CyberArk Privileged Access Manager vs SailPoint IdentityIQ comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary
Updated on Apr 3, 2022

We performed a comparison between CyberArk Privileged Access Manager and SailPoint IdentityIQ based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: Users of both solutions say that for the most part their initial setup is complex and requires technical expertise.
  • Features: Users of both products are happy with their performance, stability, and scalability. CyberArk Privileged Access Manager reviewers say it provides them with excellent security, password protection, and monitoring tools. A couple of users mentioned that it lacks flexibility. SailPoint IdentityIQ reviewers say it is reliable and easy to use but they would like to see improvements to the user interface and reporting abilities.
  • Pricing: Reviewers of both solutions feel that their prices are high.

  • ROI: Reviewers of both solutions report seeing an ROI.

  • Service and Support: Most users of both solutions report being satisfied with the level of support they receive.

Comparison Results: Both solutions received high marks from users. CyberArk Privileged Access Manager has an edge over SailPoint IdentityIQ due to its advanced monitoring and reporting abilities.


To learn more, read our detailed Privileged Access Management (PAM) Report (Updated: May 2023).
708,461 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution is stable.""We've written over a hundred custom connectors ourselves that allow us to do all types of privileged session management for various applications. On top of that, the rest of the API-based central credential providers allow us to get away from credentials that may be hard-coded in the script or some application.""The automatic rotation of credentials is probably the most useful feature.""The password vault and session monitoring are useful.""It is one of the best solutions in the market. Ever since I started using this solution, there has not been any compromise when it comes to our lab.""The automatic password management is the most important feature. The second most important feature is the ability to enforce dual control on the release of those passwords. The combination of these two features is the most important thing for us because we can show that we're in control of who uses any non-personal account, and when they do so.""The most valuable feature of CyberArk Privileged Access Manager is privileged threat analytics.""Performance-wise, it is excellent."

More CyberArk Privileged Access Manager Pros →

"The access certification feature is valuable.""IdentityIQ's best features are the hassle-free user experience and security.""The solution is pretty stable and simple to use.""This solution is easy to configure.""It is a scalable product.""This solution is great for providing control access across your environment.""The solution is very good at the management of the identity lifecycle.""It offers a single source of truth. Everything can be handled from one tier."

More SailPoint IdentityIQ Pros →

Cons
"PAM could be more user-friendly and CyberArk could update the documentation to include more real-world examples. You have to learn it yourself through trial and error. In particular, the online documentation should have more information about troubleshooting.""It should be easy to use for non-technical people. Its interface can be a bit difficult. Some parts of its interface are not very intuitive. Some of the controls are hidden, and instead of having a screen with all the controls for that account on it, you have to use menus and other similar things.""One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible.""What could be improved in CyberArk Privileged Access Manager is the licensing model. It should be more flexible in terms of the users. Currently, it's based on the number of users, but many users only log in once in four months or once in five months. It would be great if the licensing model could be modified based on user needs. We even have users who have not logged in even once.""Some aspects of the administration need improvement, though they have recently made improvements to the API. However, the management with the interface and configuration are not so user-friendly. It has not changed much during all the years that CyberArk has been on the market. The management part, like platform management as well as PSM connectors definition and management, could be improved, even if it has already been done with the API.""They are sometimes not flexible with things. For instance, from one day to another, there might be something that had been done years ago by CyberArk, then they say, "We do not support that." You then have to initiate a complaint and start working with them. Things might become complicated and months pass while you are working with them. Usually, they are good and fast, but sometimes they seem to be blocked with problems, e.g., you will suddenly be working with another team instead of the team that you were working with the day before.""The turnaround time for technical support is lengthy.""Its pricing is a big challenge here. When it started, the product came in at a very low cost. Now, they are the leaders in the market, so the cost has grown and is quite huge."

More CyberArk Privileged Access Manager Cons →

"The user interface could be slightly improved. It could be made simpler and more user-friendly, however, it is good enough right now.""Compared to at least one other product some of the administrative tasks could be easier or more intuitive.""The price of IdentityIQ could be lower. There are additional costs when you buy the licenses, and they force the customers to pay for them.""If there's a price reduction for SailPoint IdentityIQ, that would be helpful. Another area for improvement in the product is the technical support, which needs to be more friendly to customers.""The solution, in general, is quite expensive.""It tends to be more expensive, but at the end of the day, it works.""The mover process for this solution could be improved.""In the past, we had a lot of problems with SailPoint IdentityIQ, particularly in providing access and provisioning. There were some gaps in the operation of the solution because they were manual rather than automated, and the users and administrators were given access directly via Active Directory, and it wasn't appropriate for us at the time to use. In terms of integration, we could provide a more automated solution after a minimum number of years, but not in the SailPoint IdentityIQ platform, but there were problems in the registration, for example, with putting information inside ADP, but in general, we were able to solve those problems, and after implementing SailPoint IdentityIQ we had increased evaluations."

More SailPoint IdentityIQ Cons →

Pricing and Cost Advice
  • "The price of CyberArk support could be a little bit less. Otherwise, pricing is fine."
  • "Before we bought it, they were licensing each function individually, which got complicated and very expensive. When we decided to buy it, it was much more straightforward and still quite expensive, but it brings a lot of value and risk reduction to the organization."
  • "It is in line with its competitors, but all such solutions cost too much money."
  • "CyberArk DNA is free if you purchase the CyberArk solution. There is no additional charge for CyberArk DNA, which is great."
  • "The main problem for the tool is its licensing. I work for a really big company. When you try to develop this as a service, usually you work with leverage teams who are formed with dozens of members. You might dedicate one FTE, or less, for something, e.g., an antivirus administrator. You might have half an FTE's effort dedicated to administering the antivirus, but then you have a team of about 30 users who might access that ticket. The problem is that CyberArk eliminated the possibility of concurrent users years ago. This is a big problem for companies who work with leverage teams. You need to pay for everyone. 40 licenses are used by 20 or 30 people. This is a big problem because licenses are not precisely cheap."
  • "It's expensive, certainly. But CyberArk is the leader in the market with regards to privileged access management. You pay a lot, but you are paying for the value that is being delivered."
  • "Previously, the pricing was very meager. They started publicizing and advertising the solution, growing CyberArk, as an organization. They also changed their pricing with that growth, e.g., the pricier the product, the more people who will purchase it."
  • "Generally, I don't get involved in the licensing or the purchasing side of it, but I do know that the licenses are expensive."
  • More CyberArk Privileged Access Manager Pricing and Cost Advice →

  • "It is a costly solution. Its cost, for sure, should be reduced."
  • "You do pay one price for the license but that price depends on what you choose to include as far as the optional modules go."
  • "Usually, the cost of deploying about 5,000 licenses or 5,000 users, would be the equivalent to the cost of the license, which would be reaching up to around $90,000."
  • "You are able to get discounts if you plan to use the tool for the long-term i.e. discounts for 5+ years of usage."
  • "In terms of pricing, SailPoint IdentityIQ is affordable. It's not cheap, and it's not expensive, so the solution is in the middle, price-wise. It also didn't have additional costs, even if my company had different teams that took care of auditing and provisioning and projects that used SailPoint IdentityIQ."
  • "This is an expensive solution. I would rate it a two and a half out of five for pricing."
  • "SailPoint is expensive compared to its competitors. It's one of the most expensive products, so I'd rate it as one out of five, cost-wise."
  • "It's all competitive. Initially, the prices look a bit higher, but once it gets into a competitive situation, they meet the market. I'd rate it an eight out of ten in terms of pricing. It tends to be more expensive, but it works."
  • More SailPoint IdentityIQ Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    708,461 professionals have used our research since 2012.
    Answers from the Community
    Netanya Carmi
    Doug-MacPherson - PeerSpot reviewerDoug-MacPherson
    Consultant

    The two products are actually complimentary. Both companies have been very good about staying in their lanes and are their respective market leaders.


    CyberArk's PAM solution is aimed at protecting privileged accounts by providing features like vaulting, credential rotation, session monitoring and recording. They also have solutions for DevOps and Secrets management.


    SailPoint is an Identity Governance solution and actually manages CyberArk as an application the same way it manages accounts and privileges in SAP, AD, AAD and over 100 more applications. For CyberArk, it can add/change/delete users as well as create safes and assign users to those safes. At a user account certification time, it will show the CyberArk users and their associated privileges and allow the user's manager or other appropriate people to approve or revoke the privileged access. 


    SailPoint creates an Identity warehouse so that a user's accounts and entitlements are gathered, managed and reported on in a centralized manner. See Youtube for a quick explanation - SailPoint Identity Governance Integrates with CyberAek Privileged Access Security. 

    SailPoint does not provide the vault and session management functions that CyberArk does.

    Questions from the Community
    Top Answer:We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the… more »
    Top Answer:The most valuable feature of CyberArk Privileged Access Manager is privileged threat analytics.
    Top Answer:The price of the solution is reasonable. I rate the price CyberArk Privileged Access Manager a seven out of ten.
    Top Answer:The first valuable feature of the solution is its interface. The second feature of the solution is the level of flexibility it provides.
    Top Answer:I rate the solution a seven on a scale where one is cheap and ten is too expensive. In short, the solution falls under the higher side of pricing. For the solution, our company has secured a perpetual… more »
    Top Answer:Regarding the scope for improvement in the solution, reporting is an area that can be a bit more UI-oriented. Apart from that, it's a very good product, and I do not have any complaints about it.
    Ranking
    Views
    32,107
    Comparisons
    19,292
    Reviews
    30
    Average Words per Review
    938
    Rating
    8.5
    Views
    22,029
    Comparisons
    14,941
    Reviews
    22
    Average Words per Review
    468
    Rating
    8.4
    Comparisons
    Also Known As
    CyberArk Privileged Access Security
    IdentityIQ, SailPoint IdentityNow
    Learn More
    CyberArk
    Video Not Available
    Overview

    CyberArk Privileged Access Manager is a next-generation solution that allows users to secure both their applications and their confidential corporate information. It is extremely flexible and can be implemented across a variety of environments. This program runs with equal efficiency in a fully cloud-based, hybrid, or on-premises environment. Users can now protect their critical infrastructure and access it in any way that best meets their needs.

    CyberArk Privileged Access Manager possesses a simplified and unified user interface. Users are able to manage the solution from one place. The UI allows users to view and manage all of the information and controls that administrators need to be able to easily access. Very often, management UIs do not have all of the controls and information streamlined in a single location. This platform provides a level of visibility that ensures users will be able to view all of their system’s most critical information at any time that they wish.

    Benefits of CyberArk Privileged Access Manager

    Some of CyberArk Privileged Access Manager’s benefits include:

    • The ability to manage IDs and permissions across a cloud environment. In a world where being able to work remotely is becoming increasingly important, CyberArk Privileged Access Manager is a very valuable tool. Administrators do not need to worry about infrastructure security when they are away from the office. They can assign and manage security credentials from anywhere in the world.
    • The ability to manage the program from a single centralized UI. CyberArk Privileged Access Manager’s UI contains all of the system controls and information. Users now have the ability to view and use all of their system’s most critical information and controls from one place.
    • The ability to automate user management tasks. Administrators can save valuable time by assigning certain management tasks to be fulfilled by the system itself. Users can now reserve their time for tasks that are most pressing. It can also allow for the system to simplify the management process by having the platform perform the most complex functions.

    Reviews from Real Users

    CyberArk Privileged Access Manager’s software stands out among its competitors for one very fundamental reason. CyberArk Privileged Access Manager is an all-in-one solution. Users are given the ability to accomplish with a single platform what might usually only be accomplished with multiple solutions.

    PeerSpot users note the truly all-in-one nature of this solution. Mateusz K., IT Manager at a financial services firm, wrote, "It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."

    Hichem T.-B., CDO & Co-Founder at ELYTIK, noted that “This is a complete solution that can detect cyber attacks well. I have found the proxy features most valuable for fast password web access.”

    SailPoint is the leader in identity security for the cloud enterprise. We’re committed to protecting businesses from the inherent risk that comes with providing technology access across today’s diverse and remote workforce. Our identity security solutions secure and enable thousands of companies worldwide, giving our customers unmatched visibility into the entirety of their digital workforce, and ensuring that each worker has the right access to do their job, no more, no less. With SailPoint at the foundation of their business, our customers can provision access with confidence, protect business assets at scale and ensure compliance with certainty.

    Offer
    Learn more about CyberArk Privileged Access Manager
    Learn more about SailPoint IdentityIQ
    Sample Customers
    Rockwell Automation
    Adobe, AXA Technology Services, Cuna Mutual Group, Equifax, ING Direct, Orrstown Bank, Rockwell Automation, SallieMae, Spirit Aerosystems, TEL
    Top Industries
    REVIEWERS
    Financial Services Firm23%
    Computer Software Company15%
    Insurance Company12%
    Healthcare Company9%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm13%
    Educational Organization11%
    Government6%
    REVIEWERS
    Financial Services Firm37%
    Energy/Utilities Company16%
    Insurance Company11%
    Pharma/Biotech Company11%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government7%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise66%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise21%
    Large Enterprise61%
    REVIEWERS
    Small Business35%
    Midsize Enterprise13%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise71%
    Buyer's Guide
    Privileged Access Management (PAM)
    May 2023
    Find out what your peers are saying about CyberArk, BeyondTrust, Delinea and others in Privileged Access Management (PAM). Updated: May 2023.
    708,461 professionals have used our research since 2012.

    CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 37 reviews while SailPoint IdentityIQ is ranked 1st in User Provisioning Software with 25 reviews. CyberArk Privileged Access Manager is rated 8.4, while SailPoint IdentityIQ is rated 8.4. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of SailPoint IdentityIQ writes "End-to-end Identity Management and Access Governance solution that shows why its a Market leader". CyberArk Privileged Access Manager is most compared with Azure Active Directory (Azure AD), Cisco ISE (Identity Services Engine), Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas SailPoint IdentityIQ is most compared with Azure Active Directory (Azure AD), Okta Workforce Identity, Saviynt, One Identity Manager and SAP Identity Management.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.