Symantec Privileged Access Manager pros
 

Cons

"I would like to see an easier way to define delegated roles within the administration of the core product."
"We require IAM (identify and access management) capability at the administrator level because we need more identification."
"They need to provide better training for the System Integrator."
"It should be easy to use for non-technical people. Its interface can be a bit difficult. Some parts of its interface are not very intuitive. Some of the controls are hidden, and instead of having a screen with all the controls for that account on it, you have to use menus and other similar things."
"The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
"There is some stuff that we still have not fully integrated, which is our AIM solution. We are having all types of issues with it. I have been working with Level 3 support on it, but otherwise, from a functionality perspective, everything has been working except for the AIM solution."
"I would like to see more integration with more tools, for more APIs."
"Over the past seven years, I have seen a lot of ups and downs with the product."
More CyberArk Privileged Access Manager cons
"We have issues using Safeguard to connect to and record from the cloud. Currently, they don't have a mechanism to record this type of connection."
"When we compare One Identity Safeguard with Cyberark, we know CyberArk has other tools or other features that are more complex and more useful for the customers. For example, I have one customer that wants to elevate the permission that is available in CyberArk."
"From a management point of view, it would be beneficial if One Identity Safeguard Privilege Password and One Identity Safeguard Privilege Session had a more similar interface."
"The high availability function of the box requires a long time to switch over from one appliance to another."
"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."
"The automated change of the passwords, which is now integrated, could be improved to be more flexible regarding different systems."
"I would like to see support for RDP over HTTPS so this product can be used in conjunction with the Microsoft terminal."
"I just received a question from a customer in regards to a connection with Oracle OID. I tried to integrate Safeguard with the Oracle YAML as well as something else to manage the groups and users from a different system, like AD or LDAP. This one feature could be better. At this moment, the platform system can only use the integration with LDAP or AD. The software for research and development to create a connector to a YAML platform can be very complicated."
More One Identity Safeguard cons
"The setup is complex."
"It'd be great if you just stuck in your PIV card and Windows popped up, asked you for your password. You typed it in, then it remembered your credentials."
"The support for other remote assistance tools would be excellent. Free included tools in Windows (Remote Assist) and Microsoft SCCM Configuration Manager (ConMgr Remote Control) allow companies to reduce the amount of RDP connections and expand the usage of the tools are frequently used by companies to provide technical support for remote assistance."
"The response time for support could be faster. Some features should be added: cloud-based, VPN-less, more secure, and it should be adjusted in a hybrid environment."
"Technical support was good when CA handled it. After Broadcom took over, it's not as good."
"Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handled well by the system."
"It's difficult to locate the reports, there are limits on what reports can be run from the GUI, and the report formats are lacking."
"Bring more technology into the portfolio and being able to collapse those products into a much more integrated way."
More Symantec Privileged Access Manager cons
 

Pricing and Cost Advice

"If you want a Ferrari, it will cost you. The solution is really nice, so it costs the client, but in the long run, it is very good. If you buy a solution that costs a lot to maintain because it is not stable, and you are frequently asking for consultant support, it costs more."
"CyberArk Privileged Access Manager is on the expensive side. It is very expensive."
"Pricing is quite high and it could be improved."
"Quite expensive"
"The pricing for CyberArk is on the higher side compared to other Privileged Access Management products. Something should be done regarding enterprise licensing for long-standing customers."
"The solution is costly but we get what we pay for."
"The solution is very expensive and requires a license. We pay for an enterprise license."
"There are additional features added to our CyberArk Privileged Access Manager license. For example, features that allow us to integrate into various kinds of platforms."
More CyberArk Privileged Access Manager pricing and cost advice
"It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."
"Setup cost, pricing and licensing are all very expensive."
"It was definitely cheaper than the other two products that we evaluated."
"It is cheaper than CyberArk. Its price is fair."
"Our licensing costs are on a yearly basis."
"Safeguard is cheaper than CyberArk."
"The license is very expensive for us, partly due to inflation and partly because of the exchange rate between the Dollar and the Iranian Rial. We purchased a perpetual license that we've been using up until now, but I believe that we are not going to update it in the future. Instead, we plan to find another third-party to support us with the license, in the sense that we would have access to their license as a shared agreement."
"The license is around $3,000 per month."
More One Identity Safeguard pricing and cost advice
"The licensing is simple and scalable."
"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."
"Pricing is fair compared to other top vendors."
"The prices are not low, but one can ask for a discount. It’s not the cheapest PAM solution."
"I would prefer better licensing options for the 20-100 users we have at a given time."
"Cost-wise, CA was better compared to others in the market. ​"
"It is more expensive than other solutions on the market."
"Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs of implementing another tool that PAM would have just given you up front."
More Symantec Privileged Access Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
See recommendations
867,497 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
15%
Manufacturing Company
9%
Government
6%
Computer Software Company
21%
Financial Services Firm
8%
Comms Service Provider
7%
Government
6%
Comms Service Provider
16%
Computer Software Company
15%
Government
11%
Financial Services Firm
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business60
Midsize Enterprise41
Large Enterprise171
By reviewers
Company SizeCount
Small Business18
Midsize Enterprise12
Large Enterprise19
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise6
Large Enterprise30
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to m...
See all answers
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
See all answers
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
There has been no reduced cost associated with CyberArk Privileged Access Manager, as when it is required, you must p...
See all answers
What do you like most about One Identity Safeguard?
The identity discovery is good, and the performance is pretty good value.
See all answers
What is your experience regarding pricing and costs for One Identity Safeguard?
The pricing of One Identity Safeguard is fairly priced and cheaper than other solutions of the same enterprise level....
See all answers
What needs improvement with One Identity Safeguard?
There is room for improvement in integration between modules. The native integration between SPP and SPS, which is cu...
See all answers
What do you like most about Symantec Privileged Access Manager?
We can check the activities in the server for fragile files and documents in case of any issues.
See all answers
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I woul...
See all answers
What needs improvement with Symantec Privileged Access Manager?
Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a w...
See all answers
 

Comparisons

Microsoft Entra ID vs CyberArk Privileged Access Manager Logo
Microsoft Entra ID vs CyberArk Privileged Access Manager
Compared 7% of the time
WALLIX Bastion vs CyberArk Privileged Access Manager Logo
WALLIX Bastion vs CyberArk Privileged Access Manager
Compared 6% of the time
Delinea Secret Server vs CyberArk Privileged Access Manager Logo
Delinea Secret Server vs CyberArk Privileged Access Manager
Compared 6% of the time
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager Logo
Cisco Identity Services Engine (ISE) vs CyberArk Privileged Access Manager
Compared 5% of the time
CyberArk Endpoint Privilege Manager vs CyberArk Privileged Access Manager Logo
CyberArk Endpoint Privilege Manager vs CyberArk Privileged Access Manager
Compared 2% of the time
More CyberArk Privileged Access Manager Competitors
WALLIX Bastion vs One Identity Safeguard Logo
WALLIX Bastion vs One Identity Safeguard
Compared 13% of the time
SailPoint Identity Security Cloud vs One Identity Safeguard Logo
SailPoint Identity Security Cloud vs One Identity Safeguard
Compared 9% of the time
One Identity Cloud PAM Essentials vs One Identity Safeguard Logo
One Identity Cloud PAM Essentials vs One Identity Safeguard
Compared 8% of the time
Delinea Secret Server vs One Identity Safeguard Logo
Delinea Secret Server vs One Identity Safeguard
Compared 7% of the time
Fudo PAM vs One Identity Safeguard Logo
Fudo PAM vs One Identity Safeguard
Compared 7% of the time
More One Identity Safeguard Competitors
Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager Logo
Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager
Compared 28% of the time
ARCON Privileged Access Management vs Symantec Privileged Access Manager Logo
ARCON Privileged Access Management vs Symantec Privileged Access Manager
Compared 17% of the time
BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager Logo
BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager
Compared 15% of the time
Delinea Secret Server vs Symantec Privileged Access Manager Logo
Delinea Secret Server vs Symantec Privileged Access Manager
Compared 13% of the time
More Symantec Privileged Access Manager Competitors
 

Product Reports

Buyer's Guide
CyberArk Privileged Access Manager
September 2025
CyberArk Privileged Access Manager reportDownload CyberArk Privileged Access Manager product report
Buyer's Guide
One Identity Safeguard
August 2025
One Identity Safeguard reportDownload One Identity Safeguard product report
Buyer's Guide
Symantec Privileged Access Manager
August 2025
Symantec Privileged Access Manager reportDownload Symantec Privileged Access Manager product report
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
No data available
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

  • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
  • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
  • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.

One Identity

CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources.  It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers

Broadcom
 

Sample Customers

Rockwell Automation
Cavium
NEOVERA, Telesis, eSoft
Buyer's Guide
Privileged Access Management (PAM)
August 2025
Download Free Report
Find out what your peers are saying about CyberArk, Delinea, One Identity and others in Privileged Access Management (PAM). Updated: August 2025.
DOWNLOAD NOW
867,497 professionals have used our research since 2012.