Coming October 25: PeerSpot Awards will be announced! Learn more

CyberArk Privileged Access Manager vs SailPoint IdentityIQ comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on April 3, 2022

We performed a comparison between CyberArk Privileged Access Manager and SailPoint IdentityIQ based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions say that for the most part their initial setup is complex and requires technical expertise.
  • Features: Users of both products are happy with their performance, stability, and scalability. CyberArk Privileged Access Manager reviewers say it provides them with excellent security, password protection, and monitoring tools. A couple of users mentioned that it lacks flexibility. SailPoint IdentityIQ reviewers say it is reliable and easy to use but they would like to see improvements to the user interface and reporting abilities.
  • Pricing: Reviewers of both solutions feel that their prices are high.

  • ROI: Reviewers of both solutions report seeing an ROI.

  • Service and Support: Most users of both solutions report being satisfied with the level of support they receive.

Comparison Results: Both solutions received high marks from users. CyberArk Privileged Access Manager has an edge over SailPoint IdentityIQ due to its advanced monitoring and reporting abilities.


To learn more, read our detailed CyberArk Privileged Access Manager vs. SailPoint IdentityIQ report (Updated: September 2022).
633,184 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too.""It is one of the best solutions in the market. Ever since I started using this solution, there has not been any compromise when it comes to our lab.""All of the features of CyberArk Privileged Access Manager are valuable.""The most valuable feature is Special Monitoring.""It is useful for protecting passwords. If you need to do access security management, you can first use the CyberArk console, and after that, you can connect the firewall interface or firewall command line. Similarly, if you need to do an RDP session, you need to first log in to CyberArk before connecting to the Windows RDP session. This way, the admin doesn't know the password, and that password is changed immediately. To change the password, you first discover the old password in the network, and after that, you can change the password.""What I found most valuable in CyberArk Privileged Access Manager is the Session Manager as it allows you to split the connection between the administrator site and the target site. I also found the Password Manager valuable as it lets you rotate the passwords of privileged users.""It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad.""All the features of CyberArk are useful for me, but the biggest one is that CyberArk has logs for all the features. That is important when there is a problem. You know where to look and you have the information. In cyber security, the most important aspect is information."

More CyberArk Privileged Access Manager Pros →

"IdentityIQ's best features are the hassle-free user experience and security.""Deployment takes a bit of time, however, once it's done properly, everything becomes very organized and easy to use.""The solution is pretty stable and simple to use.""It offers a single source of truth. Everything can be handled from one tier.""SailPoint IdentityIQ has more enriched out-of-box connectors than the others.""It provides a lot of out-of-the-box functionalities. You don't have to do too much custom development like other solutions such as Microsoft or NetIQ. It also has a lot of out-of-the-box connectors for different sources, directories, databases, etc. Its cloud version is working very well, and its pricing is okay. Its value for money is fine for most of the customers. It is also very flexible. They have frequent new releases and patches for fixing errors and things like that.""A feature of SailPoint IdentityIQ that I like best is that it has good integration with other platforms. My company is using ADP here in Brazil, and SailPoint IdentityIQ works very, very well with it. My company is also using the solution for governance evaluation, segregation, and other access tests. For my company, SailPoint IdentityIQ is a very important solution, especially because it's automated, and there's a huge audit and risk issue here in Brazil.""Access certification and provisioning are two of the solutions most valuable features."

More SailPoint IdentityIQ Pros →

Cons
"I would love them to improve their UI customizing features.""It is very complex and difficult to set up the solution.""It should be easier to install. It is a comprehensive product, which makes it difficult to install. You need to have their consulting services in order to get it all installed and set up correctly because there is so much going on. It would be nice if there were an easier way to do the installation without professional services. I suspect they get a fair amount of their money from professional services. So, there is not a huge incentive.""It can be integrated with other systems, but it is not easy to integrate. It takes too long to integrate it. Its integration should be easier and simpler.""They are sometimes not flexible with things. For instance, from one day to another, there might be something that had been done years ago by CyberArk, then they say, "We do not support that." You then have to initiate a complaint and start working with them. Things might become complicated and months pass while you are working with them. Usually, they are good and fast, but sometimes they seem to be blocked with problems, e.g., you will suddenly be working with another team instead of the team that you were working with the day before.""We found a lot of errors during the initial setup. They should work to improve the implementation experience and to remove errors from the process.""The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers.""In the beginning, CyberArk Privileged Access Manager didn't have a multifactor authentication feature, so that was an area for improvement, but now it's part of the solution. Having just one console for two CyberArk products would be good, particularly for the CyberArk Privileged Access Manager and the CyberArk Endpoint Privilege Manager, with the latter being a product for endpoint management that supports the workstations and allows you to manage workstations. In the next update of CyberArk Privileged Access Manager, it would be good to have a local agent where you can manage all users and processes, and have an agent on the servers such as Linux and Windows."

More CyberArk Privileged Access Manager Cons →

"If you compare Saviynt and Okta Workforce Identity versus SailPoint IdentityIQ, SailPoint IdentityIQ needs to improve its UI.""There's a lot of customization required to improve the user experience.""In the past, we had a lot of problems with SailPoint IdentityIQ, particularly in providing access and provisioning. There were some gaps in the operation of the solution because they were manual rather than automated, and the users and administrators were given access directly via Active Directory, and it wasn't appropriate for us at the time to use. In terms of integration, we could provide a more automated solution after a minimum number of years, but not in the SailPoint IdentityIQ platform, but there were problems in the registration, for example, with putting information inside ADP, but in general, we were able to solve those problems, and after implementing SailPoint IdentityIQ we had increased evaluations.""The price of IdentityIQ could be lower. There are additional costs when you buy the licenses, and they force the customers to pay for them.""The report functionality and dashboard of the access manager could be improved.""The UI needs to be more user friendly. More concentration on historical policy violations would be great. In terms of new features, I would like to see artificial intelligence and machine language added.""The user interface could be slightly improved. It could be made simpler and more user-friendly, however, it is good enough right now.""The mover process for this solution could be improved."

More SailPoint IdentityIQ Cons →

Pricing and Cost Advice
  • "I believe that this solution is priced well. It's the market leader and I think that it's the best solution."
  • "Overall, its pricing is really good. The main difference from all the other vendors is that they have one package that covers all the functionality and modules of the basic PAM, except the add-on modules like adware and server protection. It also doesn't include the licenses for domain controller protection or maybe an API call-related feature. For the basic privileged access management, the bundle pricing is really good, but when it comes to an agent-based solution for advanced cyber protection or application identity managers, it is expensive. Services are also very expensive if you hire the services team from CyberArk, but these guys are really good. For a couple of large banking projects, we had an experience with them. The banks wanted to have things quickly and efficiently, so we had to hire them. If we take four weeks, these guys can do everything on a weekend. They charge quite a big sum of money, but they know the system well."
  • "The price of this solution is quite reasonable."
  • "The solution is very expensive and requires a license. We pay for an enterprise license."
  • "Pricing is quite high and it could be improved."
  • "They have two types of licensing: purchase and subscription. You have to pay for each admin user, such as Microsoft admin, mail admin, database admin, etc."
  • "The price of CyberArk support could be a little bit less. Otherwise, pricing is fine."
  • "Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
  • More CyberArk Privileged Access Manager Pricing and Cost Advice →

  • "SailPoint is higher in price as compared to Saviynt. The initial cost of SailPoint is very high. There are additional costs to the standard licensing fees."
  • "Its price is okay. It provides good value for money. It is subscription-based. You can go for a one-year or three-year subscription."
  • "The price of the solution could improve, it is not priced well for smaller businesses to afford."
  • "It is a costly solution. Its cost, for sure, should be reduced."
  • "You do pay one price for the license but that price depends on what you choose to include as far as the optional modules go."
  • "Usually, the cost of deploying about 5,000 licenses or 5,000 users, would be the equivalent to the cost of the license, which would be reaching up to around $90,000."
  • "You are able to get discounts if you plan to use the tool for the long-term i.e. discounts for 5+ years of usage."
  • "In terms of pricing, SailPoint IdentityIQ is affordable. It's not cheap, and it's not expensive, so the solution is in the middle, price-wise. It also didn't have additional costs, even if my company had different teams that took care of auditing and provisioning and projects that used SailPoint IdentityIQ."
  • More SailPoint IdentityIQ Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    633,184 professionals have used our research since 2012.
    Answers from the Community
    Netanya Carmi
    Doug-MacPherson - PeerSpot reviewerDoug-MacPherson
    User

    The two products are actually complimentary. Both companies have been very good about staying in their lanes and are their respective market leaders.


    CyberArk's PAM solution is aimed at protecting privileged accounts by providing features like vaulting, credential rotation, session monitoring and recording. They also have solutions for DevOps and Secrets management.


    SailPoint is an Identity Governance solution and actually manages CyberArk as an application the same way it manages accounts and privileges in SAP, AD, AAD and over 100 more applications. For CyberArk, it can add/change/delete users as well as create safes and assign users to those safes. At a user account certification time, it will show the CyberArk users and their associated privileges and allow the user's manager or other appropriate people to approve or revoke the privileged access. 


    SailPoint creates an Identity warehouse so that a user's accounts and entitlements are gathered, managed and reported on in a centralized manner. See Youtube for a quick explanation - SailPoint Identity Governance Integrates with CyberAek Privileged Access Security. 

    SailPoint does not provide the vault and session management functions that CyberArk does.

    Questions from the Community
    Top Answer:We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the… more »
    Top Answer:Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too.
    Top Answer:A feature of SailPoint IdentityIQ that I like best is that it has good integration with other platforms. My company is using ADP here in Brazil, and SailPoint IdentityIQ works very, very well with it… more »
    Top Answer:In terms of pricing, SailPoint IdentityIQ is affordable. It's not cheap, and it's not expensive, so the solution is in the middle, price-wise. It also didn't have additional costs, even if my company… more »
    Top Answer:In the past, we had a lot of problems with SailPoint IdentityIQ, particularly in providing access and provisioning. There were some gaps in the operation of the solution because they were manual… more »
    Ranking
    Views
    29,761
    Comparisons
    19,166
    Reviews
    26
    Average Words per Review
    965
    Rating
    8.3
    Views
    21,058
    Comparisons
    14,905
    Reviews
    16
    Average Words per Review
    458
    Rating
    8.3
    Comparisons
    Also Known As
    CyberArk Privileged Access Security
    IdentityIQ, SailPoint IdentityNow
    Learn More
    CyberArk
    Video Not Available
    Overview

    CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

    CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

    Benefits of CyberArk Privileged Access Manager

    Some of CyberArk Privileged Access Manager’s benefits include:

    • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
    • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
    • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

    Reviews from Real Users

    CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

    PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

    Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

    SailPoint is the leader in identity security for the cloud enterprise. We’re committed to protecting businesses from the inherent risk that comes with providing technology access across today’s diverse and remote workforce. Our identity security solutions secure and enable thousands of companies worldwide, giving our customers unmatched visibility into the entirety of their digital workforce, and ensuring that each worker has the right access to do their job, no more, no less. With SailPoint at the foundation of their business, our customers can provision access with confidence, protect business assets at scale and ensure compliance with certainty.

    Offer
    Learn more about CyberArk Privileged Access Manager
    Learn more about SailPoint IdentityIQ
    Sample Customers
    Rockwell Automation
    Adobe, AXA Technology Services, Cuna Mutual Group, Equifax, ING Direct, Orrstown Bank, Rockwell Automation, SallieMae, Spirit Aerosystems, TEL
    Top Industries
    REVIEWERS
    Financial Services Firm26%
    Insurance Company14%
    Computer Software Company8%
    Healthcare Company8%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm14%
    Comms Service Provider13%
    Government6%
    REVIEWERS
    Financial Services Firm36%
    Insurance Company14%
    Energy/Utilities Company14%
    Pharma/Biotech Company14%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Financial Services Firm14%
    Comms Service Provider10%
    Insurance Company6%
    Company Size
    REVIEWERS
    Small Business20%
    Midsize Enterprise12%
    Large Enterprise68%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise15%
    Large Enterprise67%
    REVIEWERS
    Small Business32%
    Midsize Enterprise15%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise13%
    Large Enterprise72%
    Buyer's Guide
    Privileged Access Management (PAM)
    September 2022
    Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM). Updated: September 2022.
    633,184 professionals have used our research since 2012.

    CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 34 reviews while SailPoint IdentityIQ is ranked 1st in User Provisioning Software with 19 reviews. CyberArk Privileged Access Manager is rated 8.4, while SailPoint IdentityIQ is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of SailPoint IdentityIQ writes "End-to-end Identity Management and Access Governance solution that shows why its a Market leader". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Azure Active Directory (Azure AD), WALLIX Bastion, Delinea Secret Server and BeyondTrust Endpoint Privilege Management, whereas SailPoint IdentityIQ is most compared with Saviynt, Okta Workforce Identity, Azure Active Directory (Azure AD), Microsoft Identity Manager and ForgeRock.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.