We performed a comparison between CyberArk Privileged Access Manager and Symantec Privileged Access Manager based on real PeerSpot user reviews.
Find out in this report how the two Privileged Access Management (PAM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Technical support is very helpful whenever we have any questions."
"We found the initial setup to be easy."
"It improves security in our company. We have more than 10,000 accounts that we manage in CyberArk. We use these accounts for SQLs, Windows Server, and Unix. Therefore, keeping these passwords up-to-date in another solution or software would be impossible. Now, we have some sort of a platform to manage passwords, distribute the inflow, and manage IT teams as well as making regular changes to it according to the internal security policies in our bank."
"We like it for the ability to automatically change passwords. At least for my group, that's the best thing."
"The fact that I can put my vault here in a central location on one net for example, and I'll have a CPM in California, a CPM in Texas, a CPM in New York, a CPM in Florida, and actually be able to grow with my company and not necessarily have to continue to grow my vault until I get to a certain number accounts - yet I can still manage everything across the country, if not the world - I love that. I love the flexibility and the capability of being able to pull those components out."
"Securely protects our TAP/NUID and privileged access accounts within the company."
"It is a single tool that isolates possible kinds of malware. You get lateral movement blocking and auditing information, e.g., you know who is doing what. You are getting protections from the service as well as a useful environment. All your admins can easily go in and out of your company while accessing your servers in a secure way, even if they are working abroad."
"I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"It will provide us with more security."
"Stability is solid as a rock."
"It is great for identity governance."
"It gives you list of servers, so you can see which users have access to which servers. This is really useful, so we can make sure nobody is getting extra access than what is needed."
"CA PAM is working well for us."
"We know we can scale up with what we have, and we probably will not need to buy any further appliances down the road."
"You can do A2A integration. You can have your own script, which can then run outside of PA to retrieve the password and perform other tasks."
"We can enforce complicated password policies and very important frequent password changes."
"There is room for improvement in the pricing model."
"Overall what I would really love to see is the third-party PAS reporter tool pulled more into the overall solution, ideally as its own deployable component service installation package."
"More than the product itself, there is room for improvement in the documentation. The documentation should be very detailed and very structured. It has a lot of good information, on one level, but I feel that it could be more elaborate and more structured."
"It's a big program. To scale excessively, locally, on an on-prem application, takes a lot of servers."
"Stability is a huge concern right now. We are on a version which is very unstable. We have to upgrade to stabilize it. It is fine, but the problem is we have to hire CyberArk to do the upgrade. This costs money, and it is their bug."
"If you are an administrator or architect, then the solution is kind of complicated, as it is mostly focused on the end user. So, they need to also focus on the people who are implementing it."
"We would like to expand the usage of the auto discovery accounts feed, then on our end, tie in the REST API for automation."
"When something comes out, it's generally airtight and works as advertised. However, sometimes they are a little bit slow to keep up with what's coming out. In 2017, for example, they released support for Windows Server 2016, which had been out for a year or so."
"They should include some assignments in the test environment to explore the product's features."
"The service account management functionality needs to be extended to application pools, SQL database, PowerShell scripts, service account discovery, etc."
"They need to do a little bit more on the mainframe side."
"What I hope happens with the new product CA PAM is to keep all the useful features that exist in PA, but what I’ve noticed with many new products is the UI gets polished but systems lags stability and performance or it adds additional complexity instead of simplifying the user experience."
"I’m no fan of Java as an application front-end, as it tends to have issues depending on what browser one’s using."
"Instead of just giving passwords to the user based on job function, from auditing perspective, turn that cycle around. That would really help from an auditing standpoint."
"I wish it could create local accounts on desktops."
"The response time for support could be faster. Some features should be added: cloud-based, VPN-less, more secure, and it should be adjusted in a hybrid environment."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
More Symantec Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Symantec Privileged Access Manager is ranked 18th in Privileged Access Management (PAM) with 50 reviews. CyberArk Privileged Access Manager is rated 8.8, while Symantec Privileged Access Manager is rated 7.8. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Symantec Privileged Access Manager writes "Allows IT and consultants to access the infrastructure environment but needs more security and better support". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Symantec Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), BeyondTrust Endpoint Privilege Management, ARCON Privileged Access Management, Delinea Secret Server and VMware Identity Manager. See our CyberArk Privileged Access Manager vs. Symantec Privileged Access Manager report.
See our list of best Privileged Access Management (PAM) vendors.
We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.