Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs OneLogin vs Symantec Privileged Access Manager comparison

CyberArk and One Identity are both solutions in the Access Management category. Additionally, 95% of CyberArk users are willing to recommend the solution, compared to 97% of One Identity users who would recommend it.
CyberArk Privileged Access ...
Read 229 CyberArk Privileged Access Manager reviews
  • 15,179 Views
  • 6,679 Comparison Views
95% willing to recommend
OneLogin
Read 34 OneLogin reviews
  • 5,117 Views
  • 1,944 Comparison Views
97% willing to recommend
Symantec Privileged Access ...
Read 53 Symantec Privileged Access Manager reviews
  • 1,529 Views
  • 1,208 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between CyberArk Privileged Access Manager, OneLogin, and Symantec Privileged Access Manager based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Okta, Ping Identity and others in Access Management.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Access Management Report (Updated: January 2026).
Buyer's Guide
Access Management
January 2026
Download the complete report
Helped 881,821 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Featured Reviews

Atul-Gujar - PeerSpot reviewer
Atul-Gujar
CyberArk manager at a comms service provider with 10,001+ employees
Secures critical infrastructures with essential user session audit records
A potential area for improvement is enhancing support for cluster environments and distributed Vaults. Clients in multiple countries that need central access have different challenges that require better solutions from CyberArk. For financial services, CyberArk can improve incident response by ensuring fast support for critical priority tickets to meet compliance requirements. Providing more documentation on CyberArk is recommended for new team members to enhance their troubleshooting capabilities. I understand it's up to the client, but 99% fail to change the demo key, so it's crucial for CyberArk to emphasize changing the key and documenting it as part of the installation process.
Read full review
Vaibhav Patil - PeerSpot reviewer
Vaibhav Patil
Digital Marketer at DigiLiterate
Single sign-on has simplified daily logins and now secures all our marketing workflows
OneLogin by One Identity has many features available. These include Single Sign-On, Multi-Factor Authentication, centralized access control, instant onboarding and offboarding, and passwordless convenience. All of these features definitely help. I rely mostly on Single Sign-On in my day-to-day work with OneLogin by One Identity. It stands out because it removes the biggest daily headache: juggling passwords for every marketing tool. With SSO, I log in once and instantly access Google Ads, HubSpot, Looker, Meta Ads, Slack, and everything else. There are no password resets, no delays, and no asking IT for access. It saves time every single day and keeps my workflow smooth, especially when I'm switching between multiple dashboards and campaigns. One hidden gem feature in OneLogin by One Identity that often gets overlooked is context-aware or adaptive access control. With this, access isn't just on or off. Instead, OneLogin by One Identity can allow or restrict access depending on conditions, such as your location, IP address, device type, or time of day. For example, if you're logging in from an unknown location or public Wi-Fi, OneLogin by One Identity can automatically require stronger authentication. This adds a subtle but powerful layer of security without complicating day-to-day logins. It's ideal for remote work, travel, or working from shared spaces. Since implementing OneLogin by One Identity, the biggest positive change I've noticed is how much smoother and faster my workday feels. I no longer juggle multiple passwords or get stuck waiting for access to tools. Logging in once and instantly opening Google Ads, HubSpot, Looker, Slack, and everything else has easily saved me 15 to 20 minutes a day. Another major improvement is clean, consistent permissions. There are no more access denied issues or chasing IT for fixes. When someone joins or leaves the team, their access is handled automatically, which keeps everything secure and organized. Overall, OneLogin by One Identity has reduced small daily frustrations, improved security, and made my workflow far more efficient. Other impacts of OneLogin by One Identity include fewer IT tickets, faster onboarding, consistent access, higher security, less downtime, and better collaboration.
Read full review
Muzi Lubisi - PeerSpot reviewer
Muzi Lubisi
Senior technical Consultant at CA Africa
Secure management of sensitive servers and seamless applications with direct linking
The credential injection feature is highly valued, particularly for RDP sessions. A majority of customers use it for RDP, and a couple for Linux servers. The broader capabilities, including access to multiple systems, web-based applications, and clustering, have never posed an issue. The threat analytics aspect is also a robust feature that analyzes all pertinent information.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The password protection itself is the most important feature. It's something we didn't have before."
"Helped us meet our standards and requirements to help us comply with industry standards and banking regulations."
"The product has allowed us to improve both the management and access to privileged credentials, while also creating a full audit trail of all activities happening within isolated sessions of all tasks and activities taking place within the solution."
"I love how easily we could operate within Password Vault and get things done. It was almost effortless."
"CyberArk has the ability to change the credentials on every platform."
"There are no issues with scalability. Our clients are very happy to use the product."
"CyberArk has resulted in a massive increase in our security footprint."
"CyberArk Privileged Access Manager is stable."
More CyberArk Privileged Access Manager pros
"OneLogin has positively impacted my organization by helping reduce issues and save time."
"OneLogin is a great platform with minimal improvements needed."
"My impression of OneLogin providing a seamless end-user experience for signing in and authenticating is positive because I never had any issues or glitches."
"One aspect I particularly appreciate is their exceptional customer support whenever I've needed assistance."
"Simplicity is the most valuable part of OneLogin."
"Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
"My impressions of the Identity Synchronization across directories functionality in OneLogin is that it is seamless and syncs every identity seamlessly."
"The most valuable feature is the ease with which we can manage the sign-on feature."
More OneLogin pros
"The credential injection feature is highly valued, particularly for RDP sessions."
"The system is very stable."
"For me, it is the robust API which is the most valuable feature. This allows for low maintenance costs and allows applications to automatically connect. This is great to automate security of the DevOps pipeline for shared secrets across environments. Also, being on Linux and a virtual appliance is great."
"It is simple to implement and is suitable for medium to large-scale enterprises."
"We found that the architecture is scalable and very resilient."
"Comprehensive coverage of the required features for the PAM solution."
"It will provide us with more security."
"The two factor authentication, and the single most important capability was it supported PIV and CAC as one of the two factors. That was pretty huge for us."
More Symantec Privileged Access Manager pros
 

Cons

"I would like to see better automation in granting access, better tools, more efficient tools, to be able to customize the solution that CyberArk provides."
"The scalability, sometimes, is lacking. It works really well for more static environments... But for an environment where you're constantly spinning up new infrastructure or new endpoints, sometimes it has a hard time keeping up."
"The solution is too complicated to use and should be simplified. It took me a long time to understand how to use it. There is a lot that the solution can improve for the future."
"CyberArk Enterprise Password Vault's deployment is complex for resources with little experience. Tech support needs to be improved as well based on quality and knowledge."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"Improved user-friendliness, granularity, and functionality would enhance the product further."
"If CyberArk wants people to pay for cloud services, they need to make the cloud services much more real-time."
"Online help needs to be looked into with live agent support."
More CyberArk Privileged Access Manager cons
"Customer support is very poor."
"However, if there were multiple documentations about the technical points and what each tab on the GUI is used for, it would be very helpful for others who want to learn, because I did not find a lot of resources about it on the internet."
"having a RESTful implementation instead of RPC would have been more desirable."
"I would suggest that the user interface could be improved."
"OneLogin by One Identity is strong, but there is room to improve."
"I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera."
"The tool must be made more robust."
"There are many downsides. OneLogin is designed for small businesses, not for big enterprises, which is why it has limited features."
More OneLogin cons
"An improvement for this solution is that it should not be constantly based on user name and password. There should be a condition to edit and update your username."
"We have to do a lot of manual work to automate features."
"It's difficult to locate the reports, there are limits on what reports can be run from the GUI, and the report formats are lacking."
"Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a wizard, where I proceed to the next page and enter more information, is not handled well by the system."
"Broadcom has neglected product development since acquiring Symantec, and nothing major has been added to PAM."
"Recent releases need improvement in webpage management."
"Bring more technology into the portfolio and being able to collapse those products into a much more integrated way."
"They should include some assignments in the test environment to explore the product's features."
More Symantec Privileged Access Manager cons
 

Pricing and Cost Advice

"There are no additional costs other than the standard licensing fees."
"I'm a technician so I don't handle the licensing for CyberArk Privileged Access Manager, but I know that the price for the core license is about €140 per year. There's another type of license, the external vendor license, and that's about €600 and you can manage twenty devices. From what I know, the price for one device in a subscription is about €65 per year. You can buy the CyberArk Endpoint Privilege Manager too, or you can buy some other application or application license with CyberArk Privileged Access Manager, but all other features, such as the Analytics Server is included in the basic CyberArk license. With WALLIX, you need to buy separate licenses for the features."
"The solution is costly but we get what we pay for."
"The product's licensing is yearly. I would rate the solution's pricing a six out of ten."
"From a client perspective, CyberArk's pricing is fair but there is a significant increase each year. They should limit the price increase because this could potentially drive customers to other partners. Price changes should be at defined intervals. There should not be sudden jumps."
"This solution is considered to be more expensive than others out there on the market today."
"The pricing for CyberArk is on the higher side compared to other Privileged Access Management products. Something should be done regarding enterprise licensing for long-standing customers."
"The main problem for the tool is its licensing. I work for a really big company. When you try to develop this as a service, usually you work with leverage teams who are formed with dozens of members. You might dedicate one FTE, or less, for something, e.g., an antivirus administrator. You might have half an FTE's effort dedicated to administering the antivirus, but then you have a team of about 30 users who might access that ticket. The problem is that CyberArk eliminated the possibility of concurrent users years ago. This is a big problem for companies who work with leverage teams. You need to pay for everyone. 40 licenses are used by 20 or 30 people. This is a big problem because licenses are not precisely cheap."
More CyberArk Privileged Access Manager pricing and cost advice
"We were happy with the price we got when we signed up, but I don't know what will happen when the time comes to renew because it is a different company now. We haven't seen any pricing models or had that discussion yet. My renewal is a year and a half away. It's worth what we're paying for it. There's no way we could provide the level of service for cheaper or try to do the same in-house."
"While I wish OneLogin's pricing was more affordable, their licensing model, which is based on per user, is acceptable."
"OneLogin's pricing, from the perspective of the education sector, seems quite reasonable for the value it delivers."
"Surprisingly expensive given the price of on-premise solutions."
"The pricing for OneLogin seems to be okay. The pricing and licensing are affordable. If you'd consider OneLogin to be expensive, it's worth it."
"The pricing and licensing are reasonable. It is much cheaper than other products."
"The price of the licensing is fine."
"It was cheap in the beginning, and then it became very expensive. We were initially charged $2 per user per month, which was fine, but by the second year, they increased it to $5 per user. That became very expensive for us because we had about 1,500 users. At $2 per user, it comes out to be $3,000 a month, which is $36,000 a year. If we move to $5 per user, it comes out to be $7,500 a month. That made its cost so high. That is why we removed the product because the cost was high."
"It is reasonably priced."
"Don’t go with an agent model. Don’t go with a model that has you buying a thousand different parts. Go with PAM that gives you everything, or you’ll just be paying costs of implementing another tool that PAM would have just given you up front."
"It is more expensive than other solutions on the market."
"I would prefer better licensing options for the 20-100 users we have at a given time."
"They offer per-device, per-user, or monthly and yearly licensing models."
"The version we are using is affordable compared to BeyondTrust, which is maybe three to four times as expensive, but it depends on the features."
"Cost-wise, CA was better compared to others in the market. ​"
"The licensing is simple and scalable."
More Symantec Privileged Access Manager pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
See recommendations
881,821 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Manufacturing Company
10%
Computer Software Company
9%
Government
6%
University
12%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
Comms Service Provider
12%
Computer Software Company
11%
Marketing Services Firm
11%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business59
Midsize Enterprise40
Large Enterprise173
By reviewers
Company SizeCount
Small Business24
Midsize Enterprise11
Large Enterprise29
By reviewers
Company SizeCount
Small Business14
Midsize Enterprise6
Large Enterprise30
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to m...
See all answers
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
See all answers
What is your experience regarding pricing and costs for CyberArk Privileged Access Manager?
My thoughts on the pricing of CyberArk Privileged Access Manager depend entirely on the vendors' requirements. If the...
See all answers
What do you like most about OneLogin by One Identity?
OneLogin is efficient.
See all answers
What needs improvement with OneLogin by One Identity?
OneLogin is a robust platform, but there is scope for improvement as there are some glitches, connectivity glitches, ...
See all answers
What is your primary use case for OneLogin by One Identity?
My main use case for OneLogin is app aggregation and SSO. I use OneLogin for app aggregation, which is utilized for a...
See all answers
What is your experience regarding pricing and costs for Symantec Privileged Access Manager?
Due to the nature of the solution, it is hard to gauge, but compared to competitors, the pricing is very good. I woul...
See all answers
What needs improvement with Symantec Privileged Access Manager?
Recent releases need improvement in webpage management. For instance, navigating through a webpage that acts like a w...
See all answers
What is your primary use case for Symantec Privileged Access Manager?
With the customers that I have so far, I help them broker RDP sessions to sensitive servers, particularly those that ...
See all answers
 

Comparisons

Microsoft Entra ID vs CyberArk Privileged Access Manager Logo
Microsoft Entra ID vs CyberArk Privileged Access Manager
Compared 4% of the time
Delinea Secret Server vs CyberArk Privileged Access Manager Logo
Delinea Secret Server vs CyberArk Privileged Access Manager
Compared 4% of the time
One Identity Safeguard vs CyberArk Privileged Access Manager Logo
One Identity Safeguard vs CyberArk Privileged Access Manager
Compared 4% of the time
WALLIX Bastion vs CyberArk Privileged Access Manager Logo
WALLIX Bastion vs CyberArk Privileged Access Manager
Compared 4% of the time
Saviynt vs CyberArk Privileged Access Manager Logo
Saviynt vs CyberArk Privileged Access Manager
Compared 4% of the time
More CyberArk Privileged Access Manager Competitors
Okta Platform vs OneLogin Logo
Okta Platform vs OneLogin
Compared 8% of the time
Auth0 Platform vs OneLogin Logo
Auth0 Platform vs OneLogin
Compared 8% of the time
Microsoft Entra ID vs OneLogin Logo
Microsoft Entra ID vs OneLogin
Compared 6% of the time
LastPass Business vs OneLogin Logo
LastPass Business vs OneLogin
Compared 5% of the time
F5 BIG-IP Access Policy Manager (APM) vs OneLogin Logo
F5 BIG-IP Access Policy Manager (APM) vs OneLogin
Compared 4% of the time
More OneLogin Competitors
Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager Logo
Cisco Identity Services Engine (ISE) vs Symantec Privileged Access Manager
Compared 16% of the time
ARCON Privileged Access Management vs Symantec Privileged Access Manager Logo
ARCON Privileged Access Management vs Symantec Privileged Access Manager
Compared 12% of the time
BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager Logo
BeyondTrust Endpoint Privilege Management vs Symantec Privileged Access Manager
Compared 11% of the time
Delinea Secret Server vs Symantec Privileged Access Manager Logo
Delinea Secret Server vs Symantec Privileged Access Manager
Compared 11% of the time
WALLIX Bastion vs Symantec Privileged Access Manager Logo
WALLIX Bastion vs Symantec Privileged Access Manager
Compared 9% of the time
More Symantec Privileged Access Manager Competitors
 

Product Reports

Buyer's Guide
CyberArk Privileged Access Manager
February 2026
CyberArk Privileged Access Manager reportDownload CyberArk Privileged Access Manager product report
Buyer's Guide
OneLogin
January 2026
OneLogin reportDownload OneLogin product report
Buyer's Guide
Symantec Privileged Access Manager
January 2026
Symantec Privileged Access Manager reportDownload Symantec Privileged Access Manager product report
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
OneLogin Workforce Identity
CA PAM, Xceedium Xsuite, CA Privileged Access Manager
 

Overview

CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

Benefits of CyberArk Privileged Access Manager

Some of CyberArk Privileged Access Manager’s benefits include:

  • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
  • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
  • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

Reviews from Real Users

CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

CyberArk

OneLogin offers organizations a user-friendly platform for single sign-on, multifactor authentication, and seamless access management. It enhances security and streamlines processes, making it vital for application management.

Designed for ease of integration, OneLogin helps organizations efficiently manage access and improve cybersecurity through centralized application management. It simplifies onboarding and offboarding, enhancing remote work capabilities and offering robust user mapping. Users appreciate seamless integration and reliable logs. However, it could improve with enhanced technical support, more out-of-box connectors, and better customization options. Challenges with device management and system integrations have been noted, with legacy application support and infrastructure stability needing attention.

What are the key features of OneLogin?
  • Single Sign-On: Provides centralized access to applications.
  • Multifactor Authentication: Enhances security with multiple verification steps.
  • Self-Service Password Resets: Empowers users to manage their passwords.
  • Ease of Integration: Connects seamlessly with cloud and on-premises systems.
What benefits can users expect?
  • Improved Time Management: Streamlines user access processes.
  • Reduced Security Incidents: Strengthens authentication measures.
  • Efficient Interface: Facilitates smooth user navigation.
  • Enhanced Remote Work: Supports flexible workforce needs.

Organizations employ OneLogin for single sign-on and identity management, connecting users to applications like CRM and Slack. It supports role-based access control and seamless cloud transition, integrating with Active Directory to enhance user management in industries demanding strong security and efficiency.

One Identity

CA Privileged Access Manager is a simple-to-deploy, automated, proven solution for privileged access management in physical, virtual and cloud environments. It enhances security by protecting sensitive administrative credentials such as root and administrator passwords, controlling privileged user access, proactively enforcing policies and monitoring and recording privileged user activity across all IT resources.  It includes CA PAM Server Control (previously CA Privileged Identity Manager) for fine-grained protection of critical servers

Broadcom
 

Sample Customers

Rockwell Automation
OneLogin has thousands of customers across multiple industries and from around the globe such as Uber, Airbnb, Noom, Petco, Sony, Lucky Brand, Tesco, Airbus, Japan Airlines, Aetna, Compass, Kaplan, Susan G. Komen, AAA and PennyMac.
NEOVERA, Telesis, eSoft
Buyer's Guide
Access Management
January 2026
Download Free Report
Find out what your peers are saying about Microsoft, Okta, Ping Identity and others in Access Management. Updated: January 2026.
DOWNLOAD NOW
881,821 professionals have used our research since 2012.