Try our new research platform with insights from 80,000+ expert users

CyberArk Privileged Access Manager vs Symantec Siteminder comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

CyberArk Privileged Access ...
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
224
Ranking in other categories
User Activity Monitoring (1st), Enterprise Password Managers (2nd), Privileged Access Management (PAM) (1st), Mainframe Security (2nd), Operational Technology (OT) Security (3rd)
Symantec Siteminder
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
75
Ranking in other categories
Single Sign-On (SSO) (13th), Web Access Management (1st), Access Management (12th)
 

Featured Reviews

Abdul Durrani - PeerSpot reviewer
Enables granular and secure access with just-in-time access and Zero Trust model
CyberArk provides a good amount of control over access types. However, as a future enhancement, having additional features for cross-platform integration would be beneficial. It would be good to have integrations with other tools and firewalls, such as Zscaler and CrowdStrike. Although I am not fully aware of recent updates, more cross-platform integration would be valuable. A SOC analyst would like to have centralized access in terms of information flowing in even for privileged access management. They would like to have control over everything instead of opening four to five tabs for different sorts of information. Cross-platform integration would help with that. Customers also want CyberArk's pricing to be better so that they can implement it further and have more licenses. Implementing a privileged access management solution can be challenging. It would be great if CyberArk could provide recommendations based on the compliance standards of an organization. It would help system admins ensure that all the required ports are closed and the systems are being managed properly. If any system is not being used anymore, any ports opened for that system need to be closed. Having such recommendations would be helpful.
Muzi Lubisi - PeerSpot reviewer
Improved user experience with seamless integration and easy installation
The feature that I mostly valued is the ease of installation on different systems, especially on Windows. Additionally, it is very beneficial for deploying single sign-on sessions between different windows on a web browser, provided I am connected to the right identity provider. That seamless integration significantly improves user experience and efficiency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The technical support is good."
"It is scalable."
"Because we now have the ability to grant access to management utilities like DNS Manager, Sequel Studio, and MMC, in a secure fashion, without system admins being required to continually reenter various passwords that are stored who knows where, it has really made the system admin's job much easier. It has made the PSM's job much easier. It has made the auditor's job and the security team's job and the access manager's job significantly easier, because we're able to move much more quickly toward a role-based access management system, and that is really streamlining the whole onboarding/offboarding management process."
"The session recording and monitoring capabilities are valuable. We have real-time session management ability to record, audit, and monitor any privileged user activities. That is a big deal."
"CyberArk Privileged Access Manager indeed helps meet compliance and regulatory requirements for customers, especially in the financial sector, by aligning with PCI DSS standards."
"When we started with RPA, there was a requirement that every credential and the bots themselves be protected through the PAM system. From the get-go, we've had CyberArk in the middle... We've got a pretty robust RPA implementation with our PAM platform. Users, bots, the credentials — everything is managed via our PAM solution."
"Provides improved security around having your credentials locked down and rotated regularly."
"CyberArk has a lot of modules."
"The most valuable feature is the integration with the Active Directory."
"IWA is an out-of-the-box feature. The SAML-based federation is standard for all tools. However, CA Single Sign-On has made the federation configuration way too simple and handy to set up and use."
"If you look at our organization, and really all financial institutions, we have a lot of legacy apps. So it really helps to get Single Sign-On."
"You can quickly deploy the entire product with a basic config within couple of hours."
"It has considerably reduced the amount of time that new users would take to join into the organization. Previously, it was a lengthy, manual process because it's a very secure environment, where they need to verify the user before they can actually grant him a user-ID and password. Integrating with the built-in custom application, and exposing CA Single Sign On to the internet, we were able to get the employees onboard. The time that we gained was: previously it would generally take from four to eight weeks for each employee, we brought it to one to two days."
"Ease of use is very good, for administrating it. It's very well known."
"The feature that I mostly valued is the ease of installation on different systems, especially on Windows."
"Authentication & Authorization are important because all the sites need authentication for security purposes. That has been handled pretty well all these years with SSO."
 

Cons

"The Vault's disaster recovery features need improvement."
"It would be good to have integrations with other tools and firewalls, such as Zscaler and CrowdStrike. Although I am not fully aware of recent updates, more cross-platform integration would be valuable. A SOC analyst would like to have centralized access in terms of information flowing in even for privileged access management. They would like to have control over everything instead of opening four to five tabs for different sorts of information."
"This product needs professional consulting services to onboard accounts effectively based user profiles."
"I would like to see is the policy export and import. When we expend, we do not want to just hand do a policy."
"The initial setup was somewhat complex."
"It is only good as a PAM solution. If they could work more on Privileged Threat Analytics, it would be beneficial. It has limitations, so improvements on PTA would be fine."
"Maintaining the product is challenging. Upgrades require a lot of resources, as it impacts the entire organization. For example, upgrading components like the Privileged Session Manager (PSM) and the vault is time-consuming and difficult. In the long term, I would like to see these processes simplified, especially for on-premise installations."
"When I was a component owner for PAM's Privileged Threat Analytics (PTA) component, what I wanted was a clear mapping to the MITRE ATT&CK framework, a framework which has a comprehensive list of use cases. We reached out to the vendor and asked them how much coverage they have of the uses cases found on MITRE, which would have given us a better view of things while I was the product owner. Unfortunately they did not have the capability of mapping onto MITRE's framework at that time."
"I'd like to see a rework of the user directory configuration."
"CA has reporting at the moment. With the reporting, every particular segmented product has a reporting engine. I would like to see centralized reporting for all of them together."
"Some of the new protocols, like OAuth 2.0, could be improved."
"Siteminder needs to improve its user experience."
"We're currently unable to find information about if the solution can do a full implementation with SQL. Some better and more accessible documentation for new users or those curious about the product would be helpful."
"I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product."
"We are finding some compatibility issues. We're still working with CA on them."
"An area Siteminder could improve on is that there are a few limitations, in terms of new protocols for OpenID. If I want to have different scopes, the features are limited. They also do not have APIs exposed, which is a major drawback. API is a feature I would like to see included in the next release."
 

Pricing and Cost Advice

"With reducing the privileged account access, there has been a huge improvement. They are now bringing more accounts on a little at a time."
"Compared to other solutions, it is costly."
"The product’s pricing is feasible for enterprise customers. The pricing is expensive for smaller businesses. You need to pay additional costs for service implementation and local support."
"CyberArk Privileged Access Manager is on the expensive side. It is very expensive."
"I rate the tool's pricing an eight out of ten."
"It's per-company, license-based."
"I do not have any opinions to add about the pricing of the product."
"Its price is high. I have also worked with Delinea. CyberArk is comparatively expensive compared to other PAM solutions, such as Delinea, especially during renewal."
"The pricing is reasonable."
"The solution's pricing is competitive."
"Symantec Siteminder is expensive; they could definitely do better on the price."
"CA solutions are generally expensive but for the customer the ROI is big."
"Siteminder is a little costly. You pay for licensing, and they offer packages, so if you have less users, then you have to buy different products at different prices. If you have more of a user base, then the package is different. They also include other features—for example, if you have a database and you're using Siteminder, then it's good to use a Semantic-specific database, but if you are using less, then you have to purchase the database separately. Whereas if you are going for a bigger license, then it comes within the package. It depends on which plan you are using."
"The price is quite comparable to the other enterprise-level solutions in that market."
"I recommend conducting a PoC on every available product before choose one."
"The licensing is fair for this solution."
report
Use our free recommendation engine to learn which Access Management solutions are best for your needs.
861,170 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
16%
Financial Services Firm
14%
Computer Software Company
14%
Manufacturing Company
7%
Financial Services Firm
32%
Insurance Company
12%
Manufacturing Company
7%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Sailpoint IdentityIQ compare with CyberArk PAM?
We evaluated Sailpoint IdentityIQ before ultimately choosing CyberArk. Sailpoint Identity Platform is a solution to manage risks in cloud enterprise environments. It automates and streamlines the m...
What do you like most about CyberArk Privileged Access Manager?
The most valuable features of the solution are control and analytics.
What do you like most about Symantec Siteminder?
It's agent-based. It's convenient to deploy and integrate.
What needs improvement with Symantec Siteminder?
Symantec Siteminder needs to have adaptive authentication and multi-factor authentication as integrated features. Currently, multi-factor authentication is available as a separate solution, and it ...
 

Also Known As

CyberArk Privileged Access Security, CyberArk Enterprise Password Vault
SiteMinder, CA SSO, Layer7 SiteMinder
 

Overview

 

Sample Customers

Rockwell Automation
British Telecom, CoreBlox, DBS, HMS, Itera ASA and Simeo
Find out what your peers are saying about CyberArk Privileged Access Manager vs. Symantec Siteminder and other solutions. Updated: June 2025.
861,170 professionals have used our research since 2012.