Try our new research platform with insights from 80,000+ expert users

Entro Security vs One Identity Active Roles comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Entro Security
Ranking in Non-Human Identity Management (NHIM)
2nd
Average Rating
9.6
Reviews Sentiment
8.4
Number of Reviews
2
Ranking in other categories
No ranking in other categories
One Identity Active Roles
Ranking in Non-Human Identity Management (NHIM)
5th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
25
Ranking in other categories
User Provisioning Software (5th), Active Directory Management (1st)
 

Featured Reviews

YL
We get improved visibility and excellent support but require better detection of custom data
Reduction in the attack surface is the main benefit. We have not worked with it much yet, but so far, it has been good. It can be improved a bit more in the future, but so far, we have just scratched the surface with Entro Security. Entro Security has helped develop a better culture among developers. They are willing and starting to use something called Vault to store credentials, and they even do it without us telling them. In the past, they used to post everything like in ClearText, whereas now, they are voluntarily migrating the information to Vault. I am pretty sure it is because Entro Security is also annoying them. Every time there is a finding, we ping them via Slack. The ping comes from Entro itself. They do not want to be bothered by messages. They do not want to be seen as a bad employee, so they are using it on their own. It is not hard for us to establish behavioral baselines for non-human identities (NHI) in Entro Security. It is important that Entro Security’s detection and mitigation of NHI threats is done in real-time. It is becoming a worldwide issue, not only in our company. So many companies are trying to solve this issue where developers are posting credentials in plain text. It is of very high priority. It is not critical, but it is highly important. Entro Security has improved visibility, revealing the extent of our credential issues, where strong credentials like admin accounts were found in plaintext in numerous projects. We have more visibility and control. We got to know that the issue was much bigger than we thought. We thought that only one out of ten projects would have some kind of password, but we found more than five to seven projects having plain text credentials. The credentials stored were of strong accounts. They had put admin account information in plain text. We did not think it would be this severe. We thought that, at worst, they would be some maintainer credentials, but they were using full admin credentials in their code and had put them just in plain text. Entro Security has helped improve our organization’s security posture. Entro Security has decreased our exposure to risk. It reduces exposure from the inside, not from the outside.
Grzegorz Kosela - PeerSpot reviewer
Task automation simplifies user and delegation management while offering a customizable interface
Currently, task automation, like provisioning, deprovisioning, and reprovisioning, is very effective. When a user moves from one organization to another, it automatically changes their group membership and performs similar functions. Secondly, the granular delegation feature is very nice and much simpler and easier than it is natively in Microsoft. Two years ago, One Identity Active Roles was under Dell. It was quite poor. However, now, there have been notable improvements, such as faster system processing, better logging, enhanced information, and a more user-friendly interface. Once it was sold by Dell, things got better. The interface became a bit more user-friendly. The Angular user interface is much more flexible for adjusting to customer needs, and a completely new and customizable one can be created, aligning with all settings and scripts required by a customer. The ease of managing on-prem and cloud-based directories through a single pane of glass is good. I'd rate it nine out of ten. The solution's ability to provision and deprovision resources and directories like Azure AD is very simple, especially when you can integrate with the HR system and grab some data from HR. It's actually fully automatic. I don't need to even touch it. It's helped increase operational efficiency by 50%. It's helped decrease security problems around privileged accounts. We were able to decrease the number of privileged accounts and have been able to delegate more effectively. We decreased the number of high-level permissions that administrators had. For example, if someone is a DNS administrator, he has access only as far as the specific actions he needs to handle. We don't need to give away such high privileges for such a daily job. It's helped clarify roles and access. It's helped reduce identity-based breaches. If someone leaves a company, we can easily undo provisioning and close accounts. We can generate reports to see which people have which permissions and at what times. We've just integrated with our HR system. It helps us follow activated and deactivated users. I'd rate the granular controls on offer ten out of ten. We've saved on manpower in terms of the work of the administrators. There's good reporting and functionality, and it's very transparent. You can connect more than one directory and manage everything from one pane. You can do many things from one interface.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"They are very helpful and responsive. They acknowledge issues, take feedback seriously, and implement features based on user requests."
"The top features of Entro Security that stand out are its ease of onboarding and discovery."
"We have eased the burden on the support desk and reduced the risk of them doing something they shouldn't."
"It gives us attribute-level control and the AD management features work very well."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Active Roles helped increase operational efficiency in our organization."
"It is an easier way for me to manage Active Directory with more advanced features."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"Active Roles is easy to configure. It isn't a plug-and-play solution, and you need expertise to set it up. However, once you have your templates, it's easy to deploy in a highly decentralized environment. The custom configuration for our customers is fantastic, especially the web interface."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
 

Cons

"Entro Security could benefit from improvements in IAM control to allow segregation of duties among developers."
"The detection of generic content or custom data specific to our company needs improvement. It has trouble detecting unique patterns of secrets."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"There are areas for improvement in One Identity Active Roles that include updating the web interface, creating an API accessible from the web, and improving overall performance, as it can be slow at times."
"The user interface needs to be more modern and scalable. There are certain screen resolutions where the product is unusable."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"Customer support is rated six. Sometimes having a fix for a bug takes too much time. While in production, issues tend to take a while to resolve."
"Most of the time it just works."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"There is always room to improve the user interface for increased clarity. I believe enhancements to the console are also necessary because it is more confusing than the web interface."
 

Pricing and Cost Advice

Information not available
"The pricing is on the higher end."
"The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."
"It's expensive."
"The licensing model is a simple user-based model, not that much complicated."
"The pricing for Active Roles is expensive but not as expensive as other solutions like Okta."
"The pricing is high. I have not been involved with the renewal or cost aspect, but I know it is not cheap by any means. However, it is very useful for our environment."
"It's fairly priced."
report
Use our free recommendation engine to learn which Non-Human Identity Management (NHIM) solutions are best for your needs.
863,679 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Hospitality Company
17%
Healthcare Company
15%
Computer Software Company
10%
Legal Firm
10%
Computer Software Company
16%
Financial Services Firm
10%
Healthcare Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Entro Security?
Entro Security is not the cheapest solution. However, I am willing to pay for quality cybersecurity products. We received a good discount this year, which significantly reduced the price. Next year...
What needs improvement with Entro Security?
Entro Security could benefit from improvements in IAM control to allow segregation of duties among developers. Providing a more modular alerting system to have proactive measures without extensive ...
What is your primary use case for Entro Security?
I am a Security Engineer at a company called Regatta. We started using Entro Security to address a request from one of the head developers to gain control over secrets and identities. We initially ...
What is your experience regarding pricing and costs for One Identity Active Roles?
The product is expensive, but if you want to save money, the delegation set-up process is quite easy. After setting up Active Roles once, defining the delegation model, it is very efficient, almost...
What needs improvement with One Identity Active Roles?
One area for improvement would be the Entra ID side, including better delegation for Entra ID objects and more granular permissions. We would also like to see better Entra ID license management usi...
 

Also Known As

No data available
Quest Active Roles
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Paramount, Agoda, Dropbox, Kayak, Elastic, Fubo, SafeBreach, Sprinklr, Aqua, Mastech Digital, Solarwinds, Crum&Forster, Regatta Group, ISO New England, Nasuni, Maccabi Healthcare Services
City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
Find out what your peers are saying about Entro Security vs. One Identity Active Roles and other solutions. Updated: July 2025.
863,679 professionals have used our research since 2012.